public/paris-container
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use macvlan instead of bridge

Browse Source
This commit is contained in:
niten 2024-06-03 13:44:25 -07:00
parent 172b04ef07
commit 2a983b0c19
1 changed files with 23 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
paris-container.nix
View File

@ -162,15 +162,16 @@ in {
}) parisKeypairs)); }) parisKeypairs));
networking = { networking = {
bridges.auth0.interfaces = [ "ldap0" ];
interfaces = { interfaces = {
ldap0.virtual = true; auth0 = {
auth0.ipv4.addresses = [{ virtual = true;
ipv4.addresses = [{
address = "172.16.128.1"; address = "172.16.128.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
}; };
};
virtualisation.oci-containers.containers.paris-ldap-proxy = { virtualisation.oci-containers.containers.paris-ldap-proxy = {
image = cfg.ldap.image; image = cfg.ldap.image;
@ -180,8 +181,7 @@ in {
}; };
containers.paris = { containers.paris = {
macvlans = [ cfg.networking.interface ]; macvlans = [ cfg.networking.interface "auth0" ];
extraVeths.paris0 = { hostBridge = "paris-auth0"; };
bindMounts = { bindMounts = {
"/home" = { "/home" = {
hostPath = "${cfg.state-directory}/home"; hostPath = "${cfg.state-directory}/home";
@ -275,7 +275,14 @@ in {
enable = true; enable = true;
allowedTCPPorts = [ 22 ] ++ cfg.ports; allowedTCPPorts = [ 22 ] ++ cfg.ports;
}; };
interfaces."mv-${cfg.networking.interface}" = { interfaces = {
mv-auth0 = {
ipv4.addresses = [{
address = "172.16.128.2";
prefixLength = 28;
}];
};
"mv-${cfg.networking.interface}" = {
ipv4.addresses = optional (!isNull cfg.networking.ipv4) { ipv4.addresses = optional (!isNull cfg.networking.ipv4) {
address = cfg.networking.ipv4.address; address = cfg.networking.ipv4.address;
prefixLength = cfg.networking.ipv4.prefixLength; prefixLength = cfg.networking.ipv4.prefixLength;
@ -289,4 +296,5 @@ in {
}; };
}; };
}; };
};
} }