diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-10-03 17:15:36 +0200 | 
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-10-03 17:15:36 +0200 | 
| commit | 9248259708bd6ade5e334a2cdfb29d2a20acb0dd (patch) | |
| tree | 976a140d547557c8cdf98856510030fd35b83d1a /modules | |
| parent | 59e54bd97f70711573d321f2d2aeee5da46bf95d (diff) | |
| download | nixos-9248259708bd6ade5e334a2cdfb29d2a20acb0dd.tar nixos-9248259708bd6ade5e334a2cdfb29d2a20acb0dd.tar.gz nixos-9248259708bd6ade5e334a2cdfb29d2a20acb0dd.tar.bz2 nixos-9248259708bd6ade5e334a2cdfb29d2a20acb0dd.tar.xz nixos-9248259708bd6ade5e334a2cdfb29d2a20acb0dd.zip | |
...
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/netns.nix | 14 | ||||
| -rw-r--r-- | modules/zfssnap/default.nix | 2 | 
2 files changed, 8 insertions, 8 deletions
| diff --git a/modules/netns.nix b/modules/netns.nix index d4f07feb..dca3c0db 100644 --- a/modules/netns.nix +++ b/modules/netns.nix | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | { pkgs, config, lib, ... }: | 1 | { pkgs, config, lib, ... }: | 
| 2 | 2 | ||
| 3 | with lib; | 3 | with lib; | 
| 4 | 4 | ||
| 5 | let | 5 | let | 
| 6 | cfg = config.networking.namespaces; | 6 | cfg = config.networking.namespaces; | 
| @@ -56,12 +56,12 @@ let | |||
| 56 | wants = ["network.target"]; | 56 | wants = ["network.target"]; | 
| 57 | conflicts = ["shutdown.target"]; | 57 | conflicts = ["shutdown.target"]; | 
| 58 | 58 | ||
| 59 | path = with pkgs; [ iproute config.systemd.package ]; | 59 | path = with pkgs; [ iproute2 config.systemd.package ]; | 
| 60 | 60 | ||
| 61 | serviceConfig = { | 61 | serviceConfig = { | 
| 62 | SyslogIdentifier = "netns container ${containerName}"; | 62 | SyslogIdentifier = "netns container ${containerName}"; | 
| 63 | Type = "notify"; | 63 | Type = "notify"; | 
| 64 | 64 | ||
| 65 | RestartForceExitStatus = "133"; | 65 | RestartForceExitStatus = "133"; | 
| 66 | SuccessExitStatus = "133"; | 66 | SuccessExitStatus = "133"; | 
| 67 | 67 | ||
| @@ -114,7 +114,7 @@ let | |||
| 114 | --capability=CAP_SYS_TTY_CONFIG,CAP_NET_ADMIN,CAP_NET_RAW,CAP_SYS_ADMIN \ | 114 | --capability=CAP_SYS_TTY_CONFIG,CAP_NET_ADMIN,CAP_NET_RAW,CAP_SYS_ADMIN \ | 
| 115 | --ephemeral \ | 115 | --ephemeral \ | 
| 116 | --network-namespace-path=/run/netns/${containerCfg.netns} \ | 116 | --network-namespace-path=/run/netns/${containerCfg.netns} \ | 
| 117 | ${containerInit} "${containerCfg.config.system.build.toplevel}/init" | 117 | ${containerInit} "${containerCfg.config.system.build.toplevel}/init" | 
| 118 | ''; | 118 | ''; | 
| 119 | }; | 119 | }; | 
| 120 | in { | 120 | in { | 
| @@ -133,13 +133,13 @@ in { | |||
| 133 | assertions = [ | 133 | assertions = [ | 
| 134 | { assertion = cfg.containers != {} -> cfg.enable; message = "netns containers require netns@ service template"; } | 134 | { assertion = cfg.containers != {} -> cfg.enable; message = "netns containers require netns@ service template"; } | 
| 135 | ]; | 135 | ]; | 
| 136 | 136 | ||
| 137 | systemd.services = { | 137 | systemd.services = { | 
| 138 | "netns@" = mkIf cfg.enable { | 138 | "netns@" = mkIf cfg.enable { | 
| 139 | description = "%I network namspace"; | 139 | description = "%I network namspace"; | 
| 140 | before = [ "network-pre.target" ]; | 140 | before = [ "network-pre.target" ]; | 
| 141 | wants = [ "network-pre.target" ]; | 141 | wants = [ "network-pre.target" ]; | 
| 142 | path = with pkgs; [ iproute utillinux ]; | 142 | path = with pkgs; [ iproute2 util-linux ]; | 
| 143 | serviceConfig = { | 143 | serviceConfig = { | 
| 144 | Type = "oneshot"; | 144 | Type = "oneshot"; | 
| 145 | RemainAfterExit = true; | 145 | RemainAfterExit = true; | 
| @@ -149,7 +149,7 @@ in { | |||
| 149 | umount /var/run/netns/"$1" | 149 | umount /var/run/netns/"$1" | 
| 150 | mount --bind /proc/self/ns/net /var/run/netns/"$1" | 150 | mount --bind /proc/self/ns/net /var/run/netns/"$1" | 
| 151 | ''} %I"; | 151 | ''} %I"; | 
| 152 | ExecStop = "${pkgs.iproute}/bin/ip netns del %I"; | 152 | ExecStop = "${pkgs.iproute2}/bin/ip netns del %I"; | 
| 153 | }; | 153 | }; | 
| 154 | }; | 154 | }; | 
| 155 | } // mapAttrs' mkContainerService cfg.containers; | 155 | } // mapAttrs' mkContainerService cfg.containers; | 
| diff --git a/modules/zfssnap/default.nix b/modules/zfssnap/default.nix index f3e2f9c2..42cdf46f 100644 --- a/modules/zfssnap/default.nix +++ b/modules/zfssnap/default.nix | |||
| @@ -11,7 +11,7 @@ let | |||
| 11 | 11 | ||
| 12 | buildInputs = with pkgs; [makeWrapper]; | 12 | buildInputs = with pkgs; [makeWrapper]; | 
| 13 | 13 | ||
| 14 | python = pkgs.python39.withPackages (ps: with ps; [pyxdg pytimeparse dateutil]); | 14 | python = pkgs.python39.withPackages (ps: with ps; [pyxdg pytimeparse python-dateutil]); | 
| 15 | 15 | ||
| 16 | buildPhase = '' | 16 | buildPhase = '' | 
| 17 | substitute $src zfssnap \ | 17 | substitute $src zfssnap \ | 
