DEVELOPMENT ENVIRONMENT

~liljamo/nix-arta

ref: a2307139c283dc5eb3b5855a073203f78e30462d nix-arta/docs/lxc.md -rw-r--r-- 977 bytes
a2307139Jonni Liljamo chore: update flake inputs, don't touch nvim-flake nixpkgs 20 days ago

#LXC

Docs for LXC things.

#Creating a new NixOS LXC container

#Build the base image

nix build ".#lxcbase"

Take the output of that, and import it into Proxmox.

#Create the container from the image

Do a normal container setup, without IP setup.

Add the following to /etc/pve/lxc/ID.conf for Tailscale to work:

lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file

#Make an entry in this repository for the wanted container

A bare minimum setup, meaning a host with:

  • the LXC profile,
  • the base role,
  • IP map in util,
  • secrets configured

Get the age key for the host with:

nix-shell -p ssh-to-age --run 'ssh-keyscan 10.1.2.2 | ssh-to-age'

That might fail at first. If it does, ssh once into the container to trust the fingerprint and try again.

#Rebuild the real container on top of the base, the base is available at 10.1.2.2

Might need two rebuilds.

#Profit

And done!