nixos/lxd: explicitly load xt_CHECKSUM module

This module is needed to create bridge networks such as the default lxdbr0 created by `lxd init`. Without this module, running `lxc network create lxdbr0` errors with: > Error: Failed to create network 'lxdbr0': Failed to run: iptables -w -t mangle -I POSTROUTING -o lxdbr0 -p udp --dport 68 -j CHECKSUM --checksum-fill -m comment --comment generated for LXD network lxdbr0: iptables v1.8.5 (legacy): unknown option "--checksum-fill"
2021-02-14 01:12:43 -05:00 · 2021-02-14 01:12:43 -05:00 · 161a35b0b8
parent 243521f52f
commit 161a35b0b8
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/virtualisation/lxd.nix
+++ b/nixos/modules/virtualisation/lxd.nix
@ -170,7 +170,7 @@ in {
      "kernel.keys.maxkeys" = 2000;
    };

-    boot.kernelModules = [ "veth" "xt_comment" "xt_MASQUERADE" ]
+    boot.kernelModules = [ "veth" "xt_comment" "xt_CHECKSUM" "xt_MASQUERADE" ]
      ++ optionals (!config.networking.nftables.enable) [ "iptable_mangle" ];
  };
 }