lifecycle: rebuild reconciles bind flag idempotently and restarts
This commit is contained in:
müde
parent
377eb994a1
commit
764d6497dd
2 changed files with 24 additions and 12 deletions
|
|
@ -37,23 +37,30 @@ pub async fn spawn(name: &str, agent_flake: &str, agent_dir: &Path) -> Result<()
|
|||
validate(name)?;
|
||||
let container = container_name(name);
|
||||
run(&["create", &container, "--flake", agent_flake]).await?;
|
||||
append_bind_flag(&container, agent_dir)?;
|
||||
set_bind_flag(&container, agent_dir)?;
|
||||
run(&["start", &container]).await
|
||||
}
|
||||
|
||||
/// `nixos-container` doesn't expose `--bind` on the CLI, but its start script
|
||||
/// expands `$EXTRA_NSPAWN_FLAGS` (from `/etc/nixos-containers/<name>.conf`)
|
||||
/// unquoted into the `systemd-nspawn` invocation. Append a `--bind` flag there.
|
||||
fn append_bind_flag(container: &str, agent_dir: &Path) -> Result<()> {
|
||||
/// unquoted into the `systemd-nspawn` invocation. Idempotently replace the
|
||||
/// `EXTRA_NSPAWN_FLAGS` line with the bind we want.
|
||||
fn set_bind_flag(container: &str, agent_dir: &Path) -> Result<()> {
|
||||
let path = format!("/etc/nixos-containers/{container}.conf");
|
||||
let line = format!(
|
||||
"\nEXTRA_NSPAWN_FLAGS=\"--bind={}:{CONTAINER_RUNTIME_MOUNT}\"\n",
|
||||
let original = std::fs::read_to_string(&path).with_context(|| format!("read {path}"))?;
|
||||
let mut lines: Vec<String> = original
|
||||
.lines()
|
||||
.filter(|line| !line.trim_start().starts_with("EXTRA_NSPAWN_FLAGS="))
|
||||
.map(str::to_owned)
|
||||
.collect();
|
||||
lines.push(format!(
|
||||
"EXTRA_NSPAWN_FLAGS=\"--bind={}:{CONTAINER_RUNTIME_MOUNT}\"",
|
||||
agent_dir.display()
|
||||
);
|
||||
let mut content = std::fs::read_to_string(&path).with_context(|| format!("read {path}"))?;
|
||||
content.push_str(&line);
|
||||
));
|
||||
let mut content = lines.join("\n");
|
||||
content.push('\n');
|
||||
std::fs::write(&path, content).with_context(|| format!("write {path}"))?;
|
||||
tracing::info!(%path, "appended EXTRA_NSPAWN_FLAGS for bind mount");
|
||||
tracing::info!(%path, "set EXTRA_NSPAWN_FLAGS for bind mount");
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
|
@ -63,10 +70,14 @@ pub async fn kill(name: &str) -> Result<()> {
|
|||
run(&["stop", &container]).await
|
||||
}
|
||||
|
||||
pub async fn rebuild(name: &str, agent_flake: &str) -> Result<()> {
|
||||
pub async fn rebuild(name: &str, agent_flake: &str, agent_dir: &Path) -> Result<()> {
|
||||
validate(name)?;
|
||||
let container = container_name(name);
|
||||
run(&["update", &container, "--flake", agent_flake]).await
|
||||
set_bind_flag(&container, agent_dir)?;
|
||||
run(&["update", &container, "--flake", agent_flake]).await?;
|
||||
// Restart so any nspawn-level changes (bind mounts, networking, etc.) apply.
|
||||
run(&["stop", &container]).await?;
|
||||
run(&["start", &container]).await
|
||||
}
|
||||
|
||||
pub async fn list() -> Result<Vec<String>> {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue