<<TableOfContents()>>

See [[nspawn]] for more details of configuring systemd-nspawn containers. See [[https://wiki.archlinux.org/title/Systemd-nspawn#Create_a_Debian_or_Ubuntu_environment|Arch Linux specific tips]] if you have Arch Linux as host machine. For clean builds, you can install sbuild inside your container or setup sbuild on host and use the shared home option to access packaging files.

== Install required packages and enable networking service ==

Install systemd-container and mmdebstrap packages

{{{
sudo apt install systemd-container mmdebstrap
}}}

Setup the root filesystem using mmdebstrap
{{{
sudo mmdebstrap --include=systemd-container,auto-apt-proxy,sudo unstable /var/lib/machines/debian-sid
}}}

If you already have apt-cacher-ng setup, then speed up the setup by running
{{{
sudo auto-apt-proxy mmdebstrap --include=systemd-container,auto-apt-proxy,sudo unstable /var/lib/machines/debian-sid
}}}

Enable systemd-networkd
{{{
sudo systemctl enable systemd-networkd
sudo systemctl start systemd-networkd
}}}

== Basic configuration of the container ==

Use bind option to share home directory for <username>,

{{{
sudo systemd-nspawn --bind=/home/<username> -D /var/lib/machines/debian-sid --machine debian-sid
}}}

For root access (use machinectl login in multiple terminals), setup a root password and create a normal user with sudo access (--uid option can be skipped if the <username> is first user on the host, ie, uid 1000)
{{{
root@debian-sid:~# adduser --uid <uid on host for username> <username>
root@debian-sid:~# gpasswd -a <username> sudo
root@debian-sid:~# passwd
}}}

Enable systemd-networkd inside the container,

{{{
root@debian-sid:~# sudo systemctl enable systemd-networkd
}}}

Optional: Setup hostname in `/etc/hostname` (use your favorite editor)
{{{
debian-sid
}}}

and `/etc/hosts`
{{{
pravi@debian-sid:~$ cat /etc/hosts
127.0.0.1	localhost debian-sid
::1		localhost ip6-localhost ip6-loopback
ff02::1		ip6-allnodes
ff02::2		ip6-allrouters
}}}

Press Control+D to exit.

== Start and use the container ==

If you have the same user id for <username> in host and container, you can use the following command to have a writeable home directory. If the userids are not matching, you can edit the userid in `/etc/password` inside the container to match the value of user id in host.

=== Option 1 ===
{{{
sudo systemd-nspawn --boot --bind=/home/<username> -D /var/lib/machines/debian-sid --machine debian-sid
}}}

=== Option 2 ===

The same options can be added to `debian-sid.nspawn` file in `/etc/systemd/nspawn/debian-sid.nspawn` and use `machinectl start`. See `man 5 systemd.nspawn` for more options you can add to this file.

{{{
$ sudo mkdir -p /etc/systemd/nspawn
}}}

Create `/etc/systemd/nspawn/debian-sid.nspawn` and add the following lines
{{{
[Exec]
Boot=yes
PrivateUsers=no
PrivateUsersChown=no

[Files]
Bind=/home/<username>

[Network]
VirtualEthernet=yes
}}}

{{{
sudo machinectl start debian-sid
}}}

== Login to the container ==

Use `login` or `shell` options of machinectl to connect to your container

{{{
sudo machinectl login debian-sid
}}}

or

{{{
sudo machinectl shell debian-sid
}}}

Note 1: You can use `machinectl login debian-sid` on a different terminal if you want more login shells.

Note 2: `machinectl shell` with `su - <username>` avoids entering passwords and also gives you the same terminal as host (`mcahinectl login` only give vt220 by default and you may face issues with some programs, for example End key don't work in micro).

Press ^] three times within 1s to exit from the virtual terminal of the container after you logout (Control + D).

To stop the container, run:
{{{
sudo machinectl stop debian-sid
}}}