diff options
author | stuebinm | 2021-05-07 23:50:42 +0200 |
---|---|---|
committer | stuebinm | 2021-05-07 23:50:42 +0200 |
commit | 8bb7cbacc2a5a714f940d1cd5aee4d843f40b707 (patch) | |
tree | adfa8dbbe2a714f2c80fdf3da45df066aacbe2b5 /nix-modules/docker-nixos-modules.nix | |
parent | d8a1a9a1c04b147da627a318cc5344c74bd2af36 (diff) |
experimenting with nixos modules in oci containers
See the Readme.org file for what this is.
Diffstat (limited to 'nix-modules/docker-nixos-modules.nix')
-rw-r--r-- | nix-modules/docker-nixos-modules.nix | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/nix-modules/docker-nixos-modules.nix b/nix-modules/docker-nixos-modules.nix new file mode 100644 index 0000000..47107a7 --- /dev/null +++ b/nix-modules/docker-nixos-modules.nix @@ -0,0 +1,90 @@ +{ nixpkgsPath ? <nixpkgs> +, ociconfig +, name +, ...}: + +let + pkgs = import nixpkgsPath {}; + + dummyOption = with pkgs.lib; mkOption { + type = types.attrs; + default = {}; + }; + + systemModule = { lib, config, ... }: { + options = { + toplevel = lib.mkOption { + type = lib.types.str; + }; + + systemd = with lib; { + services = dummyOption; + targets = dummyOption; + timers = dummyOption; + }; + + environment = dummyOption; + users.users = dummyOption; + users.groups = dummyOption; + meta = dummyOption; + + networking.enableIPv6 = lib.mkOption { + type = lib.types.bool; + default = false; + }; + }; + + config._module.args.pkgs = pkgs; + }; + + config = pkgs.lib.evalModules { + modules = [ + systemModule + ociconfig + "${nixpkgsPath}/nixos/modules/misc/assertions.nix" + ]; + }; + +in pkgs.dockerTools.buildImage { + inherit name; + + contents = pkgs.coreutils; + + runAsRoot = (with pkgs.lib; + strings.concatStrings + (mapAttrsToList + (n: u: if u ? createHome && u.createHome then ("mkdir -p ${u.home}\n") else "") + config.config.users.users)); + + config = with pkgs.lib; { + Cmd = pkgs.writeShellScript "main-entrypoint" + (strings.concatStrings + (map (command: "${command}&") + (mapAttrsToList + (name: service: + (pkgs.writeShellScript + "systemd-script-${name}" + '' + #!${pkgs.dash.outPath}/bin/sh + set -ueo pipefail + ${if service ? preStart + then '' + echo ${escapeShellArg name}: running preStart script + ${service.preStart} + '' + else ""} + echo ${name}: starting ... + ${if service ? serviceConfig && service.serviceConfig ? WorkingDirectory + then "cd ${service.serviceConfig.WorkingDirectory}" + else ""} + ${if service ? environment + then (strings.concatStrings + (mapAttrsToList + (n: k: "export ${n}=${escapeShellArg k}\n") + service.environment)) + + service.script + else ""} + '').outPath) + config.config.systemd.services)) + "\n wait"); + }; +} |