2024-09-08 19:22:14 -05:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
inputs,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}:
|
2024-09-12 20:50:53 -05:00
|
|
|
with lib; let
|
2024-10-06 10:16:52 -05:00
|
|
|
cfg = config.custom.containers;
|
2024-09-12 20:50:53 -05:00
|
|
|
in {
|
2024-10-06 10:16:52 -05:00
|
|
|
options.custom.containers = {
|
|
|
|
enable = mkOption {default = config.custom.full;};
|
2024-09-12 20:50:53 -05:00
|
|
|
boot = mkOption {default = false;};
|
|
|
|
directory = mkOption {default = "/containers";};
|
|
|
|
docker = mkOption {default = true;};
|
2024-09-08 19:22:14 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
virtualisation = {
|
|
|
|
# https://github.com/hercules-ci/arion
|
|
|
|
# https://docs.hercules-ci.com/arion/options
|
|
|
|
# https://docs.hercules-ci.com/arion/deployment#_nixos_module
|
2024-09-12 20:50:53 -05:00
|
|
|
arion.backend =
|
|
|
|
if cfg.docker
|
|
|
|
then "docker"
|
|
|
|
else "podman-socket";
|
2024-09-08 19:22:14 -05:00
|
|
|
|
|
|
|
# https://wiki.nixos.org/wiki/NixOS_Containers
|
2024-09-12 20:50:53 -05:00
|
|
|
oci-containers.backend =
|
|
|
|
if cfg.docker
|
|
|
|
then "docker"
|
|
|
|
else "podman";
|
2024-09-08 19:22:14 -05:00
|
|
|
|
|
|
|
# https://github.com/containers/common/blob/main/docs/containers.conf.5.md
|
|
|
|
containers = {
|
|
|
|
enable = true;
|
|
|
|
containersConf.settings.engine.compose_warning_logs = !cfg.docker;
|
|
|
|
};
|
|
|
|
|
|
|
|
# https://www.docker.com
|
|
|
|
# https://wiki.nixos.org/wiki/Docker
|
|
|
|
docker = mkIf cfg.docker {
|
|
|
|
enable = true;
|
|
|
|
enableOnBoot = cfg.boot; # Socket activation
|
|
|
|
storageDriver = "overlay2";
|
|
|
|
};
|
|
|
|
|
|
|
|
# https://github.com/containers/podman
|
|
|
|
# https://wiki.nixos.org/wiki/Podman
|
|
|
|
podman = mkIf (!cfg.docker) {
|
|
|
|
enable = true;
|
|
|
|
dockerCompat = true; # Drop-in for docker command
|
|
|
|
dockerSocket.enable = true; # Docker API
|
|
|
|
defaultNetwork.settings.dns_enabled = true; # Compose container shortnames
|
|
|
|
|
|
|
|
autoPrune = {
|
|
|
|
enable = true;
|
|
|
|
flags = [
|
|
|
|
"--all"
|
|
|
|
"--volumes"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-09-12 20:50:53 -05:00
|
|
|
environment.systemPackages = with pkgs;
|
2024-09-08 19:22:14 -05:00
|
|
|
[
|
|
|
|
# https://github.com/hercules-ci/arion/issues/210
|
|
|
|
#?? arion-CONTAINER
|
|
|
|
arion
|
|
|
|
|
|
|
|
# https://github.com/aksiksi/compose2nix
|
|
|
|
# Convert docker-compose.yml to NixOS oci-containers
|
|
|
|
#?? compose2nix
|
|
|
|
#// inputs.compose2nix.packages.${system}.default
|
|
|
|
]
|
|
|
|
++ optionals (!cfg.docker) [
|
|
|
|
podman-compose
|
|
|
|
podman-tui
|
|
|
|
];
|
|
|
|
|
2024-12-06 19:48:23 -06:00
|
|
|
systemd.tmpfiles.settings."10-containers" = {
|
|
|
|
"/containers" = {
|
|
|
|
d = {
|
|
|
|
mode = "0700";
|
|
|
|
user = "root";
|
|
|
|
group = "root";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-09-12 20:50:53 -05:00
|
|
|
users.users.${config.custom.username}.extraGroups = [
|
|
|
|
(
|
|
|
|
if cfg.docker
|
|
|
|
then "docker"
|
|
|
|
else "podman"
|
|
|
|
)
|
|
|
|
];
|
2024-09-08 19:22:14 -05:00
|
|
|
};
|
|
|
|
}
|