DEVELOPMENT ENVIRONMENT

~liljamo/nix-arta

ref: bf3f7ad56d6f5e6876c4af187f82987bbf356af3 nix-arta/docs/lxc.md -rw-r--r-- 977 bytes
bf3f7ad5Jonni Liljamo feat: move oci 9 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# LXC
Docs for LXC things.

## Creating a new NixOS LXC container
### Build the base image
```
nix build ".#lxcbase"
```
Take the output of that, and import it into Proxmox.

### Create the container from the image
Do a normal container setup, without IP setup.

Add the following to `/etc/pve/lxc/ID.conf` for Tailscale to work:
```
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
```

### Make an entry in this repository for the wanted container
A bare minimum setup, meaning a host with:
 * the LXC profile,
 * the base role,
 * IP map in util,
 * secrets configured

Get the age key for the host with:
```
nix-shell -p ssh-to-age --run 'ssh-keyscan 10.1.2.2 | ssh-to-age'
```
That might fail at first. If it does, ssh once into the container to trust the
fingerprint and try again.

### Rebuild the real container on top of the base, the base is available at 10.1.2.2
Might need two rebuilds.

### Profit
And done!