diff options
| author | Masayuki Takeda <mtakeda.enigsol@gmail.com> | 2018-02-10 17:18:53 +0900 |
|---|---|---|
| committer | Masayuki Takeda <mtakeda.enigsol@gmail.com> | 2018-02-10 17:18:53 +0900 |
| commit | 65faff97ffe19bca242166c333eeb6b191aa3dd2 (patch) | |
| tree | 2d08b52a0bbc235fdc82ac6a4e0706575a50aefc /nixos | |
| parent | ad78e52357eb3df0f457c40185504567c7da524e (diff) | |
| download | nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar.gz nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar.bz2 nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar.lz nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar.xz nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.tar.zst nixlib-65faff97ffe19bca242166c333eeb6b191aa3dd2.zip | |
nixos/lxd: partial fix
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/virtualisation/lxd.nix | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index b1ff0337994e..4988886baf60 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -38,6 +38,15 @@ in environment.systemPackages = [ pkgs.lxd ]; + security.apparmor = { + enable = true; + profiles = [ + "${pkgs.lxc}/etc/apparmor.d/usr.bin.lxc-start" + "${pkgs.lxc}/etc/apparmor.d/lxc-containers" + ]; + packages = [ pkgs.lxc ]; + }; + systemd.services.lxd = { description = "LXD Container Management Daemon"; @@ -47,6 +56,10 @@ in # TODO(wkennington): Add lvm2 and thin-provisioning-tools path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ]; + preStart = '' + mkdir -m 0755 -p /var/lib/lxc/rootfs + ''; + serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd"; serviceConfig.Type = "simple"; serviceConfig.KillMode = "process"; # when stopping, leave the containers alone |