nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-02-07 20:53:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

virtualisation/containers: add support for providing static CDI definitions

Browse Source
This commit is contained in:
Rafael Fernández López 2024-01-28 12:38:16 +01:00
parent 5d874ac468
commit fd464f0543
No known key found for this signature in database
GPG Key ID: A07C55EEE4CCE570
1 changed files with 46 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
nixos/modules/virtualisation/containers.nix
View File

@ -28,6 +28,33 @@ in
description = lib.mdDoc "Enable the OCI seccomp BPF hook"; description = lib.mdDoc "Enable the OCI seccomp BPF hook";
}; };
cdi = mkOption {
type = types.attrs;
default = { };
description = lib.mdDoc ''
Declarative CDI specification. Each key of the attribute set
will be mapped to a file in /etc/cdi. It is required for every
key to be provided in JSON format.
'';
example = {
some-vendor = builtins.fromJSON ''
{
"cdiVersion": "0.5.0",
"kind": "some-vendor.com/foo",
"devices": [],
"containerEdits": []
}
'';
some-other-vendor = {
cdiVersion = "0.5.0";
kind = "some-other-vendor.com/bar";
devices = [];
containerEdits = [];
};
};
};
containersConf.settings = mkOption { containersConf.settings = mkOption {
type = toml.type; type = toml.type;
default = { }; default = { };
@ -124,19 +151,28 @@ in
}; };
}; };
environment.etc."containers/containers.conf".source = environment.etc = let
toml.generate "containers.conf" cfg.containersConf.settings; cdiConfigurationFiles = (lib.attrsets.mapAttrs'
(name: value:
lib.attrsets.nameValuePair "cdi/${name}.json"
{ text = builtins.toJSON value; })
cfg.cdi);
in {
"containers/containers.conf".source =
toml.generate "containers.conf" cfg.containersConf.settings;
environment.etc."containers/storage.conf".source = "containers/storage.conf".source =
toml.generate "storage.conf" cfg.storage.settings; toml.generate "storage.conf" cfg.storage.settings;
environment.etc."containers/registries.conf".source = toml.generate "registries.conf" { "containers/registries.conf".source = toml.generate "registries.conf" {
registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries; registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
}; };
"containers/policy.json".source =
if cfg.policy != { } then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)
else "${pkgs.skopeo.policy}/default-policy.json";
} // cdiConfigurationFiles;
environment.etc."containers/policy.json".source =
if cfg.policy != { } then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)
else "${pkgs.skopeo.policy}/default-policy.json";
}; };
} }