2023-11-16 01:09:35 +00:00
|
|
|
/*
|
|
|
|
|
Once https://github.com/NixOS/nixpkgs/pull/267764 is merged this can be removed
|
|
|
|
|
*/
|
|
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
with lib; {
|
|
|
|
|
options.proxmoxLXC = {
|
|
|
|
|
enable = mkOption {
|
|
|
|
|
default = true;
|
|
|
|
|
type = types.bool;
|
2024-06-27 12:19:12 +00:00
|
|
|
description = lib.mdDoc "Whether to enable the Proxmox VE LXC module.";
|
2023-11-16 01:09:35 +00:00
|
|
|
};
|
|
|
|
|
privileged = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = false;
|
2024-06-27 12:19:12 +00:00
|
|
|
description = ''
|
2023-11-16 01:09:35 +00:00
|
|
|
Whether to enable privileged mounts
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
manageNetwork = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = false;
|
2024-06-27 12:19:12 +00:00
|
|
|
description = ''
|
2023-11-16 01:09:35 +00:00
|
|
|
Whether to manage network interfaces through nix options
|
|
|
|
|
When false, systemd-networkd is enabled to accept network
|
|
|
|
|
configuration from proxmox.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
manageHostName = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = false;
|
2024-06-27 12:19:12 +00:00
|
|
|
description = ''
|
2023-11-16 01:09:35 +00:00
|
|
|
Whether to manage hostname through nix options
|
|
|
|
|
When false, the hostname is picked up from /etc/hostname
|
|
|
|
|
populated by proxmox.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = let
|
|
|
|
|
cfg = config.proxmoxLXC;
|
|
|
|
|
in
|
|
|
|
|
mkIf cfg.enable {
|
|
|
|
|
system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix {
|
|
|
|
|
storeContents = [
|
|
|
|
|
{
|
|
|
|
|
object = config.system.build.toplevel;
|
|
|
|
|
symlink = "none";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
contents = [
|
|
|
|
|
{
|
|
|
|
|
source = config.system.build.toplevel + "/init";
|
|
|
|
|
target = "/sbin/init";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
extraCommands = "mkdir -p root etc/systemd/network";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
boot = {
|
|
|
|
|
isContainer = true;
|
|
|
|
|
loader.initScript.enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
2024-06-27 12:19:12 +00:00
|
|
|
console.enable = true;
|
|
|
|
|
|
2023-11-16 01:09:35 +00:00
|
|
|
networking = mkIf (!cfg.manageNetwork) {
|
|
|
|
|
useDHCP = false;
|
|
|
|
|
useHostResolvConf = false;
|
|
|
|
|
useNetworkd = true;
|
|
|
|
|
# pick up hostname from /etc/hostname generated by proxmox
|
|
|
|
|
hostName = mkIf (!cfg.manageHostName) (mkForce "");
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
|
enable = mkDefault true;
|
|
|
|
|
startWhenNeeded = mkDefault true;
|
|
|
|
|
};
|
|
|
|
|
|
2024-06-27 12:19:12 +00:00
|
|
|
systemd = {
|
|
|
|
|
mounts = mkIf (!cfg.privileged) [
|
2023-11-16 01:09:35 +00:00
|
|
|
{
|
|
|
|
|
enable = false;
|
2024-06-27 12:19:12 +00:00
|
|
|
where = "/sys/kernel/debug";
|
2023-11-16 01:09:35 +00:00
|
|
|
}
|
|
|
|
|
];
|
2024-06-27 12:19:12 +00:00
|
|
|
services."getty@".unitConfig.ConditionPathExists = ["" "/dev/%I"];
|
|
|
|
|
};
|
2023-11-16 01:09:35 +00:00
|
|
|
};
|
|
|
|
|
}
|
