DEVELOPMENT ENVIRONMENT

~liljamo/nix-arta

ref: 05ad1d6833f47aadbdf22782a4b18e2c78ae068b nix-arta/docs/lxc.md -rw-r--r-- 977 bytes
05ad1d68Jonni Liljamo fix(lxc/roles/base): set mutableUsers to false 8 days ago

#LXC

Docs for LXC things.

#Creating a new NixOS LXC container

#Build the base image

nix build ".#lxcbase"

Take the output of that, and import it into Proxmox.

#Create the container from the image

Do a normal container setup, without IP setup.

Add the following to /etc/pve/lxc/ID.conf for Tailscale to work:

lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file

#Make an entry in this repository for the wanted container

A bare minimum setup, meaning a host with:

  • the LXC profile,
  • the base role,
  • IP map in util,
  • secrets configured

Get the age key for the host with:

nix-shell -p ssh-to-age --run 'ssh-keyscan 10.1.2.2 | ssh-to-age'

That might fail at first. If it does, ssh once into the container to trust the fingerprint and try again.

#Rebuild the real container on top of the base, the base is available at 10.1.2.2

Might need two rebuilds.

#Profit

And done!