Update
This commit is contained in:
Bad
parent
c13fe4b6df
commit
ab3a9b739e
6 changed files with 53 additions and 97 deletions
80
flake.lock
80
flake.lock
|
|
@ -7,11 +7,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1665870395,
|
"lastModified": 1673301561,
|
||||||
"narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=",
|
"narHash": "sha256-gRUWHbBAtMuPDJQXotoI8u6+3DGBIUZHkyQWpIv7WpM=",
|
||||||
"owner": "ryantm",
|
"owner": "ryantm",
|
||||||
"repo": "agenix",
|
"repo": "agenix",
|
||||||
"rev": "a630400067c6d03c9b3e0455347dc8559db14288",
|
"rev": "42d371d861a227149dc9a7e03350c9ab8b8ddd68",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -42,11 +42,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672753581,
|
"lastModified": 1673295039,
|
||||||
"narHash": "sha256-EIi2tqHoje5cE9WqH23ZghW28NOOWSUM7tcxKE1U9KI=",
|
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
||||||
"owner": "LnL7",
|
"owner": "LnL7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "3db1d870b04b13411f56ab1a50cd32b001f56433",
|
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -168,11 +168,11 @@
|
||||||
"rust-analyzer-src": "rust-analyzer-src"
|
"rust-analyzer-src": "rust-analyzer-src"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672899733,
|
"lastModified": 1673591020,
|
||||||
"narHash": "sha256-98v9wy+npi5NYHdb3wVh2fIelacCZJXrENET1YUSF+k=",
|
"narHash": "sha256-9tHlrBdm/6NqgENQ0Uupn3rJP8q0yeGtvSrVkpb17Gk=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "fenix",
|
"repo": "fenix",
|
||||||
"rev": "8febc16949eacf0b66a2378fcddd574630a458b2",
|
"rev": "3966a723f5a710b70aaafa29eb277db0389183db",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -216,11 +216,11 @@
|
||||||
"flake-compat_3": {
|
"flake-compat_3": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1650374568,
|
"lastModified": 1668681692,
|
||||||
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
|
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
||||||
"owner": "edolstra",
|
"owner": "edolstra",
|
||||||
"repo": "flake-compat",
|
"repo": "flake-compat",
|
||||||
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
|
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -364,11 +364,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672780900,
|
"lastModified": 1673343300,
|
||||||
"narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=",
|
"narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4",
|
"rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -411,11 +411,11 @@
|
||||||
},
|
},
|
||||||
"latest_2": {
|
"latest_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672941755,
|
"lastModified": 1673629240,
|
||||||
"narHash": "sha256-lX6zS72w76EkBMPBcSIRQJWznQZuizy2c55/iyg88UU=",
|
"narHash": "sha256-RiqQpSFl1w1yuVPdNp9aRxqOzidZ4Usuy+p0tbUhLb8=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d374964cb3d575ced4222b912ca9d03bd45d7e3d",
|
"rev": "9b896acabe4332fee1939c33a310e17ee62e81bb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -451,11 +451,11 @@
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1661367362,
|
"lastModified": 1672992692,
|
||||||
"narHash": "sha256-Qc8MXcV+YCPREu8kk6oggk23ZBKLqeQRAIsLbHEviPE=",
|
"narHash": "sha256-/eLQLSNIa22ARTZbk+x8i0iE8khe1eiHWkuxgTVXZ7g=",
|
||||||
"owner": "guibou",
|
"owner": "guibou",
|
||||||
"repo": "nixGL",
|
"repo": "nixGL",
|
||||||
"rev": "7165ffbccbd2cf4379b6cd6d2edd1620a427e5ae",
|
"rev": "643e730efb981ffaf8478f441ec9b9aeea1c89f5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -466,11 +466,11 @@
|
||||||
},
|
},
|
||||||
"nixos": {
|
"nixos": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672791794,
|
"lastModified": 1673450908,
|
