Commit 960ba13f87af
Changed files (4)
configuration/custom-packages.nix
@@ -10,8 +10,8 @@
dockerUnstablePkgs = import (fetchNixPkgs {
owner = "NixOS";
repo = "nixpkgs-channels";
- rev = "a6dca0427221d7c249a9b6f1581cf0d73baf51da";
- sha256 = "15fcl29a97f68j1pjywmrjm31rdh1a21jz9airlsbzpl4lc3zhfi";
+ rev = "8ecadc12502d59fc8117ca0ed41ede010448fca4";
+ sha256 = "102wvwixvnbkr547ay6psvv1x31001mb5y17ibkplyikb91xi2ak";
}) {};
# nixos-unstable
unstablePkgs = import (fetchNixPkgs {
machine/wakasu.nix
@@ -14,6 +14,7 @@
../profiles/dev.python.nix
../location/docker.nix
../location/home.nix
+ ../service/containerd.nix
../hardware/thinkpad-t460s.nix
];
@@ -35,6 +36,13 @@
}
];
+ virtualisation = {
+ containerd = {
+ enable = true;
+ #extraOptions = "--label=type=desktop --experimental --init --debug";
+ };
+ };
+
hardware.bluetooth.enable = true;
hardware.trackpoint.enable = false;
profiles/dev.nix
@@ -11,9 +11,7 @@
jq
grc
platinum-searcher
- ripgrep
+ #ripgrep
certstrap
- runc
- containerd
];
}
service/containerd.nix
@@ -0,0 +1,92 @@
+# Systemd services for containerd.
+
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ cfg = config.virtualisation.containerd;
+# proxy_env = optionalAttrs (pro != null) { Environment = "\"http_proxy=${pro}\""; };
+
+in
+
+{
+ ###### interface
+
+ options.virtualisation.containerd = {
+ enable =
+ mkOption {
+ type = types.bool;
+ default = false;
+ description =
+ ''
+ This option enables containerd, a daemon that manages
+ linux containers.
+ '';
+ };
+
+ listenOptions =
+ mkOption {
+ type = types.listOf types.str;
+ default = ["/run/containerd/containerd.sock"];
+ description =
+ ''
+ A list of unix and tcp containerd should listen to. The format follows
+ ListenStream as described in systemd.socket(5).
+ '';
+ };
+
+ extraOptions =
+ mkOption {
+ type = types.separatedString " ";
+ default = "";
+ description =
+ ''
+ The extra command-line options to pass to
+ <command>containerd</command> daemon.
+ '';
+ };
+ };
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = [ pkgs.containerd ];
+ # users.extraGroups.docker.gid = config.ids.gids.docker;
+ systemd.packages = [ pkgs.containerd ];
+
+ systemd.services.containerd = {
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = [
+ ""
+ ''
+ ${pkgs.containerd}/bin/containerd \
+ ${cfg.extraOptions}
+ ''];
+ /*
+ ExecReload=[
+ ""
+ "${pkgs.procps}/bin/kill -s HUP $MAINPID"
+ ];
+ */
+ };
+ };
+
+
+ systemd.sockets.containerd = {
+ description = "Containerd Socket for the API";
+ wantedBy = [ "sockets.target" ];
+ socketConfig = {
+ ListenStream = cfg.listenOptions;
+ SocketMode = "0660";
+ SocketUser = "root";
+ SocketGroup = "root";
+ };
+ };
+
+ };
+
+
+}