pub struct ContainerConfig {Show 14 fields
pub id: u32,
pub name: String,
pub image: String,
pub cpu_cores: u32,
pub memory_mb: u32,
pub storage_gb: u32,
pub password: String,
pub ssh_key: Option<String>,
pub host_port: Option<u16>,
pub template_ports: Vec<PortMapping>,
pub template_env: HashMap<String, String>,
pub extra_runtime_args: Vec<String>,
pub data_path: Option<String>,
pub volume_encryption_key: Option<[u8; 32]>,
}Fields§
§id: u32§name: String§image: String§cpu_cores: u32§memory_mb: u32§storage_gb: u32§password: String§ssh_key: Option<String>§host_port: Option<u16>SSH host-port forwarding (LXD/Proxmox: SSH access). Distinct
from template_ports which are workload-specific.
template_ports: Vec<PortMapping>Workload ports the consumer reaches (e.g. nostr-relay 7777,
bitcoind RPC 18443). Empty for non-template spawns. Docker
backend translates each to -p host:container; LXD/Proxmox
backends ignore for now.
template_env: HashMap<String, String>Workload environment variables (template defaults +
consumer overrides). Docker backend passes via -e KEY=VAL.
extra_runtime_args: Vec<String>Extra docker run flags from the template definition (e.g.
--ulimit nofile=1048576:1048576 for strfry). LXD/Proxmox
backends ignore these.
data_path: Option<String>In-container path for the workload’s persistent state.
Docker backend mounts a vmid-scoped volume there.
None = stateless (no volume created).
volume_encryption_key: Option<[u8; 32]>Optional 32-byte LUKS key for the persistent data volume.
When set (Phase 2 of consumer-encrypted-volumes), the
DockerBackend creates a LUKS-on-loop file instead of a
plain Docker named volume; the key is fed to cryptsetup luksFormat/luksOpen over stdin and never persisted to
disk. On delete_container the LUKS header is erased
(cryptsetup luksErase) so the keyslots are unrecoverable
even if the operator forensically extracts the underlying
file.
Provider populates this from
EncryptedSpawnPodRequest.volume_encryption.decoded_key()
when present; None means a plain volume (today’s default).
data_path: None makes this field a no-op (stateless
workloads have nothing to encrypt).
Trait Implementations§
Source§impl Clone for ContainerConfig
impl Clone for ContainerConfig
Source§fn clone(&self) -> ContainerConfig
fn clone(&self) -> ContainerConfig
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreAuto Trait Implementations§
impl Freeze for ContainerConfig
impl RefUnwindSafe for ContainerConfig
impl Send for ContainerConfig
impl Sync for ContainerConfig
impl Unpin for ContainerConfig
impl UnsafeUnpin for ContainerConfig
impl UnwindSafe for ContainerConfig
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more