mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 15:03:28 +00:00
nixos/containers: add bridge without address specified
According to systemd-nspawn(1), --network-bridge implies --network-veth, and --port option is supported only when private networking is enabled. Fixes #52417.
This commit is contained in:
parent
9a262a71a1
commit
53013ead39
@ -36,7 +36,7 @@ let
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
|
||||
# Initialise the container side of the veth pair.
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || [ -n "$HOST_BRIDGE" ]; then
|
||||
|
||||
ip link set host0 name eth0
|
||||
ip link set dev eth0 up
|
||||
@ -90,18 +90,20 @@ let
|
||||
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
|
||||
extraFlags+=" --network-veth"
|
||||
if [ -n "$HOST_BRIDGE" ]; then
|
||||
extraFlags+=" --network-bridge=$HOST_BRIDGE"
|
||||
fi
|
||||
if [ -n "$HOST_PORT" ]; then
|
||||
OIFS=$IFS
|
||||
IFS=","
|
||||
for i in $HOST_PORT
|
||||
do
|
||||
extraFlags+=" --port=$i"
|
||||
done
|
||||
IFS=$OIFS
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_PORT" ]; then
|
||||
OIFS=$IFS
|
||||
IFS=","
|
||||
for i in $HOST_PORT
|
||||
do
|
||||
extraFlags+=" --port=$i"
|
||||
done
|
||||
IFS=$OIFS
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_BRIDGE" ]; then
|
||||
extraFlags+=" --network-bridge=$HOST_BRIDGE"
|
||||
fi
|
||||
|
||||
extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}"
|
||||
|
@ -45,6 +45,19 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
};
|
||||
};
|
||||
|
||||
containers.web-noip =
|
||||
{
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
config =
|
||||
{ services.httpd.enable = true;
|
||||
services.httpd.adminAddr = "foo@example.org";
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
virtualisation.pathsInNixDB = [ pkgs.stdenv ];
|
||||
};
|
||||
|
||||
@ -56,6 +69,10 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
# Start the webserver container.
|
||||
$machine->succeed("nixos-container status webserver") =~ /up/ or die;
|
||||
|
||||
# Check if bridges exist inside containers
|
||||
$machine->succeed("nixos-container run webserver -- ip link show eth0");
|
||||
$machine->succeed("nixos-container run web-noip -- ip link show eth0");
|
||||
|
||||
"${containerIp}" =~ /([^\/]+)\/([0-9+])/;
|
||||
my $ip = $1;
|
||||
chomp $ip;
|
||||
|
Loading…
Reference in New Issue
Block a user