pyrox.dev
Merge pull request #160195 from illustris/proxmox-lxc
nixos/proxmox-lxc: init
authored by Jörg Thalheim and committed by GitHub a9252603 0c1592eb
+64
nixos/modules/virtualisation/proxmox-lxc.nix
+64
nixos/modules/virtualisation/proxmox-lxc.nix
···
1
+
{ config, pkgs, lib, ... }:
2
+
3
+
with lib;
4
+
5
+
{
6
+
options.proxmoxLXC = {
7
+
privileged = mkOption {
8
+
type = types.bool;
9
+
default = false;
10
+
description = ''
11
+
Whether to enable privileged mounts
12
+
'';
13
+
};
14
+
manageNetwork = mkOption {
15
+
type = types.bool;
16
+
default = false;
17
+
description = ''
18
+
Whether to manage network interfaces through nix options
19
+
When false, systemd-networkd is enabled to accept network
20
+
configuration from proxmox.
21
+
'';
22
+
};
23
+
};
24
+
25
+
config =
26
+
let
27
+
cfg = config.proxmoxLXC;
28
+
in
29
+
{
30
+
system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix {
31
+
storeContents = [{
32
+
object = config.system.build.toplevel;
33
+
symlink = "none";
34
+
}];
35
+
36
+
contents = [{
37
+
source = config.system.build.toplevel + "/init";
38
+
target = "/sbin/init";
39
+
}];
40
+
41
+
extraCommands = "mkdir -p root etc/systemd/network";
42
+
};
43
+
44
+
boot = {
45
+
isContainer = true;
46
+
loader.initScript.enable = true;
47
+
};
48
+
49
+
networking = mkIf (!cfg.manageNetwork) {
50
+
useDHCP = false;
51
+
useHostResolvConf = false;
52
+
useNetworkd = true;
53
+
};
54
+
55
+
services.openssh = {
56
+
enable = mkDefault true;
57
+
startWhenNeeded = mkDefault true;
58
+
};
59
+
60
+
systemd.mounts = mkIf (!cfg.privileged)
61
+
[{ where = "/sys/kernel/debug"; enable = false; }];
62
+
63
+
};
64
+
}