From 4b11122749d7b0ce41a0a39e19d33eb6406e45dc Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Sun, 21 Mar 2021 15:49:52 +1000
Subject: [PATCH] nixos/containers: add catatonit / init_path

https://github.com/containers/common/blob/master/docs/containers.conf.5.md

- Also drop unneeded true from ociSeccompBpfHook
---
 nixos/modules/virtualisation/containers.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix
index 997edf77ba9..148d0221998 100644
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@@ -118,8 +118,9 @@ in
       [network]
       cni_plugin_dirs = ["${pkgs.cni-plugins}/bin/"]
 
-      ${lib.optionalString (cfg.ociSeccompBpfHook.enable == true) ''
       [engine]
+      init_path = "${pkgs.catatonit}/bin/catatonit"
+      ${lib.optionalString (cfg.ociSeccompBpfHook.enable) ''
       hooks_dir = [
         "${config.boot.kernelPackages.oci-seccomp-bpf-hook}",
       ]