nixos-containers: add docs about nested containers

1 files changed, 9 insertions, 3 deletions

diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix
index 2db5c117aa7f..4f5be91939db 100644
--- a/nixos/modules/virtualisation/nixos-containers.nix
+++ b/nixos/modules/virtualisation/nixos-containers.nix
@@ -440,7 +440,9 @@ in
       default = false;
       description = ''
         Whether this NixOS machine is a lightweight container running
-        in another NixOS system.
+        in another NixOS system. If set to true, support for nested
+        containers is disabled by default, but can be reenabled by
+        setting <config>boot.enableContainers</config> to true.
       '';
     };
 
@@ -448,7 +450,11 @@ in
       type = types.bool;
       default = !config.boot.isContainer;
       description = ''
-        Whether to enable support for NixOS containers.
+        Whether to enable support for NixOS containers. Defaults to true
+        (at no cost if containers are not actually used), but only if the
+        system is not itself a lightweight container of a host.
+        To enable support for nested containers, this option has to be
+        explicitly set to true (in the outer container).
       '';
     };
 
@@ -596,7 +602,7 @@ in
               type = with types; attrsOf (submodule { options = networkOptions; });
               default = {};
               description = ''
-                Extra veth-pairs to be created for the container
+                Extra veth-pairs to be created for the container.
               '';
             };