explicitly speciy params for systemd-nspawn ExecStart

It was using whatever was in /lib/systemd/system/systemd-nspawn@.service,
but systemd 220 added --network-veth to that, which can break existing
setups. So don't do that.

1 files changed, 8 insertions, 4 deletions

diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs
index ea8c994e..87290fc0 100644
--- a/src/Propellor/Property/Systemd.hs
+++ b/src/Propellor/Property/Systemd.hs
@@ -202,8 +202,14 @@ nspawnService (Container name _ _) cfg = setup <!> teardown
 		return $ unlines $
 			"# deployed by propellor" : map addparams ls
 	addparams l
-		| "ExecStart=" `isPrefixOf` l =
-			l ++ " " ++ unwords (nspawnServiceParams cfg)
+		| "ExecStart=" `isPrefixOf` l = unwords $
+			[ "ExecStart = /usr/bin/systemd-nspawn"
+			, "--quiet"
+			, "--keep-unit"
+			, "--boot"
+			, "--link-journal=try-guest"
+			, "--directory=/var/lib/container/%i"
+			] ++ nspawnServiceParams cfg
 		| otherwise = l
 	
 	goodservicefile = (==)
@@ -290,8 +296,6 @@ containerCfg p = RevertableProperty (mk True) (mk False)
 		('-':_) -> p
 		_ -> "--" ++ p
 
-
-
 -- | Bind mounts </etc/resolv.conf> from the host into the container.
 --
 -- This property is enabled by default. Revert it to disable it.