about summary refs log tree commit diff
path: root/nixos/modules/virtualisation
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2015-12-31 09:47:26 +0100
committerVladimír Čunát <vcunat@gmail.com>2015-12-31 09:53:02 +0100
commitf9f6f41bff2213e199bded515e9b66d1e5c4d7dd (patch)
tree29c5a75228e31f305f42c5b761709a186e406776 /nixos/modules/virtualisation
parentbbcf127c7c9029cba43493d7d25a9d1c65d59152 (diff)
parent468f698f609e123bb0ffae67181d07ac99eb2204 (diff)
downloadnixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar.gz
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar.bz2
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar.lz
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar.xz
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.tar.zst
nixlib-f9f6f41bff2213e199bded515e9b66d1e5c4d7dd.zip
Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
Diffstat (limited to 'nixos/modules/virtualisation')
-rw-r--r--nixos/modules/virtualisation/amazon-image.nix2
-rw-r--r--nixos/modules/virtualisation/amazon-init.nix1
-rw-r--r--nixos/modules/virtualisation/azure-agent.nix6
-rw-r--r--nixos/modules/virtualisation/docker.nix47
-rw-r--r--nixos/modules/virtualisation/qemu-vm.nix18
5 files changed, 33 insertions, 41 deletions
diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix
index bf2364a0459d..7ccc9df740e5 100644
--- a/nixos/modules/virtualisation/amazon-image.nix
+++ b/nixos/modules/virtualisation/amazon-image.nix
@@ -11,7 +11,7 @@ with lib;
 let cfg = config.ec2; in
 
 {
-  imports = [ ../profiles/headless.nix ./ec2-data.nix ./amazon-grow-partition.nix ];
+  imports = [ ../profiles/headless.nix ./ec2-data.nix ./amazon-grow-partition.nix ./amazon-init.nix ];
 
   config = {
 
diff --git a/nixos/modules/virtualisation/amazon-init.nix b/nixos/modules/virtualisation/amazon-init.nix
index 21cbbfda0b68..96cd57e6db5d 100644
--- a/nixos/modules/virtualisation/amazon-init.nix
+++ b/nixos/modules/virtualisation/amazon-init.nix
@@ -44,7 +44,6 @@ let
     nixos-rebuild switch
   '';
 in {
-  imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ];
   boot.postBootCommands = ''
     ${bootScript} &
   '';
diff --git a/nixos/modules/virtualisation/azure-agent.nix b/nixos/modules/virtualisation/azure-agent.nix
index e657cc519396..ef4e3e1e48d4 100644
--- a/nixos/modules/virtualisation/azure-agent.nix
+++ b/nixos/modules/virtualisation/azure-agent.nix
@@ -156,6 +156,12 @@ in
       after = [ "ip-up.target" ];
       wants = [ "ip-up.target" ];
 
+      environment = {
+        GIT_SSL_CAINFO = "/etc/ssl/certs/ca-certificates.crt";
+        OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
+        SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
+      };
+
       path = [ pkgs.e2fsprogs ];
       description = "Windows Azure Agent Service";
       unitConfig.ConditionPathExists = "/etc/waagent.conf";
diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix
index 718ca0851477..97b2927cf1bd 100644
--- a/nixos/modules/virtualisation/docker.nix
+++ b/nixos/modules/virtualisation/docker.nix
@@ -69,7 +69,8 @@ in
         description = ''
           The postStart phase of the systemd service. You may need to
           override this if you are passing in flags to docker which
-          don't cause the socket file to be created.
+          don't cause the socket file to be created. This option is ignored
+          if socket activation is used.
         '';
       };
 
@@ -81,22 +82,29 @@ in
   config = mkIf cfg.enable (mkMerge [
     { environment.systemPackages = [ pkgs.docker ];
       users.extraGroups.docker.gid = config.ids.gids.docker;
-    }
-    (mkIf cfg.socketActivation {
-
       systemd.services.docker = {
         description = "Docker Application Container Engine";
-        after = [ "network.target" "docker.socket" ];
-        requires = [ "docker.socket" ];
+        wantedBy = optional (!cfg.socketActivation) "multi-user.target";
+        after = [ "network.target" ] ++ (optional cfg.socketActivation "docker.socket") ;
+        requires = optional cfg.socketActivation "docker.socket";
         serviceConfig = {
-          ExecStart = "${pkgs.docker}/bin/docker daemon --host=fd:// --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
+          ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${optionalString cfg.socketActivation "--host=fd://"} ${cfg.extraOptions}";
           #  I'm not sure if that limits aren't too high, but it's what
           #  goes in config bundled with docker itself
           LimitNOFILE = 1048576;
           LimitNPROC = 1048576;
         } // proxy_env;
-      };
 
