nixos/containers: add catatonit / init_path

https://github.com/containers/common/blob/master/docs/containers.conf.5.md

- Also drop unneeded true from ociSeccompBpfHook
This commit is contained in:
zowoq 2021-03-21 15:49:52 +10:00 committed by Andrey Golovizin
parent be38dc44f3
commit 4b11122749

View file

@ -118,8 +118,9 @@ in
[network]
cni_plugin_dirs = ["${pkgs.cni-plugins}/bin/"]
${lib.optionalString (cfg.ociSeccompBpfHook.enable == true) ''
[engine]
init_path = "${pkgs.catatonit}/bin/catatonit"
${lib.optionalString (cfg.ociSeccompBpfHook.enable) ''
hooks_dir = [
"${config.boot.kernelPackages.oci-seccomp-bpf-hook}",
]