Loading nixos/modules/virtualisation/nixos-containers.nix +9 −2 Original line number Diff line number Diff line Loading @@ -2,6 +2,7 @@ config, lib, pkgs, utils, ... }@host: Loading Loading @@ -1052,8 +1053,14 @@ in } // (optionalAttrs containerConfig.autoStart { wantedBy = [ "machines.target" ]; wants = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${i}.device") cfg.interfaces); after = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${i}.device") cfg.interfaces); wants = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${utils.escapeSystemdPath i}.device") cfg.interfaces); after = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${utils.escapeSystemdPath i}.device") cfg.interfaces); restartTriggers = [ containerConfig.path config.environment.etc."${configurationDirectoryName}/${name}.conf".source Loading nixos/tests/containers-physical_interfaces.nix +32 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,28 @@ }; }; }; autoStart = { ... }: { virtualisation.vlans = [ 1 ]; networking.useNetworkd = true; systemd.network.netdevs."20-dummy-test".netdevConfig = { Name = "dummy-test"; Kind = "dummy"; }; containers.autoStart = { autoStart = true; privateNetwork = true; interfaces = [ "dummy-test" ]; config = { networking.firewall.enable = false; }; }; }; bridged = { ... }: { Loading Loading @@ -117,6 +139,16 @@ # that the device is present in the container. server.succeed("nixos-container run server -- ip a show dev eth1 >&2") with subtest("Simple dummy interface is up, with autoStart enabled"): autoStart.wait_for_unit("container@autoStart") # Check if any dependency of container@autoStart.service timed out. # If a non-existing .device dependency is set in Wants, systemd will # wait until that unit times out, resulting a delay of the container. autoStart.fail("journalctl _PID=1 | grep sys-subsystem-net-devices | grep 'timed out'") autoStart.succeed("nixos-container run autoStart -- ip a show dev dummy-test >&2") with subtest("Physical device in bridge in container can ping server"): bridged.wait_for_unit("default.target") bridged.succeed("nixos-container start bridged") Loading Loading
nixos/modules/virtualisation/nixos-containers.nix +9 −2 Original line number Diff line number Diff line Loading @@ -2,6 +2,7 @@ config, lib, pkgs, utils, ... }@host: Loading Loading @@ -1052,8 +1053,14 @@ in } // (optionalAttrs containerConfig.autoStart { wantedBy = [ "machines.target" ]; wants = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${i}.device") cfg.interfaces); after = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${i}.device") cfg.interfaces); wants = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${utils.escapeSystemdPath i}.device") cfg.interfaces); after = [ "network.target" ] ++ (map (i: "sys-subsystem-net-devices-${utils.escapeSystemdPath i}.device") cfg.interfaces); restartTriggers = [ containerConfig.path config.environment.etc."${configurationDirectoryName}/${name}.conf".source Loading
nixos/tests/containers-physical_interfaces.nix +32 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,28 @@ }; }; }; autoStart = { ... }: { virtualisation.vlans = [ 1 ]; networking.useNetworkd = true; systemd.network.netdevs."20-dummy-test".netdevConfig = { Name = "dummy-test"; Kind = "dummy"; }; containers.autoStart = { autoStart = true; privateNetwork = true; interfaces = [ "dummy-test" ]; config = { networking.firewall.enable = false; }; }; }; bridged = { ... }: { Loading Loading @@ -117,6 +139,16 @@ # that the device is present in the container. server.succeed("nixos-container run server -- ip a show dev eth1 >&2") with subtest("Simple dummy interface is up, with autoStart enabled"): autoStart.wait_for_unit("container@autoStart") # Check if any dependency of container@autoStart.service timed out. # If a non-existing .device dependency is set in Wants, systemd will # wait until that unit times out, resulting a delay of the container. autoStart.fail("journalctl _PID=1 | grep sys-subsystem-net-devices | grep 'timed out'") autoStart.succeed("nixos-container run autoStart -- ip a show dev dummy-test >&2") with subtest("Physical device in bridge in container can ping server"): bridged.wait_for_unit("default.target") bridged.succeed("nixos-container start bridged") Loading
