nixos/containers: Add assertion for container name length

When privateNetwork is enabled, currently the container's interface name is derived from the container name. However, there's a hard limit on the size of interface names. To avoid conflicts and other issues, we set a limit on the container name when privateNetwork is enabled. Fixes #38509
2018-12-02 15:24:17 +01:00 · 2018-12-02 15:24:17 +01:00 · bf102825ef
commit bf102825ef
parent 7035598251
1 changed files with 10 additions and 0 deletions
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -457,6 +457,16 @@ in
                      { boot.isContainer = true;
                        networking.hostName = mkDefault name;
                        networking.useDHCP = false;
+                        assertions = [
+                          {
+                            assertion =  config.privateNetwork -> stringLength name < 12;
+                            message = ''
+                              Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
+                              not be longer than 11 characters, because the container's interface name is derived from it.
+                              This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
+                            '';
+                          }
+                        ];
                      };
                    in [ extraConfig ] ++ (map (x: x.value) defs);
                  prefix = [ "containers" name ];