Commit c7aca2c92de4

Vincent Demeester <vincent@sbr.pm>
2020-06-01 16:02:10
systems/hokkaido: enable containers ๐Ÿ˜›
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent 2970300
Changed files (3)
systems
hokkaido.nix
users
vincent
containers
default.nix
default.nix
systems/hokkaido.nix
@@ -46,5 +46,18 @@ in
 
   services.fprintd.enable = true;
 
-  virtualisation.containers.enable = true;
+  virtualisation.containers = {
+    enable = true;
+    registries = {
+      search = [ "registry.fedoraproject.org", "registry.access.redhat.com", "registry.centos.org", "docker.io", "quay.io" ];
+    };
+    policy = {
+      default = [{ type = "insecureAcceptAnything"; }];
+      transports = {
+        docker-daemon = {
+          "" = [{ type = "insecureAcceptAnything"; }];
+        };
+      };
+    };
+  };
 }
users/vincent/containers/default.nix
@@ -6,4 +6,9 @@
     ./kubernetes.nix
     ./openshift.nix
   ];
+
+  home.packages = with pkg; [
+    podman
+    skopeo
+  ];
 }
users/vincent/default.nix
@@ -22,6 +22,7 @@ with lib;
     subGidRanges = [{ startGid = 100000; count = 65536; }];
   };
 
+  virtualisation.containers.users = [ "vincent" ];
   security.pam.services.vincent.fprintAuth = config.services.fprintd.enable;
 
   home-manager.users.vincent = lib.mkMerge (