fix: fix virtualisation module
This commit is contained in:
parent
cc7d570681
commit
207fad0d9d
GPG Key ID:
FD266B810DF48DF2
@ -24,6 +24,8 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf (cfg.docker || cfg.libvirt || cfg.podman) {
|
config = mkIf (cfg.docker || cfg.libvirt || cfg.podman) {
|
||||||
|
boot.enableContainers = true;
|
||||||
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
oci-containers.backend = if (!cfg.podman && cfg.docker) then "docker" else "podman";
|
oci-containers.backend = if (!cfg.podman && cfg.docker) then "docker" else "podman";
|
||||||
docker = {
|
docker = {
|
||||||
@ -38,6 +40,7 @@ in
|
|||||||
podman = {
|
podman = {
|
||||||
enable = cfg.podman;
|
enable = cfg.podman;
|
||||||
defaultNetwork.settings.dns_enabled = true;
|
defaultNetwork.settings.dns_enabled = true;
|
||||||
|
dockerCompat = !config.virtualisation.docker.enable;
|
||||||
dockerSocket.enable = !config.virtualisation.docker.enable;
|
dockerSocket.enable = !config.virtualisation.docker.enable;
|
||||||
};
|
};
|
||||||
containers.containersConf.settings = {
|
containers.containersConf.settings = {
|
||||||
@ -98,8 +101,6 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.enableContainers = true;
|
|
||||||
|
|
||||||
environment.systemPackages =
|
environment.systemPackages =
|
||||||
[ ]
|
[ ]
|
||||||
++ optionals cfg.docker [ pkgs.docker-compose ]
|
++ optionals cfg.docker [ pkgs.docker-compose ]
|
||||||
@ -116,19 +117,18 @@ in
|
|||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
trustedInterfaces = mkIf cfg.libvirt [ "virbr0" ];
|
trustedInterfaces = mkIf cfg.libvirt [ "virbr0" ];
|
||||||
interfaces =
|
interfaces = {
|
||||||
{
|
"podman*".allowedUDPPorts = mkIf cfg.podman [
|
||||||
"podman*".allowedUDPPorts = mkIf cfg.podman [
|
53
|
||||||
53
|
5353
|
||||||
5353
|
];
|
||||||
];
|
}
|
||||||
}
|
// mapAttrs (_: _: {
|
||||||
// mapAttrs (_: _: {
|
allowedUDPPorts = [
|
||||||
allowedUDPPorts = [
|
53
|
||||||
53
|
5353
|
||||||
5353
|
];
|
||||||
];
|
}) config.virtualisation.quadlet.networks;
|
||||||
}) config.virtualisation.quadlet.networks;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
security.unprivilegedUsernsClone = true;
|
security.unprivilegedUsernsClone = true;
|
||||||
@ -138,18 +138,26 @@ in
|
|||||||
"/var/lib/libvirt"
|
"/var/lib/libvirt"
|
||||||
"/var/lib/containers"
|
"/var/lib/containers"
|
||||||
];
|
];
|
||||||
|
persist.state.files = [
|
||||||
|
"/etc/subuid"
|
||||||
|
"/etc/subgid"
|
||||||
|
];
|
||||||
|
|
||||||
home-manager = mkIf useHomeManager {
|
home-manager = mkIf useHomeManager {
|
||||||
users.${defaultUser} = {
|
users.${defaultUser} = {
|
||||||
home.file.".config/containers/storage.conf".text = ''
|
home.file.".config/containers/storage.conf".text = mkIf cfg.podman ''
|
||||||
[storage]
|
[storage]
|
||||||
driver = "overlay"
|
driver = "overlay"
|
||||||
'';
|
'';
|
||||||
home.file.".config/libvirt/libvirt.conf".text = ''
|
home.file.".config/libvirt/libvirt.conf".text = mkIf cfg.libvirt ''
|
||||||
uri_default = "qemu:///system"
|
uri_default = "qemu:///system"
|
||||||
'';
|
'';
|
||||||
persist.state.directories = [
|
persist.state.directories = mkIf cfg.podman [
|
||||||
".config/containers"
|
".config/containers"
|
||||||
|
{
|
||||||
|
directory = ".local/share/containers";
|
||||||
|
method = "symlink";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user