29.01.2026 15:39, Miroslav Špehar wrote:
Hi all,
How can i set the ip of an nspawn container which has Boot=no in .nspawn file?
I am not even sure if this is a good idea, its just something im
trying to do and failing.
The idea is to run a binary like stalwart mail server in the nspawn
container, but have the container run only that binary (musl binary).
Since id like to avoid having a shell and other binaries / processes
in the container, i would resort to having Boot=no in the .nspawn
file.
Also, i would like that nspawn doesnt open ports on the host itself,
id rather have it manually forwarded by nftables on host, which means
no Port= option in .nspawn.
Does any of this make sense?
That's what --network-veth and related is for. You need interface inside
your container for your application and you need something to forward to
on the host side. You still need to setup interface inside the container
with the correct address and other parameters, so you will need at least
those programs plus something to invoke them.
You would *still* need this even when using --port, because --port
option simply forwards packets between host and container, but for this
it needs the interface into the container.
