commit c7aca2c92de420a8ba89b6a695b9ea93b917dbf1
parent 2970300a05b4a92ea65be91fbeff6f597df91cf0
Author: Vincent Demeester <vincent@sbr.pm>
Date: Mon, 1 Jun 2020 16:02:10 +0200
systems/hokkaido: enable containers 😛
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Diffstat:
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/systems/hokkaido.nix b/systems/hokkaido.nix
@@ -46,5 +46,18 @@ in
services.fprintd.enable = true;
- virtualisation.containers.enable = true;
+ virtualisation.containers = {
+ enable = true;
+ registries = {
+ search = [ "registry.fedoraproject.org", "registry.access.redhat.com", "registry.centos.org", "docker.io", "quay.io" ];
+ };
+ policy = {
+ default = [{ type = "insecureAcceptAnything"; }];
+ transports = {
+ docker-daemon = {
+ "" = [{ type = "insecureAcceptAnything"; }];
+ };
+ };
+ };
+ };
}
diff --git a/users/vincent/containers/default.nix b/users/vincent/containers/default.nix
@@ -6,4 +6,9 @@
./kubernetes.nix
./openshift.nix
];
+
+ home.packages = with pkg; [
+ podman
+ skopeo
+ ];
}
diff --git a/users/vincent/default.nix b/users/vincent/default.nix
@@ -22,6 +22,7 @@ with lib;
subGidRanges = [{ startGid = 100000; count = 65536; }];
};
+ virtualisation.containers.users = [ "vincent" ];
security.pam.services.vincent.fprintAuth = config.services.fprintd.enable;
home-manager.users.vincent = lib.mkMerge (