Update
This commit is contained in:
parent
c13fe4b6df
commit
ab3a9b739e
6 changed files with 53 additions and 97 deletions
80
flake.lock
80
flake.lock
|
@ -7,11 +7,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1665870395,
|
||||
"narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=",
|
||||
"lastModified": 1673301561,
|
||||
"narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "a630400067c6d03c9b3e0455347dc8559db14288",
|
||||
"rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -42,11 +42,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672753581,
|
||||
"narHash": "sha256-EIi2tqHoje5cE9WqH23ZghW28NOOWSUM7tcxKE1U9KI=",
|
||||
"lastModified": 1673295039,
|
||||
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
||||
"owner": "LnL7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "3db1d870b04b13411f56ab1a50cd32b001f56433",
|
||||
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -168,11 +168,11 @@
|
|||
"rust-analyzer-src": "rust-analyzer-src"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672899733,
|
||||
"narHash": "sha256-98v9wy+npi5NYHdb3wVh2fIelacCZJXrENET1YUSF+k=",
|
||||
"lastModified": 1673591020,
|
||||
"narHash": "sha256-9tHlrBdm/6NqgENQ0Uupn3rJP8q0yeGtvSrVkpb17Gk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "fenix",
|
||||
"rev": "8febc16949eacf0b66a2378fcddd574630a458b2",
|
||||
"rev": "3966a723f5a710b70aaafa29eb277db0389183db",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -216,11 +216,11 @@
|
|||
"flake-compat_3": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1650374568,
|
||||
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
|
||||
"lastModified": 1668681692,
|
||||
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
|
||||
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -364,11 +364,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672780900,
|
||||
"narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=",
|
||||
"lastModified": 1673343300,
|
||||
"narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4",
|
||||
"rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -411,11 +411,11 @@
|
|||
},
|
||||
"latest_2": {
|
||||
"locked": {
|
||||
"lastModified": 1672941755,
|
||||
"narHash": "sha256-lX6zS72w76EkBMPBcSIRQJWznQZuizy2c55/iyg88UU=",
|
||||
"lastModified": 1673629240,
|
||||
"narHash": "sha256-RiqQpSFl1w1yuVPdNp9aRxqOzidZ4Usuy+p0tbUhLb8=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d374964cb3d575ced4222b912ca9d03bd45d7e3d",
|
||||
"rev": "9b896acabe4332fee1939c33a310e17ee62e81bb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -451,11 +451,11 @@
|
|||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1661367362,
|
||||
"narHash": "sha256-Qc8MXcV+YCPREu8kk6oggk23ZBKLqeQRAIsLbHEviPE=",
|
||||
"lastModified": 1672992692,
|
||||
"narHash": "sha256-/eLQLSNIa22ARTZbk+x8i0iE8khe1eiHWkuxgTVXZ7g=",
|
||||
"owner": "guibou",
|
||||
"repo": "nixGL",
|
||||
"rev": "7165ffbccbd2cf4379b6cd6d2edd1620a427e5ae",
|
||||
"rev": "643e730efb981ffaf8478f441ec9b9aeea1c89f5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -466,11 +466,11 @@
|
|||
},
|
||||
"nixos": {
|
||||
"locked": {
|
||||
"lastModified": 1672791794,
|
||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
||||
"lastModified": 1673450908,
|
||||
"narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
||||
"rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -482,11 +482,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1672644464,
|
||||
"narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=",
|
||||
"lastModified": 1673440569,
|
||||
"narHash": "sha256-FQ5o0yI+MH9MgfseeGDsVIIpIqv3BCgq+0NzncuZ9Zo=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26",
|
||||
"rev": "88016c96c3c338aa801695cdd9f186820bcfe4d6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -497,11 +497,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1672617983,
|
||||
"narHash": "sha256-68WDiCBs631mbDDk4UAKdGURKcsfW6hjb7wgudTAe5o=",
|
||||
"lastModified": 1673450908,
|
||||
"narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0fc9fca9c8d43edd79d33fea0dd8409d7c4580f4",
|
||||
"rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -537,11 +537,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1667620329,
|
||||
"narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=",
|
||||
"lastModified": 1672979485,
|
||||
"narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=",
|
||||
"owner": "berberman",
|
||||
"repo": "nvfetcher",
|
||||
"rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116",
|
||||
"rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -635,11 +635,11 @@
|
|||
"rust-analyzer-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1672857514,
|
||||
"narHash": "sha256-zbsLi/SdbSYC0ewLpvGY8cSgn1Ty/Tfb6ParyZmhSdY=",
|
||||
"lastModified": 1673537112,
|
||||
"narHash": "sha256-x7kPou0eKN33wYCam3QBQOwSuQFBinsc7UD+R/qPE0g=",
|
||||
"owner": "rust-lang",
|
||||
"repo": "rust-analyzer",
|
||||
"rev": "80cabf726068187d8686b5ccf37aac484da84904",
|
||||
"rev": "fb39efe26cfbc81e5ed5e6518262fcc2d44229c2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -651,16 +651,16 @@
|
|||
},
|
||||
"stable": {
|
||||
"locked": {
|
||||
"lastModified": 1672580127,
|
||||
"narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=",
|
||||
"lastModified": 1673612960,
|
||||
"narHash": "sha256-DWR7hrbecJKmUJCswk9MXZta710mq+3jZwTvHU/UfyY=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0874168639713f547c05947c76124f78441ea46c",
|
||||
"rev": "e285dd0ca97c264003867c7329f0d1f4f028739c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-22.05",
|
||||
"ref": "nixos-22.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
nixConfig.extra-experimental-features = "nix-command flakes";
|
||||
inputs =
|
||||
{
|
||||
stable.url = "github:nixos/nixpkgs/nixos-22.05";
|
||||
stable.url = "github:nixos/nixpkgs/nixos-22.11";
|
||||
nixos.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
latest.url = "github:nixos/nixpkgs/master";
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
imports = [
|
||||
./podman.nix
|
||||
./containers.nix
|
||||
./podman-dnsname.nix
|
||||
./docker-compat.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,36 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
inherit (lib)
|
||||
mkOption
|
||||
mkIf
|
||||
types
|
||||
;
|
||||
|
||||
cfg = config.services.podman;
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.podman = {
|
||||
|
||||
defaultNetwork.dnsname.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enable DNS resolution in the default podman network.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
virtualisation.containers.containersConf.cniPlugins = mkIf cfg.defaultNetwork.dnsname.enable [ pkgs.dnsname-cni ];
|
||||
services.podman.defaultNetwork.extraPlugins =
|
||||
lib.optional cfg.defaultNetwork.dnsname.enable {
|
||||
type = "dnsname";
|
||||
domainName = "dns.podman";
|
||||
capabilities.aliases = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -7,25 +7,9 @@ let
|
|||
inherit (lib) mkOption types;
|
||||
|
||||
podmanPackage = (pkgs.podman.override { inherit (cfg) extraPackages; });
|
||||
|
||||
net-conflist = pkgs.runCommand "87-podman-bridge.conflist"
|
||||
{
|
||||
nativeBuildInputs = [ pkgs.jq ];
|
||||
extraPlugins = builtins.toJSON cfg.defaultNetwork.extraPlugins;
|
||||
jqScript = ''
|
||||
. + { "plugins": (.plugins + $extraPlugins) }
|
||||
'';
|
||||
} ''
|
||||
jq <${cfg.package}/etc/cni/net.d/87-podman-bridge.conflist \
|
||||
--argjson extraPlugins "$extraPlugins" \
|
||||
"$jqScript" \
|
||||
>$out
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./podman-dnsname.nix
|
||||
#./podman-network-socket.nix
|
||||
(lib.mkRenamedOptionModule [ "virtualisation" "podman" "libpod" ] [ "virtualisation" "containers" "containersConf" ])
|
||||
];
|
||||
|
@ -91,11 +75,21 @@ in
|
|||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
home.packages = [ cfg.package ];
|
||||
xdg.configFile."cni/net.d/87-podman-bridge.conflist".source = net-conflist;
|
||||
|
||||
xdg.configFile."containers/networks/podman.json".source = json.generate "podman.json" ({
|
||||
dns_enabled = false;
|
||||
driver = "bridge";
|
||||
id = "0000000000000000000000000000000000000000000000000000000000000000";
|
||||
internal = false;
|
||||
ipam_options = { driver = "host-local"; };
|
||||
ipv6_enabled = false;
|
||||
name = "podman";
|
||||
network_interface = "podman0";
|
||||
subnets = [{ gateway = "10.88.0.1"; subnet = "10.88.0.0/16"; }];
|
||||
});
|
||||
virtualisation.containers = {
|
||||
enable = true; # Enable common /etc/containers configuration
|
||||
containersConf.settings = lib.optionalAttrs cfg.enableNvidia {
|
||||
network.network_backend = "netavark";
|
||||
engine = {
|
||||
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
|
||||
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
services.podman.enable = true;
|
||||
services.podman.defaultNetwork.dnsname.enable = true;
|
||||
services.podman.dockerCompat = {
|
||||
dockerSocket.enable = true;
|
||||
dockerCompose.enable = true;
|
||||
|
|
Loading…
Reference in a new issue