Server7: define container options within per-container configs
This commit is contained in:
parent
a203683694
commit
d17a7e01e9
|
@ -1,25 +1,25 @@
|
||||||
{ config, pkgs, lib, ... }:
|
name:
|
||||||
|
|
||||||
{
|
(import ../outer-defaults.nix name) // {
|
||||||
imports = [
|
config = { config, pkgs, lib, ... }: {
|
||||||
../../../../lib/hq.nix
|
imports = [ (../inner-defaults.nix) (../../../../lib/yggdrasil-hq.nix) ];
|
||||||
];
|
|
||||||
|
|
||||||
services.uhub = {
|
services.uhub = {
|
||||||
enable = true;
|
|
||||||
enableTLS = false;
|
|
||||||
hubConfig = ''
|
|
||||||
hub_name=c3d2
|
|
||||||
hub_description=<<</>>
|
|
||||||
'';
|
|
||||||
plugins.history.enable = true;
|
|
||||||
plugins.welcome = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
motd = config.users.motd;
|
enableTLS = false;
|
||||||
|
hubConfig = ''
|
||||||
|
hub_name=c3d2
|
||||||
|
hub_description=<<</>>
|
||||||
|
'';
|
||||||
|
plugins.history.enable = true;
|
||||||
|
plugins.welcome = {
|
||||||
|
enable = true;
|
||||||
|
motd = config.users.motd;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
|
||||||
|
hq.yggdrasil.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
|
|
||||||
|
|
||||||
hq.yggdrasil.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,31 +5,9 @@ let
|
||||||
|
|
||||||
containerFunc = name:
|
containerFunc = name:
|
||||||
# Generate a container expression from the directory at `name`.
|
# Generate a container expression from the directory at `name`.
|
||||||
with builtins;
|
{
|
||||||
let
|
|
||||||
hash = hashString "sha256" name;
|
|
||||||
hextet0 = substring 0 4 hash;
|
|
||||||
hextet1 = substring 4 4 hash;
|
|
||||||
in {
|
|
||||||
inherit name;
|
inherit name;
|
||||||
value = {
|
value = import (./. + "/${name}") name;
|
||||||
# These are attributes common to each container
|
|
||||||
# from the perspective of the host.
|
|
||||||
autoStart = true;
|
|
||||||
privateNetwork = true;
|
|
||||||
hostBridge = "br0";
|
|
||||||
localAddress6 = "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
|
||||||
# Generate a deterministic IPv6 address for the container.
|
|
||||||
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
|
|
||||||
config = { ... }: {
|
|
||||||
imports = [ ../../../lib (./. + "/${name}") ];
|
|
||||||
c3d2 = {
|
|
||||||
isInHq = true;
|
|
||||||
mapHqHosts = true;
|
|
||||||
hq.interface = "eth0";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
containerDir = builtins.readDir ../containers;
|
containerDir = builtins.readDir ../containers;
|
||||||
|
@ -47,7 +25,7 @@ in {
|
||||||
lxc.containers = {
|
lxc.containers = {
|
||||||
trivial = {
|
trivial = {
|
||||||
nixos-config = "/tmp/trivial.nix";
|
nixos-config = "/tmp/trivial.nix";
|
||||||
lxc = {};
|
lxc = { };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
{ ... }: {
|
||||||
|
imports = [ ../../../lib ];
|
||||||
|
c3d2 = {
|
||||||
|
isInHq = true;
|
||||||
|
mapHqHosts = true;
|
||||||
|
hq.interface = "eth0";
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,18 @@
|
||||||
|
name:
|
||||||
|
|
||||||
|
let yggaddr = import ../yggaddr.nix;
|
||||||
|
in {
|
||||||
|
# These the container defaults from the perspective of the host.
|
||||||
|
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
|
||||||
|
localAddress6 = with builtins; let
|
||||||
|
hash = hashString "sha256" name;
|
||||||
|
hextet0 = substring 0 4 hash;
|
||||||
|
hextet1 = substring 4 4 hash;
|
||||||
|
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
||||||
|
# Generate a deterministic IPv6 address for the container.
|
||||||
|
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
|
||||||
|
}
|
Loading…
Reference in New Issue