Nspawn containers use host network for now.

2021-10-28 15:18:03 +02:00 · 2021-10-28 15:18:03 +02:00 · 4305b3f653
commit 4305b3f653
parent 29b64aadfd
1 changed files with 28 additions and 0 deletions
--- a/services/nspawn.nix
+++ b/services/nspawn.nix
@ -0,0 +1,28 @@
+{ config, lib, ... }:
+
+with lib;
+
+mkIf (elem "nspawn" config.machine.services) {
+  systemd = let
+    fn = import ../fn.nix { inherit lib; };
+  in {
+    nspawn = recursiveUpdate (listToAttrs (
+      (map (
+        name: {
+          name = name;
+          value = { networkConfig.VirtualEthernet = "no"; };
+        }
+      )
+        (fn.lst { p = /var/lib/machines; t = "directory"; b = false; })
+      ))) {
+        "64Arch" = {
+          filesConfig = {
+            "BindReadOnly" = ["/tmp/.X11-unix"];
+            "Bind" = ["/dev/snd" "/dev/dri"];
+            # TODO: Add this to service overrides
+            # "DeviceAllow" = [ "/dev/dri/renderD128" ];
+          };
+        };
+      };
+  };
+}