nixos-container: Make configuration and state directories configurable
/etc/containers is also used by Podman, Skopeo & other popular container tooling so we need to be able to move to another configuration directory. The state move is not strictly a requirement but is good for consistency.
This commit is contained in:
adisbladis
parent
8591989440
commit
7d9a979b2e
2 changed files with 22 additions and 11 deletions
|
|
@ -1,4 +1,10 @@
|
|||
{ substituteAll, perl, shadow, util-linux }:
|
||||
{ substituteAll
|
||||
, perl
|
||||
, shadow
|
||||
, util-linux
|
||||
, configurationDirectory ? "/etc/nixos-containers"
|
||||
, stateDirectory ? "/var/lib/nixos-containers"
|
||||
}:
|
||||
|
||||
substituteAll {
|
||||
name = "nixos-container";
|
||||
|
|
@ -9,6 +15,8 @@ substituteAll {
|
|||
su = "${shadow.su}/bin/su";
|
||||
utillinux = util-linux;
|
||||
|
||||
inherit configurationDirectory stateDirectory;
|
||||
|
||||
postInstall = ''
|
||||
t=$out/share/bash-completion/completions
|
||||
mkdir -p $t
|
||||
|
|
|
|||
|
|
@ -12,6 +12,9 @@ use Time::HiRes;
|
|||
my $nsenter = "@utillinux@/bin/nsenter";
|
||||
my $su = "@su@";
|
||||
|
||||
my $configurationDirectory = "@configurationDirectory@";
|
||||
my $stateDirectory = "@stateDirectory@";
|
||||
|
||||
# Ensure a consistent umask.
|
||||
umask 0022;
|
||||
|
||||
|
|
@ -132,11 +135,11 @@ if (defined $flake && $flake =~ /^(.*)#([^#"]+)$/) {
|
|||
|
||||
# Execute the selected action.
|
||||
|
||||
mkpath("/etc/containers", 0, 0755);
|
||||
mkpath("/var/lib/containers", 0, 0700);
|
||||
mkpath("$configurationDirectory", 0, 0755);
|
||||
mkpath("$stateDirectory", 0, 0700);
|
||||
|
||||
if ($action eq "list") {
|
||||
foreach my $confFile (glob "/etc/containers/*.conf") {
|
||||
foreach my $confFile (glob "$configurationDirectory/*.conf") {
|
||||
$confFile =~ /\/([^\/]+).conf$/ or next;
|
||||
print "$1\n";
|
||||
}
|
||||
|
|
@ -198,15 +201,15 @@ if ($action eq "create") {
|
|||
open(my $lock, '>>', $lockFN) or die "$0: opening $lockFN: $!";
|
||||
flock($lock, LOCK_EX) or die "$0: could not lock $lockFN: $!";
|
||||
|
||||
my $confFile = "/etc/containers/$containerName.conf";
|
||||
my $root = "/var/lib/containers/$containerName";
|
||||
my $confFile = "$configurationDirectory/$containerName.conf";
|
||||
my $root = "$stateDirectory/$containerName";
|
||||
|
||||
# Maybe generate a unique name.
|
||||
if ($ensureUniqueName) {
|
||||
my $base = $containerName;
|
||||
for (my $nr = 0; ; $nr++) {
|
||||
$confFile = "/etc/containers/$containerName.conf";
|
||||
$root = "/var/lib/containers/$containerName";
|
||||
$confFile = "$configurationDirectory/$containerName.conf";
|
||||
$root = "$stateDirectory/$containerName";
|
||||
last unless -e $confFile || -e $root;
|
||||
$containerName = "$base-$nr";
|
||||
}
|
||||
|
|
@ -220,7 +223,7 @@ if ($action eq "create") {
|
|||
|
||||
# Get an unused IP address.
|
||||
my %usedIPs;
|
||||
foreach my $confFile2 (glob "/etc/containers/*.conf") {
|
||||
foreach my $confFile2 (glob "$configurationDirectory/*.conf") {
|
||||
my $s = read_file($confFile2) or die;
|
||||
$usedIPs{$1} = 1 if $s =~ /^HOST_ADDRESS=([0-9\.]+)$/m;
|
||||
$usedIPs{$1} = 1 if $s =~ /^LOCAL_ADDRESS=([0-9\.]+)$/m;
|
||||
|
|
@ -292,10 +295,10 @@ if ($action eq "create") {
|
|||
exit 0;
|
||||
}
|
||||
|
||||
my $root = "/var/lib/containers/$containerName";
|
||||
my $root = "$stateDirectory/$containerName";
|
||||
my $profileDir = "/nix/var/nix/profiles/per-container/$containerName";
|
||||
my $gcRootsDir = "/nix/var/nix/gcroots/per-container/$containerName";
|
||||
my $confFile = "/etc/containers/$containerName.conf";
|
||||
my $confFile = "$configurationDirectory/$containerName.conf";
|
||||
if (!-e $confFile) {
|
||||
if ($action eq "destroy") {
|
||||
exit 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue