diff --git a/paris-container.nix b/paris-container.nix index a316f91..8194ed5 100644 --- a/paris-container.nix +++ b/paris-container.nix @@ -162,13 +162,14 @@ in { }) parisKeypairs)); networking = { - bridges.auth0.interfaces = [ "ldap0" ]; interfaces = { - ldap0.virtual = true; - auth0.ipv4.addresses = [{ - address = "172.16.128.1"; - prefixLength = 24; - }]; + auth0 = { + virtual = true; + ipv4.addresses = [{ + address = "172.16.128.1"; + prefixLength = 24; + }]; + }; }; }; @@ -180,8 +181,7 @@ in { }; containers.paris = { - macvlans = [ cfg.networking.interface ]; - extraVeths.paris0 = { hostBridge = "paris-auth0"; }; + macvlans = [ cfg.networking.interface "auth0" ]; bindMounts = { "/home" = { hostPath = "${cfg.state-directory}/home"; @@ -275,14 +275,22 @@ in { enable = true; allowedTCPPorts = [ 22 ] ++ cfg.ports; }; - interfaces."mv-${cfg.networking.interface}" = { - ipv4.addresses = optional (!isNull cfg.networking.ipv4) { - address = cfg.networking.ipv4.address; - prefixLength = cfg.networking.ipv4.prefixLength; + interfaces = { + mv-auth0 = { + ipv4.addresses = [{ + address = "172.16.128.2"; + prefixLength = 28; + }]; }; - ipv6.addresses = optional (!isNull cfg.networking.ipv6) { - address = cfg.networking.ipv6.address; - prefixLength = cfg.networking.ipv6.prefixLength; + "mv-${cfg.networking.interface}" = { + ipv4.addresses = optional (!isNull cfg.networking.ipv4) { + address = cfg.networking.ipv4.address; + prefixLength = cfg.networking.ipv4.prefixLength; + }; + ipv6.addresses = optional (!isNull cfg.networking.ipv6) { + address = cfg.networking.ipv6.address; + prefixLength = cfg.networking.ipv6.prefixLength; + }; }; }; };