I’m trying to use nixos-containers for some services on my nixos-based server, as nixos services have some incredibly useful options (for example, services.nextcloud having options to automatically setup a database + redis cache), but I’m having trouble isolating them. The idea is to enable privateNetwork for all containers, and forward the ports I need for each service (also allowing me to easily choose whatever port I want for any service). Basically like a docker container, but better because it’s NixOS.
When I turn on privateNetwork on a container with no other networking options, there’s no network access, as expected. But this is about where my knowledge ends. I’m not very familiar with linux networking (which is arguably something I should work on, but why do that when I can just ask someone smarter than me?), and all I’ve tried is essentially messing around with random options from forum posts and the nixos-container wiki entry, all with no luck.
What’s a standard, solid set of options I can apply generally to my containers (I’ve got a function cooked up which allows for easier creation of containers) which would give me this functionality?