nixos/modules/containers: Remove host bridge config

2022-05-02 17:34:48 +01:00
parent ce79151182
commit 5290c78b06
2 changed files with 41 additions and 46 deletions
--- a/nixos/boxes/colony.nix
+++ b/nixos/boxes/colony.nix
@@ -18,7 +18,7 @@
          };

          firewall = {
-            trustedInterfaces = [ "blah" ];
+            trustedInterfaces = [ "virtual" ];
            nat = {
              externalInterface = "eth0";
              forwardPorts = [
@@ -33,7 +33,9 @@
          server.enable = true;

          containers = {
-            instances.vaultwarden = {};
+            instances.vaultwarden = {
+              networking.bridge = "virtual";
+            };
          };
        };

@@ -59,6 +61,26 @@
          };
        };

+        systemd.network = {
+          netdevs."25-virtual-bridge".netdevConfig = {
+            Name = "virtual";
+            Kind = "bridge";
+          };
+          networks."80-virtual-bridge" = {
+            matchConfig = {
+              Name = "virtual";
+              Driver = "bridge";
+            };
+            networkConfig = {
+              Address = "172.16.137.1/24";
+              DHCPServer = true;
+              # TODO: Configuration for routed IPv6 (and maybe IPv4)
+              IPMasquerade = "both";
+              IPv6SendRA = true;
+            };
+          };
+        };
+
        #systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
      };
  };