nixos/systemd: fix TUN networking in LXC containers (#81481)

in LXC container /dev/net/tun is pre-available, "dev-net-tun.device" always fails
This commit is contained in:
volth 2020-08-06 02:12:57 +00:00 committed by GitHub
parent 8d57f75f7a
commit 7503f280c8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions

View file

@ -73,7 +73,7 @@ let
"systemd-journald.service" "systemd-journald.service"
"systemd-journal-flush.service" "systemd-journal-flush.service"
"systemd-journal-catalog-update.service" "systemd-journal-catalog-update.service"
"systemd-journald-audit.socket" ] ++ (optional (!config.boot.isContainer) "systemd-journald-audit.socket") ++ [
"systemd-journald-dev-log.socket" "systemd-journald-dev-log.socket"
"syslog.socket" "syslog.socket"
@ -101,7 +101,7 @@ let
"dev-hugepages.mount" "dev-hugepages.mount"
"dev-mqueue.mount" "dev-mqueue.mount"
"sys-fs-fuse-connections.mount" "sys-fs-fuse-connections.mount"
"sys-kernel-config.mount" ] ++ (optional (!config.boot.isContainer) "sys-kernel-config.mount") ++ [
"sys-kernel-debug.mount" "sys-kernel-debug.mount"
# Maintaining state across reboots. # Maintaining state across reboots.

View file

@ -253,8 +253,8 @@ let
createTunDevice = i: nameValuePair "${i.name}-netdev" createTunDevice = i: nameValuePair "${i.name}-netdev"
{ description = "Virtual Network Interface ${i.name}"; { description = "Virtual Network Interface ${i.name}";
bindsTo = [ "dev-net-tun.device" ]; bindsTo = optional (!config.boot.isContainer) "dev-net-tun.device";
after = [ "dev-net-tun.device" "network-pre.target" ]; after = optional (!config.boot.isContainer) "dev-net-tun.device" ++ [ "network-pre.target" ];
wantedBy = [ "network-setup.service" (subsystemDevice i.name) ]; wantedBy = [ "network-setup.service" (subsystemDevice i.name) ];
partOf = [ "network-setup.service" ]; partOf = [ "network-setup.service" ];
before = [ "network-setup.service" ]; before = [ "network-setup.service" ];