diff options
| author | Luke Granger-Brown <git@lukegb.com> | 2021-04-25 11:37:01 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-25 11:37:01 +0100 |
| commit | 0cc25061b0a1d148e74516eeeb37c732a5d97bc6 (patch) | |
| tree | 11a3e05be7d11874ef0f5125592b53b03787a8e3 | |
| parent | 4a67076273c8c566f90e3f0caadce941106314d9 (diff) | |
| parent | d23ba22076f64c9daffedde66376b11796046b40 (diff) | |
| download | nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar.gz nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar.bz2 nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar.lz nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar.xz nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.tar.zst nixpkgs-0cc25061b0a1d148e74516eeeb37c732a5d97bc6.zip | |
Merge pull request #114240 from sorki/containers/nested
nixos/nixos-containers: default boot.enableContainers to true
| -rw-r--r-- | nixos/modules/virtualisation/nixos-containers.nix | 11 | ||||
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-nested.nix | 30 |
3 files changed, 34 insertions, 8 deletions
diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix index f15d5875841..7a1f11ce40d 100644 --- a/nixos/modules/virtualisation/nixos-containers.nix +++ b/nixos/modules/virtualisation/nixos-containers.nix @@ -439,21 +439,16 @@ in default = false; description = '' Whether this NixOS machine is a lightweight container running - in another NixOS system. If set to true, support for nested - containers is disabled by default, but can be reenabled by - setting <option>boot.enableContainers</option> to true. + in another NixOS system. ''; }; boot.enableContainers = mkOption { type = types.bool; - default = !config.boot.isContainer; + default = true; description = '' Whether to enable support for NixOS containers. Defaults to true - (at no cost if containers are not actually used), but only if the - system is not itself a lightweight container of a host. - To enable support for nested containers, this option has to be - explicitly set to true (in the outer container). + (at no cost if containers are not actually used). ''; }; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index a6a1c5619b0..a39145c7e29 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -75,6 +75,7 @@ in containers-ip = handleTest ./containers-ip.nix {}; containers-macvlans = handleTest ./containers-macvlans.nix {}; containers-names = handleTest ./containers-names.nix {}; + containers-nested = handleTest ./containers-nested.nix {}; containers-physical_interfaces = handleTest ./containers-physical_interfaces.nix {}; containers-portforward = handleTest ./containers-portforward.nix {}; containers-reloadable = handleTest ./containers-reloadable.nix {}; diff --git a/nixos/tests/containers-nested.nix b/nixos/tests/containers-nested.nix new file mode 100644 index 00000000000..a653361494f --- /dev/null +++ b/nixos/tests/containers-nested.nix @@ -0,0 +1,30 @@ +# Test for NixOS' container nesting. + +import ./make-test-python.nix ({ pkgs, ... }: { + name = "nested"; + + meta = with pkgs.lib.maintainers; { maintainers = [ sorki ]; }; + + machine = { lib, ... }: + let + makeNested = subConf: { + containers.nested = { + autoStart = true; + privateNetwork = true; + config = subConf; + }; + }; + in makeNested (makeNested { }); + + testScript = '' + machine.start() + machine.wait_for_unit("container@nested.service") + machine.succeed("systemd-run --pty --machine=nested -- machinectl list | grep nested") + print( + machine.succeed( + "systemd-run --pty --machine=nested -- systemd-run --pty --machine=nested -- systemctl status" + ) + ) + ''; +}) + |