Skip to content
LXC - Linux Containers
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
conf.d reconfigure BindAddress and PassThroughPattern May 17, 2018
docs updated documentation for overriding apt_proxy Mar 18, 2019
overlay updated documentation for overriding apt_proxy Mar 18, 2019
patches.d patch table headers in apt-cacher-ng report.html Jul 3, 2018
plan use ebtables to block external traffic to apt-cacher-ng Jul 1, 2018
Makefile LXC: open all ports (make network routing easier) Jan 26, 2016


TurnKey LXC LinuX Containers - 1 host, multiple TurnKey apps

TurnKey LXC simplifies downloading and deploying multiple TurnKey apps side-by-side on the same host in securely isolated lightweight containers while handling tricky details such as network routing. LXC (AKA LinuX Containers) is the rising star lightweight virtualization technology that powers Docker and other next generation software deployment platforms.


Creating a TurnKey LXC container is done by specifying turnkey as the template when invoking lxc-create, for example:

# lxc-create -n CONTAINER_NAME -f CONFIG_FILE -t turnkey -- APPNAME [template options]

See the Usage Documentation for further details.


This appliance includes all the standard features in TurnKey Core, and on top of that:

  • Includes TurnKey LXC template:

    • Download and create a container of any TurnKey appliance.
    • Appliance version defaults to latest available.
    • Insert specified inithooks.conf into container for preseeding.
    • Supports configuration of network link (e.g., br0, natbr0, none).
    • Supports configuration of apt proxy.
    • Verifies GPG signatures when available
    • Wrapper for lxc-destroy cleans up after container is removed
    • Supports LVM on TurnKey's default volume group 'turnkey'
    • Allows TurnKey Ansible appliance to manage LXC containers
    • Generic enough to be used on any LXC enabled distribution.
  • Easily expose NAT containers services:

    • nginx-proxy: Expose a containers web services to the network by creating an nginx site configuration to proxy all web requests (ports 80, 443, 12320, 12321, 12322) destined for a specific domain to the container on the corresponding ports.
    • iptables-nat: Expose a containers non-web (e.g., SSH) service to the network by configuring iptables on the host to forward the traffic it receives on port X to the container on port Y.
  • LXC appliance configurations:

    • Preconfigured network bridge interface (br0).
    • Preconfigured network NAT bridge interface (natbr0).
    • Preconfigured dnsmasq on natbr0 providing DHCP and DNS services. Containers can be referenced by hostname or hostname.local.lxc
    • Includes apt-cacher-ng, binding to br0 interface.
    • Includes TurnKey web control panel (convenience).
    • Includes example inithooks configuration for preseeding (convenience).
    • IP forwarding and control groups enabled.
  • LXC limitations:

    • The LXC appliance cannot run in nested mode i.e. within an LXC container without additional configuration. This mode is not recommended for production systems because of security concerns.

Credentials (passwords set at first boot)

  • Webmin, SSH: username root
You can’t perform that action at this time.