dp/nixcfg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Somehow get docker working on deck

Browse Source
This commit is contained in:
Daniel Patterson
2023-07-05 01:07:56 +01:00
parent a9cae0f3ea
commit 9dfac1e83f
4 changed files with 63 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
users/deck/docker.nix Normal file
View File

@@ -0,0 +1,49 @@
{
pkgs,
lib,
...
}: {
systemd.user.services = let
startup = pkgs.writeScript "dockerd-rootless" ''
#!/bin/sh
exec ${pkgs.rootlesskit}/bin/rootlesskit \
--net=slirp4netns --mtu=65520 \
--slirp4netns-sandbox=auto \
--slirp4netns-seccomp=auto \
--disable-host-loopback --port-driver=builtin \
--copy-up=/etc --copy-up=/run \
--propagation=rslave \
${pkgs.docker}/bin/dockerd
'';
in {
docker = {
Unit = {
Description = "Docker Application Container Engine (Rootless)";
Documentation = ["https://docs.docker.com/go/rootless/"];
};
Service = {
ExecStart = "${startup}";
Environment = ["PATH=${lib.makeBinPath (with pkgs; [fuse-overlayfs rootlesskit slirp4netns docker docker-compose])}:/usr/bin"];
ExecReload = "/bin/kill -s HUP $MAINPID";
TimeoutSec = "0";
RestartSec = "2";
Restart = "always";
StartLimitBurst = "3";
StartLimitInterval = "60s";
LimitNOFILE = "infinity";
LimitNPROC = "infinity";
LimitCORE = "infinity";
TasksMax = "infinity";
Delegate = "yes";
Type = "notify";
NotifyAccess = "all";
KillMode = "mixed";
};
Install = {
WantedBy = ["default.target"];
};
};
};
}