||||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
"narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
"rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -482,11 +482,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672644464,
|
"lastModified": 1673440569,
|
||||||
"narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=",
|
"narHash": "sha256-FQ5o0yI+MH9MgfseeGDsVIIpIqv3BCgq+0NzncuZ9Zo=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26",
|
"rev": "88016c96c3c338aa801695cdd9f186820bcfe4d6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -497,11 +497,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672617983,
|
"lastModified": 1673450908,
|
||||||
"narHash": "sha256-68WDiCBs631mbDDk4UAKdGURKcsfW6hjb7wgudTAe5o=",
|
"narHash": "sha256-b8em+kwrNtnB7gR8SyVf6WuTyQ+6tHS6dzt9D9wgKF0=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0fc9fca9c8d43edd79d33fea0dd8409d7c4580f4",
|
"rev": "6c8644fc37b6e141cbfa6c7dc8d98846c4ff0c2e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -537,11 +537,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1667620329,
|
"lastModified": 1672979485,
|
||||||
"narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=",
|
"narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=",
|
||||||
"owner": "berberman",
|
"owner": "berberman",
|
||||||
"repo": "nvfetcher",
|
"repo": "nvfetcher",
|
||||||
"rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116",
|
"rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -635,11 +635,11 @@
|
||||||
"rust-analyzer-src": {
|
"rust-analyzer-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672857514,
|
"lastModified": 1673537112,
|
||||||
"narHash": "sha256-zbsLi/SdbSYC0ewLpvGY8cSgn1Ty/Tfb6ParyZmhSdY=",
|
"narHash": "sha256-x7kPou0eKN33wYCam3QBQOwSuQFBinsc7UD+R/qPE0g=",
|
||||||
"owner": "rust-lang",
|
"owner": "rust-lang",
|
||||||
"repo": "rust-analyzer",
|
"repo": "rust-analyzer",
|
||||||
"rev": "80cabf726068187d8686b5ccf37aac484da84904",
|
"rev": "fb39efe26cfbc81e5ed5e6518262fcc2d44229c2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -651,16 +651,16 @@
|
||||||
},
|
},
|
||||||
"stable": {
|
"stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672580127,
|
"lastModified": 1673612960,
|
||||||
"narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=",
|
"narHash": "sha256-DWR7hrbecJKmUJCswk9MXZta710mq+3jZwTvHU/UfyY=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0874168639713f547c05947c76124f78441ea46c",
|
"rev": "e285dd0ca97c264003867c7329f0d1f4f028739c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"ref": "nixos-22.05",
|
"ref": "nixos-22.11",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
nixConfig.extra-experimental-features = "nix-command flakes";
|
nixConfig.extra-experimental-features = "nix-command flakes";
|
||||||
inputs =
|
inputs =
|
||||||
{
|
{
|
||||||
stable.url = "github:nixos/nixpkgs/nixos-22.05";
|
stable.url = "github:nixos/nixpkgs/nixos-22.11";
|
||||||
nixos.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixos.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
latest.url = "github:nixos/nixpkgs/master";
|
latest.url = "github:nixos/nixpkgs/master";
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
./podman.nix
|
./podman.nix
|
||||||
./containers.nix
|
./containers.nix
|
||||||
./podman-dnsname.nix
|
|
||||||
./docker-compat.nix
|
./docker-compat.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,36 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
let
|
|
||||||
inherit (lib)
|
|
||||||
mkOption
|
|
||||||
mkIf
|
|
||||||
types
|
|
||||||
;
|
|
||||||
|
|
||||||
cfg = config.services.podman;
|
|
||||||
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options = {
