diff --git a/nix/nixos-module/lxc-containers.nix b/nix/nixos-module/lxc-containers.nix index 61ee2aa..3856eb4 100644 --- a/nix/nixos-module/lxc-containers.nix +++ b/nix/nixos-module/lxc-containers.nix @@ -16,6 +16,52 @@ let ); enabled = containers != {}; + netConfig = ctName: interfaces: + let + config = map (netName: + let + ifData = interfaces.${netName}; + in { + type = ifData.type; + flags = "up"; + hwaddr = if ifData ? hwaddr + then ifData.hwaddr + else "0A:14:48:01:26:00"; + } // (lib.optionalAttrs (ifData.type == "veth") { + veth.pair = "${ctName}-${netName}"; + veth.mode = "bridge"; + link = "br-${netName}"; + }) // (lib.optionalAttrs (ifData.type == "phys") { + link = "bond0.TODO"; + }) + # TODO: addrs + ) (builtins.attrNames interfaces); + + serialize = name: x: + if builtins.isString x + then "${name} = ${x}\n" + else if builtins.isAttrs x + then builtins.concatStringsSep "" ( + map (n: serialize "${name}.${n}" x.${n}) (builtins.attrNames x) + ) + else if builtins.isList x + then + let + enumerate = xs: n: + if xs == [] + then [] + else [ { + e = builtins.head xs; + i = n; + } ] ++ enumerate (builtins.tail xs) (n + 1); + in + builtins.concatStringsSep "" ( + map ({ e, i }: serialize "${name}.${toString i}" e) (enumerate x 0) + ) + else throw "Invalid data in lxc net config: ${lib.generators.toPretty {} x}"; + in + builtins.trace "config: ${lib.generators.toPretty {} config}" ( + serialize "lxc.net" config); in { virtualisation.lxc = lib.mkIf enabled { @@ -39,7 +85,7 @@ in enable = true; source = let - inherit (containers.${ctName}) interface; + inherit (containers.${ctName}) interfaces; in builtins.trace ctName builtins.toFile "${ctName}.conf" '' # For lxcfs and sane defaults lxc.include = /etc/lxc/common.conf @@ -77,12 +123,7 @@ in # tuntap lxc.cgroup.devices.allow = c 10:200 rw - lxc.net.0.type = veth - lxc.net.0.flags = up - lxc.net.0.veth.mode = bridge - lxc.net.0.veth.pair = test - lxc.net.0.link = virbr0 - lxc.net.0.hwaddr = 00:23:de:ad:be:ef + ${netConfig ctName interfaces} ''; }; }) {