1 files changed, 16 insertions, 31 deletions

diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix
index 718ca085147..97b2927cf1b 100644
--- a/nixos/modules/virtualisation/docker.nix
+++ b/nixos/modules/virtualisation/docker.nix
@@ -69,7 +69,8 @@ in
         description = ''
           The postStart phase of the systemd service. You may need to
           override this if you are passing in flags to docker which
-          don't cause the socket file to be created.
+          don't cause the socket file to be created. This option is ignored
+          if socket activation is used.
         '';
       };
 
@@ -81,22 +82,29 @@ in
   config = mkIf cfg.enable (mkMerge [
     { environment.systemPackages = [ pkgs.docker ];
       users.extraGroups.docker.gid = config.ids.gids.docker;
-    }
-    (mkIf cfg.socketActivation {
-
       systemd.services.docker = {
         description = "Docker Application Container Engine";
-        after = [ "network.target" "docker.socket" ];
-        requires = [ "docker.socket" ];
+        wantedBy = optional (!cfg.socketActivation) "multi-user.target";
+        after = [ "network.target" ] ++ (optional cfg.socketActivation "docker.socket") ;
+        requires = optional cfg.socketActivation "docker.socket";
         serviceConfig = {
-          ExecStart = "${pkgs.docker}/bin/docker daemon --host=fd:// --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
+          ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${optionalString cfg.socketActivation "--host=fd://"} ${cfg.extraOptions}";
           #  I'm not sure if that limits aren't too high, but it's what
           #  goes in config bundled with docker itself
           LimitNOFILE = 1048576;
           LimitNPROC = 1048576;
         } // proxy_env;
-      };
 
+        path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
+        environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
+
+        postStart = if cfg.socketActivation then "" else cfg.postStart;
+
+        # Presumably some containers are running we don't want to interrupt
+        restartIfChanged = false;
+      };
+    }
+    (mkIf cfg.socketActivation {
       systemd.sockets.docker = {
         description = "Docker Socket for the API";
         wantedBy = [ "sockets.target" ];
@@ -108,29 +116,6 @@ in
         };
       };
     })
-    (mkIf (!cfg.socketActivation) {
-
-      systemd.services.docker = {
-        description = "Docker Application Container Engine";
-        wantedBy = [ "multi-user.target" ];
-        after = [ "network.target" ];
-        serviceConfig = {
-          ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
-          #  I'm not sure if that limits aren't too high, but it's what
-          #  goes in config bundled with docker itself
-          LimitNOFILE = 1048576;
-          LimitNPROC = 1048576;
-        } // proxy_env;
-
-        path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
-        environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
-
-        postStart = cfg.postStart;
-
-        # Presumably some containers are running we don't want to interrupt
-        restartIfChanged = false;
-      };
-    })
   ]);
 
 }