|
|
||||||
services.podman = {
|
|
||||||
|
|
||||||
defaultNetwork.dnsname.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = ''
|
|
||||||
Enable DNS resolution in the default podman network.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
|
||||||
virtualisation.containers.containersConf.cniPlugins = mkIf cfg.defaultNetwork.dnsname.enable [ pkgs.dnsname-cni ];
|
|
||||||
services.podman.defaultNetwork.extraPlugins =
|
|
||||||
lib.optional cfg.defaultNetwork.dnsname.enable {
|
|
||||||
type = "dnsname";
|
|
||||||
domainName = "dns.podman";
|
|
||||||
capabilities.aliases = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
@ -7,25 +7,9 @@ let
|
||||||
inherit (lib) mkOption types;
|
inherit (lib) mkOption types;
|
||||||
|
|
||||||
podmanPackage = (pkgs.podman.override { inherit (cfg) extraPackages; });
|
podmanPackage = (pkgs.podman.override { inherit (cfg) extraPackages; });
|
||||||
|
|
||||||
net-conflist = pkgs.runCommand "87-podman-bridge.conflist"
|
|
||||||
{
|
|
||||||
nativeBuildInputs = [ pkgs.jq ];
|
|
||||||
extraPlugins = builtins.toJSON cfg.defaultNetwork.extraPlugins;
|
|
||||||
jqScript = ''
|
|
||||||
. + { "plugins": (.plugins + $extraPlugins) }
|
|
||||||
'';
|
|
||||||
} ''
|
|
||||||
jq <${cfg.package}/etc/cni/net.d/87-podman-bridge.conflist \
|
|
||||||
--argjson extraPlugins "$extraPlugins" \
|
|
||||||
"$jqScript" \
|
|
||||||
>$out
|
|
||||||
'';
|
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./podman-dnsname.nix
|
|
||||||
#./podman-network-socket.nix
|
#./podman-network-socket.nix
|
||||||
(lib.mkRenamedOptionModule [ "virtualisation" "podman" "libpod" ] [ "virtualisation" "containers" "containersConf" ])
|
(lib.mkRenamedOptionModule [ "virtualisation" "podman" "libpod" ] [ "virtualisation" "containers" "containersConf" ])
|
||||||
];
|
];
|
||||||
|
|
@ -91,11 +75,21 @@ in
|
||||||
config = lib.mkIf cfg.enable
|
config = lib.mkIf cfg.enable
|
||||||
{
|
{
|
||||||
home.packages = [ cfg.package ];
|
home.packages = [ cfg.package ];
|
||||||
xdg.configFile."cni/net.d/87-podman-bridge.conflist".source = net-conflist;
|
xdg.configFile."containers/networks/podman.json".source = json.generate "podman.json" ({
|
||||||
|
dns_enabled = false;
|
||||||
|
driver = "bridge";
|
||||||
|
id = "0000000000000000000000000000000000000000000000000000000000000000";
|
||||||
|
internal = false;
|
||||||
|
ipam_options = { driver = "host-local"; };
|
||||||
|
ipv6_enabled = false;
|
||||||
|
name = "podman";
|
||||||
|
network_interface = "podman0";
|
||||||
|
subnets = [{ gateway = "10.88.0.1"; subnet = "10.88.0.0/16"; }];
|
||||||
|
});
|
||||||
virtualisation.containers = {
|
virtualisation.containers = {
|
||||||
enable = true; # Enable common /etc/containers configuration
|
enable = true; # Enable common /etc/containers configuration
|
||||||
containersConf.settings = lib.optionalAttrs cfg.enableNvidia {
|
containersConf.settings = lib.optionalAttrs cfg.enableNvidia {
|
||||||
|
network.network_backend = "netavark";
|
||||||
engine = {
|
engine = {
|
||||||
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
|
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
|
||||||
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
|
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
services.podman.enable = true;
|
services.podman.enable = true;
|
||||||
services.podman.defaultNetwork.dnsname.enable = true;
|
|
||||||
services.podman.dockerCompat = {
|
services.podman.dockerCompat = {
|
||||||
dockerSocket.enable = true;
|
dockerSocket.enable = true;
|
||||||
dockerCompose.enable = true;
|
dockerCompose.enable = true;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue