From 610ec202dcea5a06baeec789ff625b20a663a114 Mon Sep 17 00:00:00 2001
From: Phillip Cloud <cloud@standard.ai>
Date: Sat, 9 Jan 2021 09:39:16 -0500
Subject: [PATCH] nvidia-docker: split out nvidia-container-runtime into
 separate drv

---
 .../nvidia-container-runtime/default.nix      | 68 +++++++++++++++++++
 .../virtualization/nvidia-docker/default.nix  | 30 --------
 2 files changed, 68 insertions(+), 30 deletions(-)
 create mode 100644 pkgs/applications/virtualization/nvidia-container-runtime/default.nix

diff --git a/pkgs/applications/virtualization/nvidia-container-runtime/default.nix b/pkgs/applications/virtualization/nvidia-container-runtime/default.nix
new file mode 100644
index 000000000000..66d133db63a5
--- /dev/null
+++ b/pkgs/applications/virtualization/nvidia-container-runtime/default.nix
@@ -0,0 +1,68 @@
+{ lib
+, glibc
+, fetchFromGitHub
+, makeWrapper
+, buildGoPackage
+, linkFarm
+, writeShellScript
+, containerRuntimePath
+, configTemplate
+}:
+let
+  isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [
+    {
+      name = "runc";
+      path = containerRuntimePath;
+    }
+  ];
+  warnIfXdgConfigHomeIsSet = writeShellScript "warn_if_xdg_config_home_is_set" ''
+    set -eo pipefail
+
+    if [ -n "$XDG_CONFIG_HOME" ]; then
+      echo >&2 "$(tput setaf 3)warning: \$XDG_CONFIG_HOME=$XDG_CONFIG_HOME$(tput sgr 0)"
+    fi
+  '';
+in
+buildGoPackage rec {
+  pname = "nvidia-container-runtime";
+  version = "3.4.0";
+  src = fetchFromGitHub {
+    owner = "NVIDIA";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "095mks0r4079vawi50pk4zb5jk0g6s9idg2s1w55a0d27jkknldr";
+  };
+  goPackagePath = "github.com/${pname}/src";
+  buildFlagsArray = [ "-ldflags=" "-s -w" ];
+  nativeBuildInputs = [ makeWrapper ];
+  postInstall = ''
+    mv $out/bin/{src,nvidia-container-runtime}
+    mkdir -p $out/etc/nvidia-container-runtime
+
+    # nvidia-container-runtime invokes docker-runc or runc if that isn't
+    # available on PATH.
+    #
+    # Also set XDG_CONFIG_HOME if it isn't already to allow overriding
+    # configuration. This in turn allows users to have the nvidia container
+    # runtime enabled for any number of higher level runtimes like docker and
+    # podman, i.e., there's no need to have mutually exclusivity on what high
+    # level runtime can enable the nvidia runtime because each high level
+    # runtime has its own config.toml file.
+    wrapProgram $out/bin/nvidia-container-runtime \
+      --run "${warnIfXdgConfigHomeIsSet}" \
+      --prefix PATH : ${isolatedContainerRuntimePath} \
+      --set-default XDG_CONFIG_HOME $out/etc
+
+    cp ${configTemplate} $out/etc/nvidia-container-runtime/config.toml
+
+    substituteInPlace $out/etc/nvidia-container-runtime/config.toml \
+      --subst-var-by glibcbin ${lib.getBin glibc}
+  '';
+  meta = with lib; {
+    homepage = "https://github.com/NVIDIA/nvidia-container-runtime";
+    description = "NVIDIA container runtime";
+    license = licenses.bsd3;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ cpcloud ];
+  };
+}
diff --git a/pkgs/applications/virtualization/nvidia-docker/default.nix b/pkgs/applications/virtualization/nvidia-docker/default.nix
index c8c085906227..2a4d8db7e4ba 100644
--- a/pkgs/applications/virtualization/nvidia-docker/default.nix
+++ b/pkgs/applications/virtualization/nvidia-docker/default.nix
@@ -9,33 +9,9 @@
 , glibc
 , docker
 , linkFarm
-, containerRuntimePath ? "${docker}/libexec/docker/runc"
 }:
 
 with lib; let
-  isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [
-    {
-      name = "runc";
-      path = containerRuntimePath;
-    }
-  ];
-
-  nvidia-container-runtime = buildGoPackage rec {
-    pname = "nvidia-container-runtime";
-    version = "3.4.0";
-    src = fetchFromGitHub {
-      owner = "NVIDIA";
-      repo = "nvidia-container-runtime";
-      rev = "v${version}";
-      sha256 = "095mks0r4079vawi50pk4zb5jk0g6s9idg2s1w55a0d27jkknldr";
-    };
-    goPackagePath = "github.com/nvidia-container-runtime/src";
-    buildFlagsArray = [ "-ldflags=" "-s -w" ];
-    postInstall = ''
-      mv $out/bin/{src,nvidia-container-runtime}
-    '';
-  };
-
   nvidia-container-toolkit = buildGoModule rec {
     pname = "nvidia-container-toolkit";
     version = "1.3.0";
@@ -65,8 +41,6 @@ stdenv.mkDerivation rec {
     sha256 = "1n1k7fnimky67s12p2ycaq9mgk245fchq62vgd7bl3bzfcbg0z4h";
   };
 
-  nativeBuildInputs = [ makeWrapper ];
-
   buildPhase = ''
     mkdir bin
 
@@ -74,16 +48,12 @@ stdenv.mkDerivation rec {
     substituteInPlace bin/nvidia-docker --subst-var-by VERSION ${version}
 
     cp ${nvidia-container-toolkit}/bin/nvidia-container-{toolkit,runtime-hook} bin
-    cp ${nvidia-container-runtime}/bin/nvidia-container-runtime bin
   '';
 
   installPhase = ''
     mkdir -p $out/{bin,etc}
     cp -r bin $out
 
-    # nvidia-container-runtime invokes docker-runc or runc if that isn't available on PATH
-    wrapProgram $out/bin/nvidia-container-runtime --prefix PATH : ${isolatedContainerRuntimePath}
-
     cp ${./config.toml} $out/etc/config.toml
     substituteInPlace $out/etc/config.toml --subst-var-by glibcbin ${lib.getBin glibc}