bgpwtf/edge01: as-deployed: add qemu-bridge-helper config to fix anchorvm
Change-Id: I305c498f8332de8addac435da57ba88e1b34c7f0
diff --git a/bgpwtf/machines/modules/anchorvm.nix b/bgpwtf/machines/modules/anchorvm.nix
index 9c7b17f..9eddde9 100644
--- a/bgpwtf/machines/modules/anchorvm.nix
+++ b/bgpwtf/machines/modules/anchorvm.nix
@@ -24,6 +24,15 @@
};
};
+ config.environment = {
+ # qemu-bridge-helper (needed for -nic bridge) requires this file to exist.
+ # We're running as root and don't care about the ACL functionality, so just
+ # make a minimal file that allows the interface.
+ # This snippet stolen from nixpkgs//libvirtd.nix
+ etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n" (e:
+ "allow ${e}") [cfg.bridge];
+ };
+
config.systemd.services.anchorvm = {
wantedBy = [ "multi-user.target" ];
after = [