diff options
Diffstat (limited to 'nixos/modules/virtualisation/cri-o.nix')
-rw-r--r-- | nixos/modules/virtualisation/cri-o.nix | 41 |
1 files changed, 31 insertions, 10 deletions
diff --git a/nixos/modules/virtualisation/cri-o.nix b/nixos/modules/virtualisation/cri-o.nix index 61c1e5be277b..e73c5893fb5c 100644 --- a/nixos/modules/virtualisation/cri-o.nix +++ b/nixos/modules/virtualisation/cri-o.nix @@ -5,6 +5,8 @@ with lib; let cfg = config.virtualisation.cri-o; + crioPackage = (pkgs.cri-o.override { inherit (cfg) extraPackages; }); + # Copy configuration files to avoid having the entire sources in the system closure copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} '' cp ${filePath} $out @@ -23,13 +25,13 @@ in enable = mkEnableOption "Container Runtime Interface for OCI (CRI-O)"; storageDriver = mkOption { - type = types.enum ["btrfs" "overlay" "vfs"]; + type = types.enum [ "btrfs" "overlay" "vfs" ]; default = "overlay"; description = "Storage driver to be used"; }; logLevel = mkOption { - type = types.enum ["trace" "debug" "info" "warn" "error" "fatal"]; + type = types.enum [ "trace" "debug" "info" "warn" "error" "fatal" ]; default = "info"; description = "Log level to be used"; }; @@ -45,13 +47,34 @@ in default = "/pause"; description = "Pause command to be executed"; }; + + extraPackages = mkOption { + type = with types; listOf package; + default = [ ]; + example = lib.literalExample '' + [ + pkgs.gvisor + ] + ''; + description = '' + Extra packages to be installed in the CRI-O wrapper. + ''; + }; + + package = lib.mkOption { + type = types.package; + default = crioPackage; + internal = true; + description = '' + The final CRI-O package (including extra packages). + ''; + }; }; config = mkIf cfg.enable { - environment.systemPackages = with pkgs; - [ cri-o cri-tools conmon iptables runc utillinux ]; + environment.systemPackages = [ cfg.package pkgs.cri-tools ]; - environment.etc."crictl.yaml".source = copyFile "${pkgs.cri-o.src}/crictl.yaml"; + environment.etc."crictl.yaml".source = copyFile "${pkgs.cri-o-unwrapped.src}/crictl.yaml"; environment.etc."crio/crio.conf".text = '' [crio] @@ -63,16 +86,14 @@ in [crio.network] plugin_dirs = ["${pkgs.cni-plugins}/bin/"] - network_dir = "/etc/cni/net.d/" [crio.runtime] - conmon = "${pkgs.conmon}/bin/conmon" cgroup_manager = "systemd" log_level = "${cfg.logLevel}" manage_ns_lifecycle = true ''; - environment.etc."cni/net.d/10-crio-bridge.conf".source = copyFile "${pkgs.cri-o.src}/contrib/cni/10-crio-bridge.conf"; + environment.etc."cni/net.d/10-crio-bridge.conf".source = copyFile "${pkgs.cri-o-unwrapped.src}/contrib/cni/10-crio-bridge.conf"; # Enable common /etc/containers configuration virtualisation.containers.enable = true; @@ -82,10 +103,10 @@ in documentation = [ "https://github.com/cri-o/cri-o" ]; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; - path = [ pkgs.utillinux pkgs.runc pkgs.iptables ]; + path = [ cfg.package ]; serviceConfig = { Type = "notify"; - ExecStart = "${pkgs.cri-o}/bin/crio"; + ExecStart = "${cfg.package}/bin/crio"; ExecReload = "/bin/kill -s HUP $MAINPID"; TasksMax = "infinity"; LimitNOFILE = "1048576"; |