+        path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
+        environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
+
+        postStart = if cfg.socketActivation then "" else cfg.postStart;
+
+        # Presumably some containers are running we don't want to interrupt
+        restartIfChanged = false;
+      };
+    }
+    (mkIf cfg.socketActivation {
       systemd.sockets.docker = {
         description = "Docker Socket for the API";
         wantedBy = [ "sockets.target" ];
@@ -108,29 +116,6 @@ in
         };
       };
     })
-    (mkIf (!cfg.socketActivation) {
-
-      systemd.services.docker = {
-        description = "Docker Application Container Engine";
-        wantedBy = [ "multi-user.target" ];
-        after = [ "network.target" ];
-        serviceConfig = {
-          ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
-          #  I'm not sure if that limits aren't too high, but it's what
-          #  goes in config bundled with docker itself
-          LimitNOFILE = 1048576;
-          LimitNPROC = 1048576;
-        } // proxy_env;
-
-        path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
-        environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
-
-        postStart = cfg.postStart;
-
-        # Presumably some containers are running we don't want to interrupt
-        restartIfChanged = false;
-      };
-    })
   ]);
 
 }
diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix
index 15b0da3bab74..5c4686044430 100644
--- a/nixos/modules/virtualisation/qemu-vm.nix
+++ b/nixos/modules/virtualisation/qemu-vm.nix
@@ -40,16 +40,17 @@ let
       if [ -z "$TMPDIR" -o -z "$USE_TMPDIR" ]; then
           TMPDIR=$(mktemp -d nix-vm.XXXXXXXXXX --tmpdir)
       fi
+
       # Create a directory for exchanging data with the VM.
       mkdir -p $TMPDIR/xchg
 
       ${if cfg.useBootLoader then ''
-        # Create a writable copy/snapshot of the boot disk
-        # A writable boot disk can be booted from automatically
+        # Create a writable copy/snapshot of the boot disk.
+        # A writable boot disk can be booted from automatically.
         ${pkgs.qemu_kvm}/bin/qemu-img create -f qcow2 -b ${bootDisk}/disk.img $TMPDIR/disk.img || exit 1
 
         ${if cfg.useEFIBoot then ''
-          # VM needs a writable flash BIOS
+          # VM needs a writable flash BIOS.
           cp ${bootDisk}/bios.bin $TMPDIR || exit 1
           chmod 0644 $TMPDIR/bios.bin || exit 1
         '' else ''
@@ -76,14 +77,14 @@ let
           -virtfs local,path=$TMPDIR/xchg,security_model=none,mount_tag=xchg \
           -virtfs local,path=''${SHARED_DIR:-$TMPDIR/xchg},security_model=none,mount_tag=shared \
           ${if cfg.useBootLoader then ''
-            -drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=writeback,werror=report \
+            -drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=none,werror=report \
             -drive index=1,id=drive2,file=$TMPDIR/disk.img,media=disk \
             ${if cfg.useEFIBoot then ''
               -pflash $TMPDIR/bios.bin \
             '' else ''
             ''}
           '' else ''
-            -drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=writeback,werror=report \
+            -drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=none,werror=report \
             -kernel ${config.system.build.toplevel}/kernel \
             -initrd ${config.system.build.toplevel}/initrd \
             -append "$(cat ${config.system.build.toplevel}/kernel-params) init=${config.system.build.toplevel}/init regInfo=${regInfo} ${kernelConsole} $QEMU_KERNEL_PARAMS" \
@@ -297,6 +298,7 @@ in
     virtualisation.qemu = {
       options =
         mkOption {
+          type = types.listOf types.unspecified;
           default = [];
           example = [ "-vga std" ];
           description = "Options passed to QEMU.";
@@ -425,19 +427,19 @@ in
         ${if cfg.writableStore then "/nix/.ro-store" else "/nix/store"} =
           { device = "store";
             fsType = "9p";
-            options = "trans=virtio,version=9p2000.L,msize=1048576,cache=loose";
+            options = "trans=virtio,version=9p2000.L,cache=loose";
             neededForBoot = true;
           };
         "/tmp/xchg" =
           { device = "xchg";
             fsType = "9p";
-            options = "trans=virtio,version=9p2000.L,msize=1048576,cache=loose";
+            options = "trans=virtio,version=9p2000.L,cache=loose";
             neededForBoot = true;
           };
         "/tmp/shared" =
           { device = "shared";
             fsType = "9p";
-            options = "trans=virtio,version=9p2000.L,msize=1048576";
+            options = "trans=virtio,version=9p2000.L";
             neededForBoot = true;
           };
       } // optionalAttrs cfg.writableStore
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-17 03:44:40 +0000