Hi, I'm trying to expose an http service running inside a container, provisioned with nixops
Here there's the network configuration: https://gist.github.com/berdario/c6fedeefb87fc08cd93abf3ce4dedc03 (If it seems complex: I adapted from my actual config, in which I have 2 services, and thus over there the blue_config has 2 values and makes more sense) I found a few problems: I cannot use the declarative configuration specified here: https://nixos.org/nixos/manual/index.html#sec-declarative-containers Since that way I wouldn't be able to independently deploy/upgrade the containers. Even if I also create another `containers` config in the host logical configuration, I doubt it would work since nixops will create containers with arbitrary names (like `foo`, `foo-1`) instead of the names that I supplied (`foo_blue`, `foo_green`)... moreover, when trying this on one deployment `foo-1` will match `foo_green`, while on another deployment it will match `foo_blue` If I was able to specify my own configuration, I could simply use an hand-picked ip address for forwarding. The second problem, is that the host won't have any lines inside its /etc/hosts pointing to the containers To work around this, I decided to use `deployment.encryptedLinksTo` (it seems a bit overkill, since it being a local connection I could do just fine with an unencrypted one), but then... The third problem, is that I cannot use the hostname inside `forwardTo`, since that will be passed directly to iptables, which will fail with `iptables v1.6.0: Bad IP address "foo_blue"` Is there an easier way to expose a service inside a container to the outside world? Any suggestions? Thank you _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
