Use macvlan instead of bridge

2024-06-03 13:44:25 -07:00 · 2024-06-03 13:44:25 -07:00 · 2a983b0c19
commit 2a983b0c19
parent 172b04ef07
1 changed files with 23 additions and 15 deletions
--- a/paris-container.nix
+++ b/paris-container.nix
@ -162,13 +162,14 @@ in {
      }) parisKeypairs));
    networking = {
      bridges.auth0.interfaces = [ "ldap0" ];
      interfaces = {
-        ldap0.virtual = true;
+        auth0 = {
-        auth0.ipv4.addresses = [{
+          virtual = true;
-          address = "172.16.128.1";
+          ipv4.addresses = [{
-          prefixLength = 24;
+            address = "172.16.128.1";
-        }];
+            prefixLength = 24;
          }];
        };
      };
    };
@ -180,8 +181,7 @@ in {
    };
    containers.paris = {
-      macvlans = [ cfg.networking.interface ];
+      macvlans = [ cfg.networking.interface "auth0" ];
      extraVeths.paris0 = { hostBridge = "paris-auth0"; };
      bindMounts = {
        "/home" = {
          hostPath = "${cfg.state-directory}/home";
@ -275,14 +275,22 @@ in {
            enable = true;
            allowedTCPPorts = [ 22 ] ++ cfg.ports;
          };
-          interfaces."mv-${cfg.networking.interface}" = {
+          interfaces = {
-            ipv4.addresses = optional (!isNull cfg.networking.ipv4) {
+            mv-auth0 = {
-              address = cfg.networking.ipv4.address;
+              ipv4.addresses = [{
-              prefixLength = cfg.networking.ipv4.prefixLength;
+                address = "172.16.128.2";
                prefixLength = 28;
              }];
            };
-            ipv6.addresses = optional (!isNull cfg.networking.ipv6) {
+            "mv-${cfg.networking.interface}" = {
-              address = cfg.networking.ipv6.address;
+              ipv4.addresses = optional (!isNull cfg.networking.ipv4) {
-              prefixLength = cfg.networking.ipv6.prefixLength;
+                address = cfg.networking.ipv4.address;
                prefixLength = cfg.networking.ipv4.prefixLength;
              };
              ipv6.addresses = optional (!isNull cfg.networking.ipv6) {
                address = cfg.networking.ipv6.address;
                prefixLength = cfg.networking.ipv6.prefixLength;
              };
            };
          };
        };