Server7: define container options within per-container configs

This commit is contained in:
Ehmry - 2020-01-26 13:13:48 +01:00
parent a203683694
commit d17a7e01e9
4 changed files with 47 additions and 43 deletions

View File

@ -1,25 +1,25 @@
{ config, pkgs, lib, ... }: name:
{ (import ../outer-defaults.nix name) // {
imports = [ config = { config, pkgs, lib, ... }: {
../../../../lib/hq.nix imports = [ (../inner-defaults.nix) (../../../../lib/yggdrasil-hq.nix) ];
services.uhub = { services.uhub = {
enable = true;
enableTLS = false;
hubConfig = ''
plugins.history.enable = true;
plugins.welcome = {
enable = true; enable = true;
motd = config.users.motd; enableTLS = false;
hubConfig = ''
plugins.history.enable = true;
plugins.welcome = {
enable = true;
motd = config.users.motd;
}; };
networking.firewall.allowedTCPPorts = [ ];
hq.yggdrasil.enable = true;
}; };
networking.firewall.allowedTCPPorts = [ ];
hq.yggdrasil.enable = true;
} }

View File

@ -5,31 +5,9 @@ let
containerFunc = name: containerFunc = name:
# Generate a container expression from the directory at `name`. # Generate a container expression from the directory at `name`.
with builtins; {
hash = hashString "sha256" name;
hextet0 = substring 0 4 hash;
hextet1 = substring 4 4 hash;
in {
inherit name; inherit name;
value = { value = import (./. + "/${name}") name;
# These are attributes common to each container
# from the perspective of the host.
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress6 = "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
# Generate a deterministic IPv6 address for the container.
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
config = { ... }: {
imports = [ ../../../lib (./. + "/${name}") ];
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq.interface = "eth0";
}; };
containerDir = builtins.readDir ../containers; containerDir = builtins.readDir ../containers;
@ -47,7 +25,7 @@ in {
lxc.containers = { lxc.containers = {
trivial = { trivial = {
nixos-config = "/tmp/trivial.nix"; nixos-config = "/tmp/trivial.nix";
lxc = {}; lxc = { };
}; };
}; };
} }

View File

@ -0,0 +1,8 @@
{ ... }: {
imports = [ ../../../lib ];
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq.interface = "eth0";

View File

@ -0,0 +1,18 @@
let yggaddr = import ../yggaddr.nix;
in {
# These the container defaults from the perspective of the host.
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress6 = with builtins; let
hash = hashString "sha256" name;
hextet0 = substring 0 4 hash;
hextet1 = substring 4 4 hash;
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
# Generate a deterministic IPv6 address for the container.
# This address is accessible within HQ and Yggdrasil but not from ARPANET.