diff --git a/flake.lock b/flake.lock index 238c20f..a3501c1 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1665870395, - "narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=", + "lastModified": 1673301561, + "narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=", "owner": "ryantm", "repo": "agenix", - "rev": "a630400067c6d03c9b3e0455347dc8559db14288", + "rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68", "type": "github" }, "original": { @@ -42,11 +42,11 @@ ] }, "locked": { - "lastModified": 1672753581, - "narHash": "sha256-EIi2tqHoje5cE9WqH23ZghW28NOOWSUM7tcxKE1U9KI=", + "lastModified": 1673295039, + "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "3db1d870b04b13411f56ab1a50cd32b001f56433", + "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", "type": "github" }, "original": { @@ -168,11 +168,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1672899733, - "narHash": "sha256-98v9wy+npi5NYHdb3wVh2fIelacCZJXrENET1YUSF+k=", + "lastModified": 1673591020, + "narHash": "sha256-9tHlrBdm/6NqgENQ0Uupn3rJP8q0yeGtvSrVkpb17Gk=", "owner": "nix-community", "repo": "fenix", - "rev": "8febc16949eacf0b66a2378fcddd574630a458b2", + "rev": "3966a723f5a710b70aaafa29eb277db0389183db", "type": "github" }, "original": { @@ -216,11 +216,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1672780900, - "narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=", + "lastModified": 1673343300, + "narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4", + "rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e", "type": "github" }, "original": { @@ -411,11 +411,11 @@ }, "latest_2": { "locked": { - "lastModified": 1672941755, - "narHash": "sha256-lX6zS72w76EkBMPBcSIRQJWznQZuizy2c55/iyg88UU=", + "lastModified": 1673629240, + "narHash": "sha256-RiqQpSFl1w1yuVPdNp9aRxqOzidZ4Usuy+p0tbUhLb8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d374964cb3d575ced4222b912ca9d03bd45d7e3d", + "rev": "9b896acabe4332fee1939c33a310e17ee62e81bb", "type": "github" }, "original": { @@ -451,11 +451,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1661367362, - "narHash": "sha256-Qc8MXcV+YCPREu8kk6oggk23ZBKLqeQRAIsLbHEviPE=", + "lastModified": 1672992692, + "narHash": "sha256-/eLQLSNIa22ARTZbk+x8i0iE8khe1eiHWkuxgTVXZ7g=", "owner": "guibou", "repo": "nixGL", - "rev": "7165ffbccbd2cf4379b6cd6d2edd1620a427e5ae", + "rev": "643e730efb981ffaf8478f441ec9b9aeea1c89f5", "type": "github" }, "original": { @@ -466,11 +466,11 @@ }, "nixos": { "locked": { - "lastModified": 1672791794, - "narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=", + "lastModified": 1673450908, + "narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d", + "rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e", "type": "github" }, "original": { @@ -482,11 +482,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1672644464, - "narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=", + "lastModified": 1673440569, + "narHash": "sha256-FQ5o0yI+MH9MgfseeGDsVIIpIqv3BCgq+0NzncuZ9Zo=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26", + "rev": "88016c96c3c338aa801695cdd9f186820bcfe4d6", "type": "github" }, "original": { @@ -497,11 +497,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1672617983, - "narHash": "sha256-68WDiCBs631mbDDk4UAKdGURKcsfW6hjb7wgudTAe5o=", + "lastModified": 1673450908, + "narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0fc9fca9c8d43edd79d33fea0dd8409d7c4580f4", + "rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e", "type": "github" }, "original": { @@ -537,11 +537,11 @@ ] }, "locked": { - "lastModified": 1667620329, - "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", + "lastModified": 1672979485, + "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", "owner": "berberman", "repo": "nvfetcher", - "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", + "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", "type": "github" }, "original": { @@ -635,11 +635,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1672857514, - "narHash": "sha256-zbsLi/SdbSYC0ewLpvGY8cSgn1Ty/Tfb6ParyZmhSdY=", + "lastModified": 1673537112, + "narHash": "sha256-x7kPou0eKN33wYCam3QBQOwSuQFBinsc7UD+R/qPE0g=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "80cabf726068187d8686b5ccf37aac484da84904", + "rev": "fb39efe26cfbc81e5ed5e6518262fcc2d44229c2", "type": "github" }, "original": { @@ -651,16 +651,16 @@ }, "stable": { "locked": { - "lastModified": 1672580127, - "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "lastModified": 1673612960, + "narHash": "sha256-DWR7hrbecJKmUJCswk9MXZta710mq+3jZwTvHU/UfyY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0874168639713f547c05947c76124f78441ea46c", + "rev": "e285dd0ca97c264003867c7329f0d1f4f028739c", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 6fdee25..dc646ca 100644 --- a/flake.nix +++ b/flake.nix @@ -4,7 +4,7 @@ nixConfig.extra-experimental-features = "nix-command flakes"; inputs = { - stable.url = "github:nixos/nixpkgs/nixos-22.05"; + stable.url = "github:nixos/nixpkgs/nixos-22.11"; nixos.url = "github:nixos/nixpkgs/nixos-unstable"; latest.url = "github:nixos/nixpkgs/master"; diff --git a/users/modules/podman/default.nix b/users/modules/podman/default.nix index a411363..8c94954 100644 --- a/users/modules/podman/default.nix +++ b/users/modules/podman/default.nix @@ -2,7 +2,6 @@ imports = [ ./podman.nix ./containers.nix - ./podman-dnsname.nix ./docker-compat.nix ]; } diff --git a/users/modules/podman/podman-dnsname.nix b/users/modules/podman/podman-dnsname.nix deleted file mode 100644 index 3df4955..0000000 --- a/users/modules/podman/podman-dnsname.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) - mkOption - mkIf - types - ; - - cfg = config.services.podman; - -in -{ - options = { - services.podman = { - - defaultNetwork.dnsname.enable = mkOption { - type = types.bool; - default = false; - description = '' - Enable DNS resolution in the default podman network. - ''; - }; - - }; - }; - - config = { - virtualisation.containers.containersConf.cniPlugins = mkIf cfg.defaultNetwork.dnsname.enable [ pkgs.dnsname-cni ]; - services.podman.defaultNetwork.extraPlugins = - lib.optional cfg.defaultNetwork.dnsname.enable { - type = "dnsname"; - domainName = "dns.podman"; - capabilities.aliases = true; - }; - }; -} diff --git a/users/modules/podman/podman.nix b/users/modules/podman/podman.nix index 938e570..9649580 100644 --- a/users/modules/podman/podman.nix +++ b/users/modules/podman/podman.nix @@ -7,25 +7,9 @@ let inherit (lib) mkOption types; podmanPackage = (pkgs.podman.override { inherit (cfg) extraPackages; }); - - net-conflist = pkgs.runCommand "87-podman-bridge.conflist" - { - nativeBuildInputs = [ pkgs.jq ]; - extraPlugins = builtins.toJSON cfg.defaultNetwork.extraPlugins; - jqScript = '' - . + { "plugins": (.plugins + $extraPlugins) } - ''; - } '' - jq <${cfg.package}/etc/cni/net.d/87-podman-bridge.conflist \ - --argjson extraPlugins "$extraPlugins" \ - "$jqScript" \ - >$out - ''; - in { imports = [ - ./podman-dnsname.nix #./podman-network-socket.nix (lib.mkRenamedOptionModule [ "virtualisation" "podman" "libpod" ] [ "virtualisation" "containers" "containersConf" ]) ]; @@ -91,11 +75,21 @@ in config = lib.mkIf cfg.enable { home.packages = [ cfg.package ]; - xdg.configFile."cni/net.d/87-podman-bridge.conflist".source = net-conflist; - + xdg.configFile."containers/networks/podman.json".source = json.generate "podman.json" ({ + dns_enabled = false; + driver = "bridge"; + id = "0000000000000000000000000000000000000000000000000000000000000000"; + internal = false; + ipam_options = { driver = "host-local"; }; + ipv6_enabled = false; + name = "podman"; + network_interface = "podman0"; + subnets = [{ gateway = "10.88.0.1"; subnet = "10.88.0.0/16"; }]; + }); virtualisation.containers = { enable = true; # Enable common /etc/containers configuration containersConf.settings = lib.optionalAttrs cfg.enableNvidia { + network.network_backend = "netavark"; engine = { conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ]; runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ]; diff --git a/users/profiles/podman/default.nix b/users/profiles/podman/default.nix index b9eeb4a..81d4918 100644 --- a/users/profiles/podman/default.nix +++ b/users/profiles/podman/default.nix @@ -1,7 +1,6 @@ { pkgs, ... }: { services.podman.enable = true; - services.podman.defaultNetwork.dnsname.enable = true; services.podman.dockerCompat = { dockerSocket.enable = true; dockerCompose.enable = true;