Commit c8edc7cda02c
Changed files (7)
machine
overlays
pkgs
buildkit
profiles
service
machine/shikoku.nix
@@ -7,6 +7,7 @@
../profiles/ssh.nix
../profiles/audio.nix
../profiles/dev.nix
+ ../profiles/buildkitd.nix
../profiles/containerd.nix
../profiles/virtualization.nix
../profiles/dockerization.nix
overlays/sbr.overlay.nix
@@ -11,6 +11,9 @@ self: super: {
containerd-edge = import ../pkgs/containerd {
inherit (self) stdenv lib fetchFromGitHub removeReferencesTo go btrfs-progs;
};
+ buildkit = import ../pkgs/buildkit {
+ inherit (self) stdenv lib fetchFromGitHub buildGoPackage;
+ };
cni = import ../pkgs/cni {
inherit (self) stdenv fetchFromGitHub go;
};
pkgs/buildkit/default.nix
@@ -0,0 +1,16 @@
+{ stdenv, lib, fetchFromGitHub, buildGoPackage }:
+
+buildGoPackage rec {
+ name = "buildkit-unstable-${version}";
+ version = "2018-09-20";
+ rev = "39404586a50d1b9d0fb1c578cf0f4de7bdb7afe5";
+
+goPackagePath = "github.com/moby/buildkit";
+
+ src = fetchFromGitHub {
+ inherit rev;
+ owner = "moby";
+ repo = "buildkit";
+ sha256 = "05dcrsx3ysw35ar1qgzkij87y450fnf1j11rcrxpsndhd4sc06h8";
+ };
+}
pkgs/default.nix
@@ -22,6 +22,9 @@ rec {
cni-plugins = import ./cni/plugins.nix {
inherit (pkgs) stdenv lib fetchFromGitHub go;
};
+ buildkit = import ./buildkit {
+ inherit (pkgs) stdenv lib fetchFromGitHub buildGoPackage;
+ };
stellar = import ./stellar {
inherit (pkgs) stdenv lib fetchFromGitHub removeReferencesTo go;
};
profiles/buildkitd.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [ ./containerd.nix ../service/buildkit.nix ];
+ environment.systemPackages = with pkgs; [
+ buildkit
+ ];
+ virtualisation = {
+ buildkitd= {
+ enable = true;
+ package = pkgs.buildkit;
+ extraOptions = "--oci-worker=false --containerd-worker=true";
+ };
+ };
+}
profiles/users.nix
@@ -7,7 +7,7 @@
isNormalUser = true;
uid = 1000;
createHome = true;
- extraGroups = [ "networkmanager" "wheel" "docker" "vboxusers" "libvirtd" "input" "audio" "video" "scanner" ];
+ extraGroups = [ "networkmanager" "wheel" "docker" "buildkit" "vboxusers" "libvirtd" "input" "audio" "video" "scanner" ];
shell = if config.programs.fish.enable then pkgs.fish else pkgs.bash;
initialPassword = "changeMe";
openssh.authorizedKeys.keys =
service/buildkit.nix
@@ -0,0 +1,103 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ cfg = config.virtualisation.buildkitd;
+
+in
+{
+ ###### interface
+
+ options.virtualisation.buildkitd = {
+ enable =
+ mkOption {
+ type = types.bool;
+ default = false;
+ description =
+ ''
+ This option enables buildkitd
+ '';
+ };
+
+ listenOptions =
+ mkOption {
+ type = types.listOf types.str;
+ default = ["/run/buildkitd/buildkitd.sock"];
+ description =
+ ''
+ A list of unix and tcp buildkitd should listen to. The format follows
+ ListenStream as described in systemd.socket(5).
+ '';
+ };
+
+
+
+ package = mkOption {
+ default = pkgs.buildkitd;
+ type = types.package;
+ example = pkgs.buildkitd;
+ description = ''
+ Buildkitd package to be used in the module
+ '';
+ };
+
+ packages = mkOption {
+ type = types.listOf types.package;
+ default = [ pkgs.runc pkgs.git ];
+ description = "List of packages to be added to buildkitd service path";
+ };
+
+ extraOptions =
+ mkOption {
+ type = types.separatedString " ";
+ default = "";
+ description =
+ ''
+ The extra command-line options to pass to
+ <command>buildkitd</command> daemon.
+ '';
+ };
+ };
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+ users.groups = [
+ { name = "buildkit";
+ gid = 350;
+ }
+ ];
+ environment.systemPackages = [ cfg.package];
+ systemd.packages = [ cfg.package ];
+
+ systemd.services.buildkitd = {
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = [
+ ""
+ ''
+ ${cfg.package}/bin/buildkitd \
+ ${cfg.extraOptions}
+ ''];
+ };
+ path = [cfg.package] ++ cfg.packages;
+ };
+
+
+ systemd.sockets.buildkitd = {
+ description = "Buildkitd Socket for the API";
+ wantedBy = [ "sockets.target" ];
+ socketConfig = {
+ ListenStream = cfg.listenOptions;
+ SocketMode = "0660";
+ SocketUser = "root";
+ SocketGroup = "buildkit";
+ };
+ };
+
+ };
+
+
+}