Make docker optional

This commit is contained in:
Simon Bruder 2021-01-17 19:32:01 +01:00
parent a68b429a58
commit 21a8f5a358
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
3 changed files with 38 additions and 29 deletions

View file

@ -9,6 +9,7 @@
sbruder = {
cpu.intel.enable = true;
docker.enable = true;
games.enable = true;
gpu.intel.enable = true;
gui.enable = true;

View file

@ -9,6 +9,7 @@
sbruder = {
cpu.intel.enable = true;
docker.enable = true;
games.enable = true;
gpu.amd.enable = true;
gui.enable = true;

View file

@ -1,36 +1,43 @@
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
docker-compose
docker-credential-helpers
docker-ls
];
# This uses a custom option (instead of `virtualisation.docker.enable`) since
# `virtualisation.oci-containers` conditionally sets
# `virtualisation.docker.enable` and therefore causes an infinite recursion.
options.sbruder.docker.enable = lib.mkEnableOption "docker with ipv6nat";
virtualisation = {
docker = {
enable = true;
logDriver = "journald";
extraOptions = builtins.concatStringsSep " " [
"--ipv6"
"--fixed-cidr-v6=fd00:d0ce:d0ce:d0ce::/64"
];
config = lib.mkIf config.sbruder.docker.enable {
environment.systemPackages = with pkgs; [
docker-compose
docker-credential-helpers
docker-ls
];
virtualisation = {
docker = {
enable = true;
logDriver = "journald";
extraOptions = builtins.concatStringsSep " " [
"--ipv6"
"--fixed-cidr-v6=fd00:d0ce:d0ce:d0ce::/64"
];
};
oci-containers.containers.ipv6nat = {
image = "robbertkl/ipv6nat";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock:ro"
];
extraOptions = [
"--network=host"
"--cap-drop=ALL"
"--cap-add=NET_ADMIN"
"--cap-add=NET_RAW"
"--cap-add=SYS_MODULE"
];
};
};
oci-containers.containers.ipv6nat = {
image = "robbertkl/ipv6nat";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock:ro"
];
extraOptions = [
"--network=host"
"--cap-drop=ALL"
"--cap-add=NET_ADMIN"
"--cap-add=NET_RAW"
"--cap-add=SYS_MODULE"
];
};
environment.etc."modules-load.d/ipv6nat.conf".text = "ip6_tables\n";
};
environment.etc."modules-load.d/ipv6nat.conf".text = "ip6_tables\n";
}