Use macvlan instead of bridge
This commit is contained in:
parent
172b04ef07
commit
2a983b0c19
@ -162,13 +162,14 @@ in {
|
||||
}) parisKeypairs));
|
||||
|
||||
networking = {
|
||||
bridges.auth0.interfaces = [ "ldap0" ];
|
||||
interfaces = {
|
||||
ldap0.virtual = true;
|
||||
auth0.ipv4.addresses = [{
|
||||
address = "172.16.128.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
auth0 = {
|
||||
virtual = true;
|
||||
ipv4.addresses = [{
|
||||
address = "172.16.128.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -180,8 +181,7 @@ in {
|
||||
};
|
||||
|
||||
containers.paris = {
|
||||
macvlans = [ cfg.networking.interface ];
|
||||
extraVeths.paris0 = { hostBridge = "paris-auth0"; };
|
||||
macvlans = [ cfg.networking.interface "auth0" ];
|
||||
bindMounts = {
|
||||
"/home" = {
|
||||
hostPath = "${cfg.state-directory}/home";
|
||||
@ -275,14 +275,22 @@ in {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 ] ++ cfg.ports;
|
||||
};
|
||||
interfaces."mv-${cfg.networking.interface}" = {
|
||||
ipv4.addresses = optional (!isNull cfg.networking.ipv4) {
|
||||
address = cfg.networking.ipv4.address;
|
||||
prefixLength = cfg.networking.ipv4.prefixLength;
|
||||
interfaces = {
|
||||
mv-auth0 = {
|
||||
ipv4.addresses = [{
|
||||
address = "172.16.128.2";
|
||||
prefixLength = 28;
|
||||
}];
|
||||
};
|
||||
ipv6.addresses = optional (!isNull cfg.networking.ipv6) {
|
||||
address = cfg.networking.ipv6.address;
|
||||
prefixLength = cfg.networking.ipv6.prefixLength;
|
||||
"mv-${cfg.networking.interface}" = {
|
||||
ipv4.addresses = optional (!isNull cfg.networking.ipv4) {
|
||||
address = cfg.networking.ipv4.address;
|
||||
prefixLength = cfg.networking.ipv4.prefixLength;
|
||||
};
|
||||
ipv6.addresses = optional (!isNull cfg.networking.ipv6) {
|
||||
address = cfg.networking.ipv6.address;
|
||||
prefixLength = cfg.networking.ipv6.prefixLength;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user