diff options
author | Michael Raskin <7c6f434c@mail.ru> | 2014-09-02 01:04:05 +0400 |
---|---|---|
committer | Michael Raskin <7c6f434c@mail.ru> | 2014-09-02 01:04:05 +0400 |
commit | d140851472e90da38627d948f1c23b9e24856b77 (patch) | |
tree | 004ff944f3c9652f6bfb0d64bd1da9724b50f8eb /nixos | |
parent | 23b3495a253aa4e029cc48ea09629ab1243d9fa5 (diff) | |
parent | 296888b1bcb0b3eb641167973c87686a9103b0dd (diff) | |
download | nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar.gz nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar.bz2 nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar.lz nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar.xz nixlib-d140851472e90da38627d948f1c23b9e24856b77.tar.zst nixlib-d140851472e90da38627d948f1c23b9e24856b77.zip |
Merge pull request #3779 from offlinehacker/docker
full nixos inside docker
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/lib/make-system-tarball.nix | 5 | ||||
-rw-r--r-- | nixos/lib/make-system-tarball.sh | 2 | ||||
-rw-r--r-- | nixos/modules/services/ttys/agetty.nix | 6 | ||||
-rw-r--r-- | nixos/modules/virtualisation/docker-image.nix | 67 |
4 files changed, 78 insertions, 2 deletions
diff --git a/nixos/lib/make-system-tarball.nix b/nixos/lib/make-system-tarball.nix index 8fed9a348827..3bd891fdbc2b 100644 --- a/nixos/lib/make-system-tarball.nix +++ b/nixos/lib/make-system-tarball.nix @@ -15,6 +15,9 @@ # store path whose closure will be copied, and `symlink' is a # symlink to `object' that will be added to the tarball. storeContents ? [] + + # Extra tar arguments +, extraArgs ? "" }: stdenv.mkDerivation { @@ -22,7 +25,7 @@ stdenv.mkDerivation { builder = ./make-system-tarball.sh; buildInputs = [perl xz]; - inherit fileName pathsFromGraph; + inherit fileName pathsFromGraph extraArgs; # !!! should use XML. sources = map (x: x.source) contents; diff --git a/nixos/lib/make-system-tarball.sh b/nixos/lib/make-system-tarball.sh index 096d96ac1c81..2eb668115a6f 100644 --- a/nixos/lib/make-system-tarball.sh +++ b/nixos/lib/make-system-tarball.sh @@ -50,7 +50,7 @@ done mkdir -p $out/tarball -tar cvJf $out/tarball/$fileName.tar.xz * +tar cvJf $out/tarball/$fileName.tar.xz * $extraArgs mkdir -p $out/nix-support echo $system > $out/nix-support/system diff --git a/nixos/modules/services/ttys/agetty.nix b/nixos/modules/services/ttys/agetty.nix index df21ebbd9743..3878b02b1a84 100644 --- a/nixos/modules/services/ttys/agetty.nix +++ b/nixos/modules/services/ttys/agetty.nix @@ -66,6 +66,12 @@ with lib; restartIfChanged = false; }; + systemd.services."console-getty" = + { serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud console 115200,38400,9600 $TERM"; + serviceConfig.Restart = "always"; + restartIfChanged = false; + }; + environment.etc = singleton { # Friendly greeting on the virtual consoles. source = pkgs.writeText "issue" '' diff --git a/nixos/modules/virtualisation/docker-image.nix b/nixos/modules/virtualisation/docker-image.nix new file mode 100644 index 000000000000..13b861dc9884 --- /dev/null +++ b/nixos/modules/virtualisation/docker-image.nix @@ -0,0 +1,67 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l; + +in { + # Create the tarball + system.build.dockerImage = import ../../lib/make-system-tarball.nix { + inherit (pkgs) stdenv perl xz pathsFromGraph; + + contents = []; + extraArgs = "--owner=0"; + storeContents = [ + { object = config.system.build.toplevel + "/init"; + symlink = "/bin/init"; + } + ] ++ (pkgs2storeContents [ pkgs.stdenv ]); + }; + + boot.postBootCommands = + '' + # After booting, register the contents of the Nix store in the Nix + # database. + if [ -f /nix-path-registration ]; then + ${config.nix.package}/bin/nix-store --load-db < /nix-path-registration && + rm /nix-path-registration + fi + + # nixos-rebuild also requires a "system" profile and an + # /etc/NIXOS tag. + touch /etc/NIXOS + ${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system + + # Set virtualisation to docker + echo "docker" > /run/systemd/container + ''; + + + # docker image config + require = [ + ../installer/cd-dvd/channel.nix + ../profiles/minimal.nix + ../profiles/clone-config.nix + ]; + + boot.isContainer = true; + + # Iptables do not work in docker + networking.firewall.enable = false; + + services.openssh.enable = true; + + # Socket activated ssh presents problem in docker + services.openssh.startWhenNeeded = false; + + # Allow the user to login as root without password + security.initialRootPassword = ""; + + # Some more help text. + services.mingetty.helpLine = + '' + + Log in as "root" with an empty password. + ''; +} |