[PATCH container 1/1] Setup: add NixOS support

Harikrishnan R rharikrishnan95 at gmail.com
Mon Feb 14 11:08:46 CET 2022 

> /etc/os-release file
NixOS does not guarantee the presence of this file. It is absent by default
in LXC images.

> "nix" is a valid word in some languages
We could check for "/nix/store" instead. I'll change it to this in the
updated patch.

> networking itself doesn't seem too bad to generate
True, generating the nix expression is not too difficult. The problem is
that NixOS containers:
1. Need not (and most likely will not) have config files present inside
them by default
2. Will not read network config out of .nix files and apply them on boot
Unlike most other distros, the complete system state needs to be rebuilt to
apply changes
from .nix config files. Additionally, LXC images may not even come with the
tools necessary
to do a rebuild by themselves, and might just have updated system states
pushed to them
over the network.

> unmanaged CT but with systemd network setup
Not just systemd network setup, it allows setting up of resolv.conf and SSH
keys too.
The only two options that are unsupported at the moment are hostname and
password.

I added a module for generating VMA templates[0] a few months ago, and I'm
working on a
proxmox LXC module now. It might be possible to add password and hostname
support in
the future by having a service that reads these configs off a predefined
file that proxmox adds
to the rootfs, but I'm not able to put time into that right now.

[0]:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/proxmox-image.nix

I'll send the CLA, add the Signed-off-by and submit the updated patch in
some time.

On Mon, 14 Feb 2022 at 12:36, Thomas Lamprecht <t.lamprecht at proxmox.com>
wrote:

> thanks for your contribution!
>
> meta:
> The commit is missing your Signed-off-by and, FWICT, we don't have yet a
> signed CLA - if that's the case please check:
>
> https://pve.proxmox.com/wiki/Developer_Documentation#Software_License_and_Copyright
>
> On 13.02.22 14:27, Harikrishnan R wrote:
> > Distro detection is done through the presence of a /nix folder.
>
> seems a bit arbitrary and we only still do such things in general for
> legacy
> reasons, new distros should be able to get the info from the (somewhat)
> standard
> /etc/os-release file - or is that not guaranteed for Nix
>
> Note that "nix" is a valid word in some languages, e.g., in german so
> finding
> such a folder, in another distro is, while unlikely, not completely
> impossible.
>
> > NixOS typically uses a script-based network configuration system
> > that isn't easy to configure from the outside. LXC templates
>
> Can be ok for an initial inclusion, and while networking itself doesn't
> seems
> to bad to generate [0], the level of how elaborate that should parse and
> cooperate with existing Nix statements can naturally complicate that, but
> adding a fixed output at the top of the file into a comment marked
> section, like
> we do already for other distros, should allow to override it by the user
> internally.
>
> [0]: https://nixos.wiki/wiki/Networking
>
> > generated for proxmox are instead expected to use systemd-networkd.
>
>
> So, basically this is just like a unmanaged CT but with systemd network
> setup?
> Not sure if that adds /that/ much value over unmanaged, or maybe better
> said,
> as currently implements this would rather be a "sd-network" ostype.
> On the other hand, such simple distro types have not /that/ much cost to
> maintain
> either, so not intending to block this - albeit some more elaborate
> implementation
> would be welcomed :-)
>
>

-- 
Regards,

Harikrishnan R

More information about the pve-devel mailing list