diff options
-rw-r--r-- | nixos/modules/virtualisation/cri-o.nix | 75 | ||||
-rw-r--r-- | pkgs/applications/audio/csound/default.nix | 4 | ||||
-rw-r--r-- | pkgs/applications/virtualization/containerd/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/tools/analysis/flow/default.nix | 4 | ||||
-rw-r--r-- | pkgs/servers/althttpd/default.nix | 6 |
5 files changed, 54 insertions, 39 deletions
diff --git a/nixos/modules/virtualisation/cri-o.nix b/nixos/modules/virtualisation/cri-o.nix index 8d352e36ef9..c135081959a 100644 --- a/nixos/modules/virtualisation/cri-o.nix +++ b/nixos/modules/virtualisation/cri-o.nix @@ -6,6 +6,9 @@ let crioPackage = (pkgs.cri-o.override { inherit (cfg) extraPackages; }); + format = pkgs.formats.toml { }; + + cfgFile = format.generate "00-default.conf" cfg.settings; in { imports = [ @@ -13,7 +16,7 @@ in ]; meta = { - maintainers = lib.teams.podman.members; + maintainers = teams.podman.members; }; options.virtualisation.cri-o = { @@ -55,7 +58,7 @@ in extraPackages = mkOption { type = with types; listOf package; default = [ ]; - example = lib.literalExample '' + example = literalExample '' [ pkgs.gvisor ] @@ -65,7 +68,7 @@ in ''; }; - package = lib.mkOption { + package = mkOption { type = types.package; default = crioPackage; internal = true; @@ -80,6 +83,15 @@ in description = "Override the network_dir option."; internal = true; }; + + settings = mkOption { + type = format.type; + default = { }; + description = '' + Configuration for cri-o, see + <link xlink:href="https://github.com/cri-o/cri-o/blob/master/docs/crio.conf.5.md"/>. + ''; + }; }; config = mkIf cfg.enable { @@ -87,36 +99,38 @@ in environment.etc."crictl.yaml".source = utils.copyFile "${pkgs.cri-o-unwrapped.src}/crictl.yaml"; - environment.etc."crio/crio.conf.d/00-default.conf".text = '' - [crio] - storage_driver = "${cfg.storageDriver}" - - [crio.image] - ${optionalString (cfg.pauseImage != null) ''pause_image = "${cfg.pauseImage}"''} - ${optionalString (cfg.pauseCommand != null) ''pause_command = "${cfg.pauseCommand}"''} - - [crio.network] - plugin_dirs = ["${pkgs.cni-plugins}/bin/"] - ${optionalString (cfg.networkDir != null) ''network_dir = "${cfg.networkDir}"''} - - [crio.runtime] - cgroup_manager = "systemd" - log_level = "${cfg.logLevel}" - pinns_path = "${cfg.package}/bin/pinns" - hooks_dir = [ - ${lib.optionalString config.virtualisation.containers.ociSeccompBpfHook.enable - ''"${config.boot.kernelPackages.oci-seccomp-bpf-hook}",''} - ] - - ${optionalString (cfg.runtime != null) '' - default_runtime = "${cfg.runtime}" - [crio.runtime.runtimes] - [crio.runtime.runtimes.${cfg.runtime}] - ''} - ''; + virtualisation.cri-o.settings.crio = { + storage_driver = cfg.storageDriver; + + image = { + pause_image = mkIf (cfg.pauseImage != null) cfg.pauseImage; + pause_command = mkIf (cfg.pauseCommand != null) cfg.pauseCommand; + }; + + network = { + plugin_dirs = [ "${pkgs.cni-plugins}/bin" ]; + network_dir = mkIf (cfg.networkDir != null) cfg.networkDir; + }; + + runtime = { + cgroup_manager = "systemd"; + log_level = cfg.logLevel; + manage_ns_lifecycle = true; + pinns_path = "${cfg.package}/bin/pinns"; + hooks_dir = + optional (config.virtualisation.containers.ociSeccompBpfHook.enable) + config.boot.kernelPackages.oci-seccomp-bpf-hook; + + default_runtime = mkIf (cfg.runtime != null) cfg.runtime; + runtimes = mkIf (cfg.runtime != null) { + "${cfg.runtime}" = { }; + }; + }; + }; environment.etc."cni/net.d/10-crio-bridge.conf".source = utils.copyFile "${pkgs.cri-o-unwrapped.src}/contrib/cni/10-crio-bridge.conf"; environment.etc."cni/net.d/99-loopback.conf".source = utils.copyFile "${pkgs.cri-o-unwrapped.src}/contrib/cni/99-loopback.conf"; + environment.etc."crio/crio.conf.d/00-default.conf".source = cfgFile; # Enable common /etc/containers configuration virtualisation.containers.enable = true; @@ -139,6 +153,7 @@ in TimeoutStartSec = "0"; Restart = "on-abnormal"; }; + restartTriggers = [ cfgFile ]; }; }; } diff --git a/pkgs/applications/audio/csound/default.nix b/pkgs/applications/audio/csound/default.nix index dbf895ed02c..029710206f0 100644 --- a/pkgs/applications/audio/csound/default.nix +++ b/pkgs/applications/audio/csound/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { # When updating, please check if https://github.com/csound/csound/issues/1078 # has been fixed in the new version so we can use the normal fluidsynth # version and remove fluidsynth 1.x from nixpkgs again. - version = "6.16.0"; + version = "6.16.2"; hardeningDisable = [ "format" ]; @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { owner = "csound"; repo = "csound"; rev = version; - sha256 = "sha256-1+P2W8auc34sNJdKHUcilOBCK+Is9GHnM+J+M4oNR3U="; + sha256 = "sha256-1rcS3kOspU9ACx45yB8betph4G0hso1OSJQRiabX6tE="; }; cmakeFlags = [ "-DBUILD_CSOUND_AC=0" ] # fails to find Score.hpp diff --git a/pkgs/applications/virtualization/containerd/default.nix b/pkgs/applications/virtualization/containerd/default.nix index ca9ae20f346..0c44805bedd 100644 --- a/pkgs/applications/virtualization/containerd/default.nix +++ b/pkgs/applications/virtualization/containerd/default.nix @@ -10,7 +10,7 @@ buildGoModule rec { pname = "containerd"; - version = "1.5.2"; + version = "1.5.4"; outputs = [ "out" "man" ]; @@ -18,7 +18,7 @@ buildGoModule rec { owner = "containerd"; repo = "containerd"; rev = "v${version}"; - sha256 = "sha256-RDLAmPBjDHCx9al+gstUTrvKc/L0vAm8IEd/mvX5Als="; + sha256 = "sha256-VV1cxA8tDRiPDxKV8OGu3T7sgutmyL+VPNqTeFcVjJA="; }; vendorSha256 = null; diff --git a/pkgs/development/tools/analysis/flow/default.nix b/pkgs/development/tools/analysis/flow/default.nix index 8ac0958ffdd..f602f1b1813 100644 --- a/pkgs/development/tools/analysis/flow/default.nix +++ b/pkgs/development/tools/analysis/flow/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "flow"; - version = "0.155.0"; + version = "0.155.1"; src = fetchFromGitHub { owner = "facebook"; repo = "flow"; rev = "refs/tags/v${version}"; - sha256 = "sha256-NMqglKpVrGgkxnrxSKKUeQ9RZ3eamlO6CDlaHjwKA3I="; + sha256 = "sha256-tlnABN/mcUsR8tgqgrQT+t6joo6wJMeGKtcbjyiVbbE="; }; installPhase = '' diff --git a/pkgs/servers/althttpd/default.nix b/pkgs/servers/althttpd/default.nix index dfb073aa11f..4f1a128dd38 100644 --- a/pkgs/servers/althttpd/default.nix +++ b/pkgs/servers/althttpd/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "althttpd"; - version = "unstable-2021-05-07"; + version = "unstable-2021-06-09"; src = fetchfossil { url = "https://sqlite.org/althttpd/"; - rev = "2c5e3f9f7051a578"; - sha256 = "sha256-+RuogtQAc+zjCWTOiOunu1pXf3LxfdWYQX+24ysJ7uY="; + rev = "0d3b5e232c57e188"; + sha256 = "sha256-vZwpjYYMdP/FgPTAQ9Kdh2RRMovpONqu2v73cCoYyxE="; }; installPhase = '' |