diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-04-27 17:03:12 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-04-27 17:03:12 +0000 |
commit | 45565fd152f4491ad90eb1b52286adec3f79b0c0 (patch) | |
tree | 70a8f57d22e8362272f5f7d381a0d456e1386265 | |
parent | 027548af22217897d93d9e0412120944f6cf728e (diff) | |
download | nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar.gz nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar.bz2 nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar.lz nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar.xz nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.tar.zst nixlib-45565fd152f4491ad90eb1b52286adec3f79b0c0.zip |
modules/podman: init
-rw-r--r-- | modules/users/default.nix | 2 | ||||
-rw-r--r-- | modules/workstation/podman/default.nix | 43 | ||||
-rw-r--r-- | sys/x220.nix | 1 |
3 files changed, 46 insertions, 0 deletions
diff --git a/modules/users/default.nix b/modules/users/default.nix index dbeeb2432d44..261b269a392d 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -15,6 +15,8 @@ in { description = "Alyssa Ross"; home = mkDefault "/home"; uid = mkDefault 1000; + subUidRanges = [ { count = 65536; startUid = 100000; } ]; + subGidRanges = [ { count = 65536; startGid = 100000; } ]; group = "qyliss"; extraGroups = [ "wheel" "networkmanager" ]; shell = pkgs.zsh; diff --git a/modules/workstation/podman/default.nix b/modules/workstation/podman/default.nix new file mode 100644 index 000000000000..491c3786cfd0 --- /dev/null +++ b/modules/workstation/podman/default.nix @@ -0,0 +1,43 @@ +{ pkgs, ... }: + +{ + environment.etc."containers/libpod.conf".text = '' + runtime_path = ["${pkgs.runc}/bin/runc"] + conmon_path = ["${pkgs.conmon}/bin/conmon"] + ''; + + environment.etc."containers/policy.json".text = builtins.toJSON { + # Not insecure when I'm manually pulling images on a workstation. + default = [ { type = "insecureAcceptAnything"; } ]; + }; + + environment.etc."containers/registries.conf".text = '' + [registries.search] + registries = ['docker.io'] + ''; + + environment.systemPackages = with pkgs; + let + podman-bin = writeShellScriptBin "podman" '' + HOME="$XDG_CONFIG_HOME/podman" + exec ${podman}/bin/podman "$@" + ''; + in + [ podman-bin podman.man runc conmon slirp4netns ]; + + xdg.config.users.qyliss.paths."podman/.config/containers/libpod.conf" = + pkgs.writeText "libpod.conf" '' + runtime_path = ["${pkgs.runc}/bin/runc"] + conmon_path = ["${pkgs.conmon}/bin/conmon"] + ''; + + xdg.config.users.qyliss.paths."podman/.config/containers/storage.conf" = + pkgs.writeText "storage.conf" '' + [storage] + driver = "vfs" + runroot = "/tmp/1000" + graphroot = "/home/state/podman/containers/storage" + ''; + + home.qyliss.dirs."state/podman" = {}; +} diff --git a/sys/x220.nix b/sys/x220.nix index 3f1cac7070de..ca725ef11834 100644 --- a/sys/x220.nix +++ b/sys/x220.nix @@ -3,6 +3,7 @@ { imports = [ ../modules/workstation + ../modules/workstation/podman ../modules/nixos-hardware/lenovo/thinkpad/x220 ]; |