From 2bb57ef7761fc9d408bb27b2733d36c8640e0e4b Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Mon, 4 Sep 2017 19:02:05 -0400
Subject: [PATCH 1/2] docker: Allow package selection in module

---
 nixos/modules/virtualisation/docker.nix | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix
index 5a8a0e27436..a9a2095499a 100644
--- a/nixos/modules/virtualisation/docker.nix
+++ b/nixos/modules/virtualisation/docker.nix
@@ -126,14 +126,23 @@ in
         '';
       };
     };
+
+    package = mkOption {
+      default = pkgs.docker;
+      type = types.package;
+      example = pkgs.docker-edge;
+      description = ''
+        Docker package to be used in the module.
+      '';
+    };
   };
 
   ###### implementation
 
   config = mkIf cfg.enable (mkMerge [{
-      environment.systemPackages = [ pkgs.docker ];
+      environment.systemPackages = [ cfg.package ];
       users.extraGroups.docker.gid = config.ids.gids.docker;
-      systemd.packages = [ pkgs.docker ];
+      systemd.packages = [ cfg.package ];
 
       systemd.services.docker = {
         wantedBy = optional cfg.enableOnBoot "multi-user.target";
@@ -142,7 +151,7 @@ in
           ExecStart = [
             ""
             ''
-              ${pkgs.docker}/bin/dockerd \
+              ${cfg.package}/bin/dockerd \
                 --group=docker \
                 --host=fd:// \
                 --log-driver=${cfg.logDriver} \
@@ -180,7 +189,7 @@ in
         serviceConfig.Type = "oneshot";
 
         script = ''
-          ${pkgs.docker}/bin/docker system prune -f ${toString cfg.autoPrune.flags}
+          ${cfg.package}/bin/docker system prune -f ${toString cfg.autoPrune.flags}
         '';
 
         startAt = optional cfg.autoPrune.enable cfg.autoPrune.dates;

From 380ed98bd793b2f3cbf257b7ef9601770c4f8d48 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Mon, 4 Sep 2017 19:02:44 -0400
Subject: [PATCH 2/2] docker: Add test for docker-edge, check for proper
 versions in tests

---
 nixos/release-combined.nix  |  2 ++
 nixos/release.nix           |  1 +
 nixos/tests/docker-edge.nix | 47 +++++++++++++++++++++++++++++++++++++
 nixos/tests/docker.nix      |  6 ++++-
 4 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 nixos/tests/docker-edge.nix

diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix
index 54fd4a15ffc..4bf5df293fe 100644
--- a/nixos/release-combined.nix
+++ b/nixos/release-combined.nix
@@ -81,6 +81,8 @@ in rec {
         (all nixos.tests.boot.uefiUsb)
         (all nixos.tests.boot-stage1)
         nixos.tests.hibernate.x86_64-linux # i686 is flaky, see #23107
+        nixos.tests.docker.x86_64-linux
+        nixos.tests.docker-edge.x86_64-linux
         (all nixos.tests.ecryptfs)
         (all nixos.tests.ipv6)
         (all nixos.tests.i3wm)
diff --git a/nixos/release.nix b/nixos/release.nix
index ca2a164bb6c..0e56fa28c1a 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -234,6 +234,7 @@ in rec {
   tests.containers-hosts = callTest tests/containers-hosts.nix {};
   tests.containers-macvlans = callTest tests/containers-macvlans.nix {};
   tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
+  tests.docker-edge = hydraJob (import tests/docker-edge.nix { system = "x86_64-linux"; });
   tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };
   tests.ecryptfs = callTest tests/ecryptfs.nix {};
   tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });
diff --git a/nixos/tests/docker-edge.nix b/nixos/tests/docker-edge.nix
new file mode 100644
index 00000000000..38d25daff19
--- /dev/null
+++ b/nixos/tests/docker-edge.nix
@@ -0,0 +1,47 @@
+# This test runs docker and checks if simple container starts
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "docker";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ nequissimus offline ];
+  };
+
+  nodes = {
+    docker =
+      { config, pkgs, ... }:
+        {
+          virtualisation.docker.enable = true;
+          virtualisation.docker.package = pkgs.docker-edge;
+
+          users.users = {
+            noprivs = {
+              isNormalUser = true;
+              description = "Can't access the docker daemon";
+              password = "foobar";
+            };
+
+            hasprivs = {
+              isNormalUser = true;
+              description = "Can access the docker daemon";
+              password = "foobar";
+              extraGroups = [ "docker" ];
+            };
+          };
+        };
+    };
+
+  testScript = ''
+    startAll;
+
+    $docker->waitForUnit("sockets.target");
+    $docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg");
+    $docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10");
+    $docker->succeed("docker ps | grep sleeping");
+    $docker->succeed("sudo -u hasprivs docker ps");
+    $docker->fail("sudo -u noprivs docker ps");
+    $docker->succeed("docker stop sleeping");
+
+    # Must match version twice to ensure client and server versions are correct
+    $docker->succeed('[ $(docker version | grep ${pkgs.docker-edge.version} | wc -l) = "2" ]');
+  '';
+})
diff --git a/nixos/tests/docker.nix b/nixos/tests/docker.nix
index 9096a5868f6..c6c8f4cdb5f 100644
--- a/nixos/tests/docker.nix
+++ b/nixos/tests/docker.nix
@@ -3,7 +3,7 @@
 import ./make-test.nix ({ pkgs, ...} : {
   name = "docker";
   meta = with pkgs.stdenv.lib.maintainers; {
-    maintainers = [ offline ];
+    maintainers = [ nequissimus offline ];
   };
 
   nodes = {
@@ -11,6 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : {
       { config, pkgs, ... }:
         {
           virtualisation.docker.enable = true;
+          virtualisation.docker.package = pkgs.docker;
 
           users.users = {
             noprivs = {
@@ -39,5 +40,8 @@ import ./make-test.nix ({ pkgs, ...} : {
     $docker->succeed("sudo -u hasprivs docker ps");
     $docker->fail("sudo -u noprivs docker ps");
     $docker->succeed("docker stop sleeping");
+
+    # Must match version twice to ensure client and server versions are correct
+    $docker->succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "2" ]');
   '';
 })