62 lines
1.6 KiB
Nix
62 lines
1.6 KiB
Nix
{ lib
|
|
, pkgs
|
|
, config
|
|
, ...
|
|
}:
|
|
with lib; let
|
|
cfg = config.eboskma.docker;
|
|
in
|
|
{
|
|
options.eboskma.docker = {
|
|
enable = mkEnableOption "podman";
|
|
enableNvidia = mkEnableOption "podman NVidia support";
|
|
enableTcpSocket = mkEnableOption "podman TCP socket";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
environment.systemPackages = with pkgs; [ docker-compose ];
|
|
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
enableNvidia = cfg.enableNvidia;
|
|
|
|
autoPrune = {
|
|
enable = true;
|
|
dates = "weekly";
|
|
};
|
|
|
|
daemon.settings = {
|
|
insecure-registries = config.virtualisation.containers.registries.insecure;
|
|
};
|
|
};
|
|
|
|
virtualisation.containers = {
|
|
registries = {
|
|
insecure = [ "docker02.bedum.horus.nu:5000" "yocto-build-server.bedum.horus.nu:5000" "containers.internal.horus.nu" ];
|
|
search = [
|
|
"docker.io"
|
|
"quay.io"
|
|
"docker02.bedum.horus.nu:5000"
|
|
"yocto-build-server.bedum.horus.nu:5000"
|
|
"containers.internal.horus.nu"
|
|
];
|
|
};
|
|
};
|
|
|
|
users.extraUsers.${config.eboskma.var.mainUser}.extraGroups = [ "docker" "podman" ];
|
|
|
|
# services.ghostunnel = mkIf cfg.enableTcpSocket {
|
|
# enable = true;
|
|
# servers."podman-socket" = {
|
|
# listen = "0.0.0.0:2376";
|
|
# target = "unix:/run/podman/podman.sock";
|
|
# allowAll = mkDefault true;
|
|
# extraArguments = ''
|
|
# --auto-acme-cert=mimir.internal.horus.nu
|
|
# --auto-acme-email=erwin@horus.nu
|
|
# --auto-acme-ca=https://mimir.internal.horus.nu
|
|
# '';
|
|
# };
|
|
# };
|
|
};
|
|
}
|