nixpkgs/nixos/modules/virtualisation/docker-image.nix

{ ... }:

{
  imports = [
    ../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
  ];

  boot.postBootCommands =
    ''
      # Set virtualisation to docker
      echo "docker" > /run/systemd/container
    '';

  # Iptables do not work in Docker.
  networking.firewall.enable = false;

  # Socket activated ssh presents problem in Docker.
  services.openssh.startWhenNeeded = false;
}

# Example usage:
#
## default.nix
# let
#   nixos = import <nixpkgs/nixos> {
#     configuration = ./configuration.nix;
#     system = "x86_64-linux";
#   };
# in
# nixos.config.system.build.tarball
#
## configuration.nix
# { pkgs, config, lib, ... }:
# {
#   imports = [
#     <nixpkgs/nixos/modules/virtualisation/docker-image.nix>
#     <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
#   ];
#
#   documentation.doc.enable = false;
#
#   environment.systemPackages = with pkgs; [
#     bashInteractive
#     cacert
#     nix
#   ];
# }
#
## Run
# Build the tarball:
# $ nix-build default.nix
# Load into docker:
# $ docker import result/tarball/nixos-system-*.tar.xz nixos-docker
# Boots into systemd
# $ docker run --privileged -it nixos-docker /init
# Log into the container
# $ docker exec -it <container-name> /run/current-system/sw/bin/bash
[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`{ ... }:`
nixos: virtualisation, add basic docker nixos image 2014-08-25 02:48:02 +02:00
nixos: container tarball release - Create container nixos profile - Create lxc-container nixos config using container nixos profile - Docker nixos image, use nixos profile for its base config 2014-12-11 22:58:17 +01:00			`{`
			`imports = [`
container.nix -> docker-container.nix 2015-04-19 21:38:22 +02:00			`../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/`
nixos: container tarball release - Create container nixos profile - Create lxc-container nixos config using container nixos profile - Docker nixos image, use nixos profile for its base config 2014-12-11 22:58:17 +01:00			`];`
nixos: virtualisation, add basic docker nixos image 2014-08-25 02:48:02 +02:00
			`boot.postBootCommands =`
			`''`
			`# Set virtualisation to docker`
nixos: container tarball release - Create container nixos profile - Create lxc-container nixos config using container nixos profile - Docker nixos image, use nixos profile for its base config 2014-12-11 22:58:17 +01:00			`echo "docker" > /run/systemd/container`
nixos: virtualisation, add basic docker nixos image 2014-08-25 02:48:02 +02:00			`'';`

Obsolete security.initialPassword You can now set users.extraUsers.root.initialHashedPassword instead. 2014-11-03 12:30:54 +01:00			`# Iptables do not work in Docker.`
nixos: virtualisation, add basic docker nixos image 2014-08-25 02:48:02 +02:00			`networking.firewall.enable = false;`

Obsolete security.initialPassword You can now set users.extraUsers.root.initialHashedPassword instead. 2014-11-03 12:30:54 +01:00			`# Socket activated ssh presents problem in Docker.`
nixos: virtualisation, add basic docker nixos image 2014-08-25 02:48:02 +02:00			`services.openssh.startWhenNeeded = false;`
			`}`
nixos/docker-image: add example usage 2018-11-23 15:40:10 +00:00
			`# Example usage:`
			`#`
			`## default.nix`
			`# let`
			`# nixos = import <nixpkgs/nixos> {`
			`# configuration = ./configuration.nix;`
			`# system = "x86_64-linux";`
			`# };`
			`# in`
			`# nixos.config.system.build.tarball`
			`#`
			`## configuration.nix`
			`# { pkgs, config, lib, ... }:`
			`# {`
			`# imports = [`
			`# <nixpkgs/nixos/modules/virtualisation/docker-image.nix>`
			`# <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>`
			`# ];`
			`#`
			`# documentation.doc.enable = false;`
			`#`
			`# environment.systemPackages = with pkgs; [`
			`# bashInteractive`
			`# cacert`
			`# nix`
			`# ];`
			`# }`
			`#`
			`## Run`
			`# Build the tarball:`
			`# $ nix-build default.nix`
			`# Load into docker:`
			`# $ docker import result/tarball/nixos-system-*.tar.xz nixos-docker`
			`# Boots into systemd`
			`# $ docker run --privileged -it nixos-docker /init`
			`# Log into the container`
			`# $ docker exec -it <container-name> /run/current-system/sw/bin/bash`