pin NIC names to MAC + limit 7DTD restart loops

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
rope 2026-05-22 09:02:03 +01:00
parent e7222b566b
commit 94d5b6a2a1
2 changed files with 32 additions and 0 deletions

View file

@ -171,6 +171,23 @@
};
};
# Stop 7DTD containers from crash-looping forever — after 5 failures
# within 5 minutes, systemd gives up. Without this, a broken container
# spawns a new veth pair every 30 s, flooding systemd-networkd and
# potentially interfering with DHCP on the WAN interface.
systemd.services."docker-7dtd".serviceConfig = {
Restart = lib.mkForce "on-failure";
RestartSec = "30s";
StartLimitIntervalSec = 300;
StartLimitBurst = 5;
};
systemd.services."docker-7dtd-coop".serviceConfig = {
Restart = lib.mkForce "on-failure";
RestartSec = "30s";
StartLimitIntervalSec = 300;
StartLimitBurst = 5;
};
networking.firewall.allowedTCPPorts = [ 26900 26910 ];
networking.firewall.allowedUDPPorts = [ 26900 26901 26902 26910 26911 26912 ];
};