From bf102825efa1deb8de1afca4ed7541c098f6b068 Mon Sep 17 00:00:00 2001 From: Arian van Putten Date: Sun, 2 Dec 2018 15:24:17 +0100 Subject: [PATCH] nixos/containers: Add assertion for container name length When privateNetwork is enabled, currently the container's interface name is derived from the container name. However, there's a hard limit on the size of interface names. To avoid conflicts and other issues, we set a limit on the container name when privateNetwork is enabled. Fixes #38509 --- nixos/modules/virtualisation/containers.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 2fcc0f254256..fba69f7b42ba 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -457,6 +457,16 @@ in { boot.isContainer = true; networking.hostName = mkDefault name; networking.useDHCP = false; + assertions = [ + { + assertion = config.privateNetwork -> stringLength name < 12; + message = '' + Container name `${name}` is too long: When `privateNetwork` is enabled, container names can + not be longer than 11 characters, because the container's interface name is derived from it. + This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509 + ''; + } + ]; }; in [ extraConfig ] ++ (map (x: x.value) defs); prefix = [ "containers" name ];