DEVELOPMENT ENVIRONMENT

~liljamo/nix-arta

ref: d361cc9314a3bf0aa4cacfa0a921cf24fbd2cd84 nix-arta/docs/lxc.md -rw-r--r-- 986 bytes
d361cc93Jonni Liljamo chore(ws): update nvim-flake 7 days ago

#LXC

Docs for LXC things.

#Creating a new NixOS LXC container

#Build the base image

cd lxc/
nix build ".#template"

Take the output of that, and import it into Proxmox.

#Create the container from the image

Do a normal container setup, without IP setup.

Add the following to /etc/pve/lxc/ID.conf for Tailscale to work:

lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file

#Make an entry in this repository for the wanted container

A bare minimum setup, meaning a host with:

  • the LXC profile,
  • the base role,
  • IP map in util,
  • secrets configured

Get the age key for the host with:

nix-shell -p ssh-to-age --run 'ssh-keyscan 10.1.2.2 | ssh-to-age'

That might fail at first. If it does, ssh once into the container to trust the fingerprint and try again.

#Rebuild the real container on top of the base, the base is available at 10.1.2.2

Might need two rebuilds.

#Profit

And done!