Containers: Use /etc/resolv.conf supplied by the host

This used to work with systemd-nspawn 203, because it bind-mounted /etc/resolv.conf (so openresolv couldn't overwrite it). Now it's just copied, so we need some special handling.
2014-04-18 16:40:27 +02:00 · 2014-04-18 16:40:27 +02:00 · 21573af9fb
parent 5c62d3d26b
commit 21573af9fb
4 changed files with 19 additions and 2 deletions
--- a/nixos/modules/system/boot/stage-2-init.sh
+++ b/nixos/modules/system/boot/stage-2-init.sh
@ -96,8 +96,6 @@ mkdir -m 0755 -p /etc/nixos

 # Miscellaneous boot time cleanup.
 rm -rf /var/run /var/lock
-rm -f /etc/resolv.conf
-touch /etc/resolv.conf
 rm -f /etc/{group,passwd,shadow}.lock

 if test -n "@cleanTmpDir@"; then
@ -149,6 +147,12 @@ if test -n "$resumeDevice"; then
 fi


+# Use /etc/resolv.conf supplied by systemd-nspawn, if applicable.
+if [ -n "@useHostResolvConf@" -a -e /etc/resolv.conf ]; then
+    cat /etc/resolv.conf | resolvconf -m 1000 -a host
+fi
+
+
 # Run the script that performs all configuration activation that does
 # not have to be done at boot time.
 echo "running activation script..."
--- a/nixos/modules/system/boot/stage-2.nix
+++ b/nixos/modules/system/boot/stage-2.nix
@ -19,11 +19,13 @@ let
    isExecutable = true;
    inherit (config.boot) devShmSize runSize cleanTmpDir;
    inherit (config.nix) readOnlyStore;
+    inherit (config.networking) useHostResolvConf;
    ttyGid = config.ids.gids.tty;
    path =
      [ pkgs.coreutils
        pkgs.utillinux
        pkgs.sysvtools
+        pkgs.openresolv
      ] ++ (optional config.boot.cleanTmpDir pkgs.findutils)
      ++ optional config.nix.readOnlyStore readonlyMountpoint;
    postBootCommands = pkgs.writeText "local-cmds"
--- a/nixos/modules/tasks/network-interfaces.nix
+++ b/nixos/modules/tasks/network-interfaces.nix
@ -191,6 +191,15 @@ in
      '';
    };

+    networking.useHostResolvConf = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        In containers, whether to use the
+        <filename>resolv.conf</filename> supplied by the host.
+      '';
+    };
+
    networking.localCommands = mkOption {
      default = "";
      example = "text=anything; echo You can put $text here.";
--- a/nixos/modules/virtualisation/container-config.nix
+++ b/nixos/modules/virtualisation/container-config.nix
@ -8,6 +8,8 @@ with lib;

    sound.enable = mkDefault false;

+    networking.useHostResolvConf = true;
+
    # Provide a login prompt on /var/lib/login.socket.  On the host,
    # you can connect to it by running ‘socat
    # unix:<path-to-container>/var/lib/login.socket -,echo=0,raw’.