1
1
Fork 0
nixos/options/custom/containers/default.nix
Myned 16c295d7c1
nix: use tmpfiles.settings instead of rules
Signed-off-by: Myned <dev@bjork.tech>
2024-12-06 19:48:23 -06:00

100 lines
2.4 KiB
Nix

{
config,
inputs,
lib,
pkgs,
...
}:
with lib; let
cfg = config.custom.containers;
in {
options.custom.containers = {
enable = mkOption {default = config.custom.full;};
boot = mkOption {default = false;};
directory = mkOption {default = "/containers";};
docker = mkOption {default = true;};
};
config = mkIf cfg.enable {
virtualisation = {
# https://github.com/hercules-ci/arion
# https://docs.hercules-ci.com/arion/options
# https://docs.hercules-ci.com/arion/deployment#_nixos_module
arion.backend =
if cfg.docker
then "docker"
else "podman-socket";
# https://wiki.nixos.org/wiki/NixOS_Containers
oci-containers.backend =
if cfg.docker
then "docker"
else "podman";
# https://github.com/containers/common/blob/main/docs/containers.conf.5.md
containers = {
enable = true;
containersConf.settings.engine.compose_warning_logs = !cfg.docker;
};
# https://www.docker.com
# https://wiki.nixos.org/wiki/Docker
docker = mkIf cfg.docker {
enable = true;
enableOnBoot = cfg.boot; # Socket activation
storageDriver = "overlay2";
};
# https://github.com/containers/podman
# https://wiki.nixos.org/wiki/Podman
podman = mkIf (!cfg.docker) {
enable = true;
dockerCompat = true; # Drop-in for docker command
dockerSocket.enable = true; # Docker API
defaultNetwork.settings.dns_enabled = true; # Compose container shortnames
autoPrune = {
enable = true;
flags = [
"--all"
"--volumes"
];
};
};
};
environment.systemPackages = with pkgs;
[
# https://github.com/hercules-ci/arion/issues/210
#?? arion-CONTAINER
arion
# https://github.com/aksiksi/compose2nix
# Convert docker-compose.yml to NixOS oci-containers
#?? compose2nix
#// inputs.compose2nix.packages.${system}.default
]
++ optionals (!cfg.docker) [
podman-compose
podman-tui
];
systemd.tmpfiles.settings."10-containers" = {
"/containers" = {
d = {
mode = "0700";
user = "root";
group = "root";
};
};
};
users.users.${config.custom.username}.extraGroups = [
(
if cfg.docker
then "docker"
else "podman"
)
];
};
}