diff options
-rw-r--r-- | nixos/modules/virtualisation/lxd.nix | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index b1ff0337994e..4988886baf60 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -38,6 +38,15 @@ in environment.systemPackages = [ pkgs.lxd ]; + security.apparmor = { + enable = true; + profiles = [ + "${pkgs.lxc}/etc/apparmor.d/usr.bin.lxc-start" + "${pkgs.lxc}/etc/apparmor.d/lxc-containers" + ]; + packages = [ pkgs.lxc ]; + }; + systemd.services.lxd = { description = "LXD Container Management Daemon"; @@ -47,6 +56,10 @@ in # TODO(wkennington): Add lvm2 and thin-provisioning-tools path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ]; + preStart = '' + mkdir -m 0755 -p /var/lib/lxc/rootfs + ''; + serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd"; serviceConfig.Type = "simple"; serviceConfig.KillMode = "process"; # when stopping, leave the containers alone |