diff options
| author | stuebinm | 2021-05-12 19:38:45 +0200 |
|---|---|---|
| committer | stuebinm | 2021-05-12 19:38:45 +0200 |
| commit | 49c079b623bbbf56cbab607b1008e3f537f50935 (patch) | |
| tree | 1e9b6f4cdb1eb0356eb4fe6ca24cfae8367f89e9 | |
| parent | 2b83a3f6b808cce5057a96e3911bf17ef4e0b68e (diff) | |
better nix-modules in oci container
Short overview:
- cleaner code
- more comments
- support for systemd services that are configured via `serviceConfig`
- got rid of bash (using dash for everything now)
| -rw-r--r-- | nix-modules/docker-nixos-modules.nix | 77 | ||||
| -rw-r--r-- | nix-modules/example.nix | 2 |
2 files changed, 47 insertions, 32 deletions
diff --git a/nix-modules/docker-nixos-modules.nix b/nix-modules/docker-nixos-modules.nix index 47107a7..6ab2785 100644 --- a/nix-modules/docker-nixos-modules.nix +++ b/nix-modules/docker-nixos-modules.nix @@ -45,46 +45,63 @@ let ]; }; + + in pkgs.dockerTools.buildImage { inherit name; + # coreutils are included since we need them in startup scripts contents = pkgs.coreutils; + # create home directories of users (some services create + # their state paths using this, so even without having + # users it's important) runAsRoot = (with pkgs.lib; strings.concatStrings (mapAttrsToList (n: u: if u ? createHome && u.createHome then ("mkdir -p ${u.home}\n") else "") config.config.users.users)); - config = with pkgs.lib; { - Cmd = pkgs.writeShellScript "main-entrypoint" - (strings.concatStrings - (map (command: "${command}&") - (mapAttrsToList - (name: service: - (pkgs.writeShellScript - "systemd-script-${name}" - '' - #!${pkgs.dash.outPath}/bin/sh - set -ueo pipefail - ${if service ? preStart - then '' - echo ${escapeShellArg name}: running preStart script - ${service.preStart} - '' - else ""} - echo ${name}: starting ... - ${if service ? serviceConfig && service.serviceConfig ? WorkingDirectory - then "cd ${service.serviceConfig.WorkingDirectory}" - else ""} - ${if service ? environment - then (strings.concatStrings - (mapAttrsToList - (n: k: "export ${n}=${escapeShellArg k}\n") - service.environment)) - + service.script - else ""} - '').outPath) - config.config.systemd.services)) + "\n wait"); + # this maps all defined systemd services to simple shell + # scripts that are started when the docker container runs. + # Note that many features of the systemd.services config + # are just ignored (e.g. no auto-restarts yet) + config = with pkgs.lib; with pkgs.lib.strings; { + Cmd = pkgs.writeScript "main-entrypoint" + ("#!${pkgs.dash.outPath}/bin/dash\n" + concatStrings + (map (command: "${command}&\n") + (mapAttrsToList + (name: service: + (pkgs.writeScript "systemd-script-${name}" + '' + #!${pkgs.dash.outPath}/bin/dash + set -ue + + # run the prestart script + ${optionalString (service ? preStart) '' + echo ${escapeShellArg name}: running preStart script + ${service.preStart}''} + + echo ${name}: starting ... + + # set up working directory + ${optionalString (service ? serviceConfig + && service.serviceConfig ? WorkingDirectory) '' + mkdir -p ${service.serviceConfig.WorkingDirectory} + cd ${service.serviceConfig.WorkingDirectory} ''} + + # set up environment variables + ${optionalString (service ? environment) + (concatStrings + (mapAttrsToList + (n: k: "export ${n}=${escapeShellArg k}\n") + service.environment))} + + # start the service + ${if service ? script + then service.script + else service.serviceConfig.ExecStart} + '').outPath) + config.config.systemd.services)) + "\n wait"); }; } diff --git a/nix-modules/example.nix b/nix-modules/example.nix index 2596df6..cbffb4a 100644 --- a/nix-modules/example.nix +++ b/nix-modules/example.nix @@ -8,8 +8,6 @@ import ./docker-nixos-modules.nix { imports = [ <nixpkgs/nixos/modules/services/monitoring/grafana.nix> - <nixpkgs/nixos/modules/services/web-servers/nginx/default.nix> - <nixpkgs/nixos/modules/security/acme.nix> ]; services.grafana = { |