path: root/nix-modules/docker-nixos-modules.nix
diff options
Diffstat (limited to '')
1 files changed, 90 insertions, 0 deletions
diff --git a/nix-modules/docker-nixos-modules.nix b/nix-modules/docker-nixos-modules.nix
new file mode 100644
index 0000000..47107a7
--- /dev/null
+++ b/nix-modules/docker-nixos-modules.nix
@@ -0,0 +1,90 @@
+{ nixpkgsPath ? <nixpkgs>
+, ociconfig
+, name
+, ...}:
+ pkgs = import nixpkgsPath {};
+ dummyOption = with pkgs.lib; mkOption {
+ type = types.attrs;
+ default = {};
+ };
+ systemModule = { lib, config, ... }: {
+ options = {
+ toplevel = lib.mkOption {
+ type = lib.types.str;
+ };
+ systemd = with lib; {
+ services = dummyOption;
+ targets = dummyOption;
+ timers = dummyOption;
+ };
+ environment = dummyOption;
+ users.users = dummyOption;
+ users.groups = dummyOption;
+ meta = dummyOption;
+ networking.enableIPv6 = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ };
+ };
+ config._module.args.pkgs = pkgs;
+ };
+ config = pkgs.lib.evalModules {
+ modules = [
+ systemModule
+ ociconfig
+ "${nixpkgsPath}/nixos/modules/misc/assertions.nix"
+ ];
+ };
+in pkgs.dockerTools.buildImage {
+ inherit name;
+ contents = pkgs.coreutils;
+ runAsRoot = (with pkgs.lib;
+ strings.concatStrings
+ (mapAttrsToList
+ (n: u: if u ? createHome && u.createHome then ("mkdir -p ${u.home}\n") else "")
+ config.config.users.users));
+ config = with pkgs.lib; {
+ Cmd = pkgs.writeShellScript "main-entrypoint"
+ (strings.concatStrings
+ (map (command: "${command}&")
+ (mapAttrsToList
+ (name: service:
+ (pkgs.writeShellScript
+ "systemd-script-${name}"
+ ''
+ #!${pkgs.dash.outPath}/bin/sh
+ set -ueo pipefail
+ ${if service ? preStart
+ then ''
+ echo ${escapeShellArg name}: running preStart script
+ ${service.preStart}
+ ''
+ else ""}
+ echo ${name}: starting ...
+ ${if service ? serviceConfig && service.serviceConfig ? WorkingDirectory
+ then "cd ${service.serviceConfig.WorkingDirectory}"
+ else ""}
+ ${if service ? environment
+ then (strings.concatStrings
+ (mapAttrsToList
+ (n: k: "export ${n}=${escapeShellArg k}\n")
+ service.environment))
+ + service.script
+ else ""}
+ '').outPath)
+ + "\n wait");
+ };