Options - nixos-nspawn

nixos-nspawn.containers

Attribute set of containers that are configured by this module.

Type: attribute set of (submodule)

Default: { }

Example:

{
  webserver = {
    config = {
      networking.firewall.allowedTCPPorts = [ 80 ];
      services.nginx.enable = true;
    };
  };
}

nixos-nspawn.containers.<name>.autoStart

Whether to start the container by default with machines.target.

Type: boolean

Default: true

Example: false

nixos-nspawn.containers.<name>.binds

Read-Write bind mounts from the host. Keys are paths in the container.

Type: attribute set of (submodule)

Default: { }

Example:

{
  "/var/lib/example" = { };
  "/var/lib/postgresql" = {
    hostPath = "/mnt/data/postgresql";
    options = [
      "idmap"
    ];
  };
}

nixos-nspawn.containers.<name>.binds.<name>.hostPath

If not null, path on the host. Defaults to the same path as in the container.

Type: null or string

Default: null

nixos-nspawn.containers.<name>.binds.<name>.options

Options to pass to the bind mount. See systemd-nspawn(1) for possible values.

Type: list of string

Default: [ ]

nixos-nspawn.containers.<name>.binds.<name>.readOnly

Whether to enable Mount read-only.

Type: boolean

Default: false

Example: true

nixos-nspawn.containers.<name>.config

A specification of the desired configuration of this container, as a NixOS module.

Type: Toplevel NixOS config

Example:

{ pkgs, ... }: {
  networking.hostName = "foobar";
  services.openssh.enable = true;
  environment.systemPackages = [ pkgs.htop ];
}

nixos-nspawn.containers.<name>.network.veth.enable

Enable default veth link between host and container.

Type: boolean

Default: true

Example: false

nixos-nspawn.containers.<name>.network.veth.config.container

Networkd network config merged with the systemd.network.networks unit on the container side. Interface match config is already prepopulated.

Type: null or (attribute set)

Default: null

Example:

{
  networkConfig = {
    Address = [
      "fd42::2/64"
      "10.23.42.2/28"
    ];
  };
}

nixos-nspawn.containers.<name>.network.veth.config.host

Networkd network config merged with the systemd.network.networks unit on the host side. Interface match config is already prepopulated.

Type: null or (attribute set)

Default: null

Example:

{
  networkConfig = {
    Address = [
      "fd42::1/64"
      "10.23.42.1/28"
    ];
  };
}

nixos-nspawn.containers.<name>.network.veth.zone

Name of the zone to attach the veth on the host. The Interface name will be prefixed with “vz-”.

Type: null or string

Default: null

nixos-nspawn.containers.<name>.path

As an alternative to specifying config, you can specify the path to the evaluated NixOS system configuration, typically a symlink to a system profile.

Type: path

Example: "/nix/var/nix/profiles/my-container"

nixos-nspawn.imports

List of NixOS modules to be imported in every system evaluation when containers.*.config is being used.

Type: list of module

Default: [ ]

Example:

[
  { services.getty.helpLine = "Hello world! I'm a nspawn container!"; }
  inputs.lix-module.nixosModules.default
]