derped
/
nixos
1
0
Fork 0
Code Releases Activity

sub-uid/gid are only needed for podman; improve readability

This commit is contained in:
Kevin Baensch 2023-06-14 21:52:10 +02:00
parent 75cf39ee58
commit 89f85e9ff2
Signed by: derped
GPG Key ID: C0F1D326C7626543
2 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
config/users.nix
View File

@ -3,6 +3,8 @@
with lib;
let
withDocker = config.virtualisation.docker.enable;
withPodman = config.virtualisation.podman.enable;
administrators = user: {
name = user.name;
value = let
@ -12,8 +14,8 @@ let
isNormalUser = true;
name = user.name;
uid = user.id;
subUidRanges = [{ startUid = 100000; count = 65536; }];
subGidRanges = [{ startGid = 100000; count = 65536; }];
subUidRanges = optional withPodman [{ startUid = 100000; count = 65536; }];
subGidRanges = optional withPodman [{ startGid = 100000; count = 65536; }];
home = builtins.toPath "/home/${user.name}";
createHome = true;
description = "Administrative user ${user.name}.";
@ -21,8 +23,8 @@ let
extraGroups = [ "audio" "wheel" "network" ]
++ (optionals cfg.xserver.enable ["input" "video"])
++ (optionals cfg.printing.enable [ "cups" "lp" ])
++ (optional (config.virtualisation.docker.enable && !config.virtualisation.podman.enable) "docker")
++ (optional config.virtualisation.podman.enable "podman");
++ (optional (withDocker && !withPodman) "docker")
++ (optional withPodman "podman");
shell = "${pkgs.zsh}/bin/zsh";
passwordFile = passPath;
# TODO: Fix for sops

11
services/podman.nix
View File

@ -2,14 +2,17 @@
with lib;
mkIf (elem "podman" config.machine.services) {
let
withDocker = (elem "docker" config.machine.services);
in mkIf (elem "podman" config.machine.services) {
virtualisation.podman = {
enable = true;
dockerSocket.enable = (elem "docker" config.machine.services);
dockerCompat = (elem "docker" config.machine.services);
dockerSocket.enable = withDocker;
dockerCompat = withDocker;
defaultNetwork = {
settings.dns_enabled = true;
};
};
environment.systemPackages = with pkgs; [ podman-compose ];
environment.systemPackages = (with pkgs; [ podman-compose ]) ++
(optional withDocker pkgs.docker-compose);
}