nixos/containers: Add assertion for container name length

When privateNetwork is enabled, currently the container's interface name
is derived from the container name. However, there's a hard limit
on the size of interface names. To avoid conflicts and other issues,
we set a limit on the container name when privateNetwork is enabled.

Fixes #38509
This commit is contained in:
Arian van Putten 2018-12-02 15:24:17 +01:00
parent 7035598251
commit bf102825ef

View File

@ -457,6 +457,16 @@ in
{ boot.isContainer = true; { boot.isContainer = true;
networking.hostName = mkDefault name; networking.hostName = mkDefault name;
networking.useDHCP = false; networking.useDHCP = false;
assertions = [
{
assertion = config.privateNetwork -> stringLength name < 12;
message = ''
Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
not be longer than 11 characters, because the container's interface name is derived from it.
This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
'';
}
];
}; };
in [ extraConfig ] ++ (map (x: x.value) defs); in [ extraConfig ] ++ (map (x: x.value) defs);
prefix = [ "containers" name ]; prefix = [ "containers" name ];