home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

docker.nix (1380B)


      1 { config, lib, pkgs, ... }:
      2 
      3 with lib;
      4 let
      5   cfg = config.profiles.docker;
      6 in
      7 {
      8   options = {
      9     profiles.docker = {
     10       enable = mkEnableOption "Enable docker profile";
     11       package = mkOption {
     12         default = pkgs.docker-edge;
     13         description = "docker package to be used";
     14         type = types.package;
     15       };
     16       runcPackage = mkOption {
     17         default = pkgs.runc;
     18         description = "runc package to be used";
     19         type = types.package;
     20       };
     21     };
     22   };
     23   config = mkIf cfg.enable {
     24     virtualisation = {
     25       containerd = {
     26         enable = true;
     27         # autostart = false;
     28       };
     29       # buildkitd = {
     30       #   enable = true;
     31       #   autostart = false;
     32       #   extraOptions = "--oci-worker=false --containerd-worker=true";
     33       # };
     34       docker = {
     35         enable = true;
     36         package = cfg.package;
     37         liveRestore = false;
     38         storageDriver = "overlay2";
     39         extraOptions = "--experimental --add-runtime docker-runc=${cfg.runcPackage}/bin/runc --default-runtime=docker-runc --containerd=/run/containerd/containerd.sock";
     40       };
     41     };
     42     environment.etc."docker/daemon.json".text = ''
     43       {"features":{"buildkit": true}, "insecure-registries": ["172.30.0.0/16", "192.168.12.0/16", "massimo.home:5000", "r.svc.home:5000", "r.svc.home" ]}
     44     '';
     45     networking.firewall.trustedInterfaces = [ "docker0" ];
     46   };
     47 }