public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/virtualisation/docker.nix
Jaka Hudoklin d6660af8ac nixos/docker: set extraOptions to separatedString type 
This change is needed if you want to pass extraOptions to docker in multiple
nixos modules.
2015-04-25 15:25:15 +02:00

119 lines
3.4 KiB
Nix
Raw Blame History

# Systemd services for docker.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.virtualisation.docker;
pro = config.networking.proxy.default;
proxy_env = optionalAttrs (pro != null) { Environment = "\"http_proxy=${pro}\""; };
in
{
###### interface
options.virtualisation.docker = {
enable =
mkOption {
type = types.bool;
default = false;
description =
''
This option enables docker, a daemon that manages
linux containers. Users in the "docker" group can interact with
the daemon (e.g. to start or stop containers) using the
<command>docker</command> command line tool.
'';
};
socketActivation =
mkOption {
type = types.bool;
default = false;
description =
''
This option enables docker with socket activation. I.e. docker will
start when first called by client.
Note: This is false by default because systemd lower than 214 that
nixos uses so far, doesn't support SocketGroup option, so socket
created by docker has root group now. This will likely be changed
in future. So set this option explicitly to false if you wish.
'';
};
extraOptions =
mkOption {
type = types.separatedString " ";
default = "";
description =
''
The extra command-line options to pass to
<command>docker</command> daemon.
'';
};
};
###### implementation
config = mkIf cfg.enable (mkMerge [
{ environment.systemPackages = [ pkgs.docker ];
users.extraGroups.docker.gid = config.ids.gids.docker;
}
(mkIf cfg.socketActivation {
systemd.services.docker = {
description = "Docker Application Container Engine";
after = [ "network.target" "docker.socket" ];
requires = [ "docker.socket" ];
serviceConfig = {
ExecStart = "${pkgs.docker}/bin/docker --daemon=true --host=fd:// --group=docker ${cfg.extraOptions}";
# I'm not sure if that limits aren't too high, but it's what
# goes in config bundled with docker itself
LimitNOFILE = 1048576;
LimitNPROC = 1048576;
} // proxy_env;
};
systemd.sockets.docker = {
description = "Docker Socket for the API";
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = "/var/run/docker.sock";
SocketMode = "0660";
SocketUser = "root";
SocketGroup = "docker";
};
};
})
(mkIf (!cfg.socketActivation) {
systemd.services.docker = {
description = "Docker Application Container Engine";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.docker}/bin/docker --daemon=true --group=docker ${cfg.extraOptions}";
# I'm not sure if that limits aren't too high, but it's what
# goes in config bundled with docker itself
LimitNOFILE = 1048576;
LimitNPROC = 1048576;
} // proxy_env;
postStart = ''
while ! [ -e /var/run/docker.sock ]; do
sleep 0.1
done
'';
# Presumably some containers are running we don't want to interrupt
restartIfChanged = false;
};
})
]);
}
Reference in New Issue View Git Blame Copy Permalink