From 84818541d5db5a1c129c29506a6eca8e8faf6522 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2023 21:25:37 +0200 Subject: sync-containers3: add startComamnd option --- krebs/3modules/sync-containers3.nix | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'krebs/3modules/sync-containers3.nix') diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index c88dd5919..6d3a71324 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -32,6 +32,17 @@ in { type = lib.types.bool; default = true; }; + startCommand = lib.mkOption { + type = lib.types.str; + default = '' + set -efu + mkdir -p /var/state/var_src + ln -Tfrs /var/state/var_src /var/src + if test -e /var/src/nixos-config; then + /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || : + fi + ''; + }; }; })); }; @@ -52,14 +63,7 @@ in { NIX_REMOTE = "daemon"; }; wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" '' - set -efu - mkdir -p /var/state/var_src - ln -Tfrs /var/state/var_src /var/src - if test -e /var/src/nixos-config; then - /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || : - fi - ''; + serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ctr.startCommand; unitConfig.X-StopOnRemoval = false; }; }; -- cgit v1.2.3 From 8a62119217a92691e80fb0991b223694419373d4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 3 Nov 2023 18:43:57 +0100 Subject: sync-containers3: use ping from path --- krebs/3modules/sync-containers3.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'krebs/3modules/sync-containers3.nix') diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index 6d3a71324..7bec27b0f 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -88,6 +88,7 @@ in { { "${ctr.name}_syncer" = { path = with pkgs; [ coreutils + inetutils consul rsync openssh @@ -107,7 +108,7 @@ in { set -efux consul lock sync_${ctr.name} ${pkgs.writers.writeDash "${ctr.name}-sync" '' set -efux - if /run/wrappers/bin/ping -c 1 ${ctr.name}.r; then + if ping -c 1 ${ctr.name}.r; then nice --adjustment=30 rsync -a -e "ssh -i $CREDENTIALS_DIRECTORY/ssh_key" --timeout=30 --inplace --sparse container_sync@${ctr.name}.r:disk "$HOME"/disk.rsync touch "$HOME"/incomplete nice --adjustment=30 rsync --inplace "$HOME"/disk.rsync "$HOME"/disk @@ -120,6 +121,7 @@ in { { "${ctr.name}_watcher" = lib.mkIf ctr.runContainer { path = with pkgs; [ coreutils + inetutils consul cryptsetup curl @@ -149,7 +151,7 @@ in { export payload if [ "$(jq -rn 'env.payload | fromjson.host')" = '${config.networking.hostName}' ]; then # echo 'we are the host, trying to reach container' - if $(retry -t 10 -d 10 -- /run/wrappers/bin/ping -q -c 1 ${ctr.name}.r > /dev/null); then + if $(retry -t 10 -d 10 -- ping -q -c 1 ${ctr.name}.r > /dev/null); then # echo 'container is reachable, continueing' continue else @@ -177,6 +179,7 @@ in { wantedBy = [ "multi-user.target" ]; path = with pkgs; [ coreutils + inetutils consul cryptsetup mount @@ -232,8 +235,8 @@ in { /run/current-system/sw/bin/nixos-container start ${ctr.name} # wait for system to become reachable for the first time systemctl start ${ctr.name}_watcher.service - retry -t 10 -d 10 -- /run/wrappers/bin/ping -q -c 1 ${ctr.name}.r > /dev/null - while systemctl is-active container@${ctr.name}.service >/devnull && /run/wrappers/bin/ping -q -c 3 ${ctr.name}.r >/dev/null; do + retry -t 10 -d 10 -- ping -q -c 1 ${ctr.name}.r > /dev/null + while systemctl is-active container@${ctr.name}.service >/devnull && ping -q -c 3 ${ctr.name}.r >/dev/null; do consul kv put containers/${ctr.name} "$(jq -cn '{host: "${config.networking.hostName}", time: now}')" >/dev/null sleep 10 done -- cgit v1.2.3 From 334378bc5730f7758a3e45346f6641b4464fc97d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 25 Nov 2023 12:42:10 +0100 Subject: sync-containers3: bind to bridge after startup --- krebs/3modules/sync-containers3.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'krebs/3modules/sync-containers3.nix') diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index 7bec27b0f..58446c82b 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -246,9 +246,11 @@ in { }; } { "container@${ctr.name}" = lib.mkIf ctr.runContainer { serviceConfig = { - ExecStop = pkgs.writers.writeDash "remove_interface" '' - ${pkgs.iproute2}/bin/ip link del vb-${ctr.name} - ''; + ExecStartPost = [ + (pkgs.writers.writeDash "bind-to-bridge" '' + ${pkgs.iproute2}/bin/ip link set "vb-$INSTANCE" master ctr0 + '') + ]; }; }; } ]) (lib.attrValues cfg.containers))); -- cgit v1.2.3