diff options
author | Jaka Hudoklin <jakahudoklin@gmail.com> | 2014-08-25 02:48:02 +0200 |
---|---|---|
committer | Jaka Hudoklin <jakahudoklin@gmail.com> | 2014-08-25 12:00:14 +0200 |
commit | 296888b1bcb0b3eb641167973c87686a9103b0dd (patch) | |
tree | bd9e07e76cbd2de723969c9b5c5440e5a402a5be | |
parent | d77150df30c46b5cdf70aae79893bfb2fbc621a8 (diff) | |
download | nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar.gz nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar.bz2 nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar.lz nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar.xz nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.tar.zst nixpkgs-296888b1bcb0b3eb641167973c87686a9103b0dd.zip |
nixos: virtualisation, add basic docker nixos image
-rw-r--r-- | nixos/modules/virtualisation/docker-image.nix | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/nixos/modules/virtualisation/docker-image.nix b/nixos/modules/virtualisation/docker-image.nix new file mode 100644 index 00000000000..13b861dc988 --- /dev/null +++ b/nixos/modules/virtualisation/docker-image.nix @@ -0,0 +1,67 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l; + +in { + # Create the tarball + system.build.dockerImage = import ../../lib/make-system-tarball.nix { + inherit (pkgs) stdenv perl xz pathsFromGraph; + + contents = []; + extraArgs = "--owner=0"; + storeContents = [ + { object = config.system.build.toplevel + "/init"; + symlink = "/bin/init"; + } + ] ++ (pkgs2storeContents [ pkgs.stdenv ]); + }; + + boot.postBootCommands = + '' + # After booting, register the contents of the Nix store in the Nix + # database. + if [ -f /nix-path-registration ]; then + ${config.nix.package}/bin/nix-store --load-db < /nix-path-registration && + rm /nix-path-registration + fi + + # nixos-rebuild also requires a "system" profile and an + # /etc/NIXOS tag. + touch /etc/NIXOS + ${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system + + # Set virtualisation to docker + echo "docker" > /run/systemd/container + ''; + + + # docker image config + require = [ + ../installer/cd-dvd/channel.nix + ../profiles/minimal.nix + ../profiles/clone-config.nix + ]; + + boot.isContainer = true; + + # Iptables do not work in docker + networking.firewall.enable = false; + + services.openssh.enable = true; + + # Socket activated ssh presents problem in docker + services.openssh.startWhenNeeded = false; + + # Allow the user to login as root without password + security.initialRootPassword = ""; + + # Some more help text. + services.mingetty.helpLine = + '' + + Log in as "root" with an empty password. + ''; +} |