diff options
author | Adam Stephens <adam@valkor.net> | 2023-09-14 08:18:41 -0400 |
---|---|---|
committer | Adam Stephens <adam@valkor.net> | 2023-09-14 09:17:33 -0400 |
commit | 8565cd862a614cc53a5798d398b8b11d98122ba0 (patch) | |
tree | 0a82a62655d16b5e4355ef47b24ab117121b48f8 /nixos/modules/virtualisation/lxc-container.nix | |
parent | 3a2786eea085f040a66ecde1bc3ddc7099f6dbeb (diff) |
systemd: allow udev-trigger to run on lxd containers with nesting
Diffstat (limited to 'nixos/modules/virtualisation/lxc-container.nix')
-rw-r--r-- | nixos/modules/virtualisation/lxc-container.nix | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index 9402d3bf37d0c..7f01b45043310 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -9,15 +9,16 @@ in { options = { virtualisation.lxc = { - privilegedContainer = lib.mkOption { - type = lib.types.bool; - default = false; - description = lib.mdDoc '' - Whether this LXC container will be running as a privileged container or not. If set to `true` then - additional configuration will be applied to the `systemd` instance running within the container as - recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). - ''; - }; + nestedContainer = lib.mkEnableOption (lib.mdDoc '' + Whether this container is configured as a nested container. On LXD containers this is recommended + for all containers and is enabled with `security.nesting = true`. + ''); + + privilegedContainer = lib.mkEnableOption (lib.mdDoc '' + Whether this LXC container will be running as a privileged container or not. If set to `true` then + additional configuration will be applied to the `systemd` instance running within the container as + recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). + ''); }; }; |