New modules for container managment

2024-08-16 18:22:21 +02:00 · 2024-08-16 18:22:21 +02:00 · 93e9d585cb
commit 93e9d585cb
parent 0a48b3d817
7 changed files with 121 additions and 2 deletions
--- a/modules/virtualisation/default.nix
+++ b/modules/virtualisation/default.nix
@ -3,7 +3,9 @@
    ./docker.nix
    ./libvirtd.nix
    ./lxc.nix
+    ./lxc-guest.nix
    ./podman.nix
-    ./oci-containers
+    ./proxmox.nix
+    # ./oci-containers
  ];
 }
--- a/modules/virtualisation/docker.nix
+++ b/modules/virtualisation/docker.nix
@ -10,7 +10,7 @@ in
  config = lib.mkIf cfg.enable {
    virtualisation = {
      docker = {
-        storageDriver = "btrfs";
+        storageDriver = "overlay2";
        rootless = {
          enable = true;
          setSocketVariable = true;
--- a/modules/virtualisation/lxc-guest.nix
+++ b/modules/virtualisation/lxc-guest.nix
@ -0,0 +1,27 @@
+{ config, lib, ... }:
+let
+  cfg = config.lxcGuest;
+in
+{
+  options.lxcGuest = {
+    enable = lib.mkEnableOption "NixOs inside LXC container";
+  };
+
+  config = lib.mkIf cfg.enable {
+    # start tty0 on serial console
+    systemd.services."getty@tty1" = {
+      enable = lib.mkForce true;
+      wantedBy = [ "getty.target" ]; # to start at boot
+      serviceConfig.Restart = "always"; # restart when session is closed
+    };
+
+    # Supress systemd units that don't work because of LXC.
+    # https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak
+    systemd.suppressedSystemUnits = [
+      "dev-mqueue.mount"
+      "sys-kernel-debug.mount"
+      "sys-fs-fuse-connections.mount"
+    ];
+  };
+
+}
--- a/modules/virtualisation/proxmox.nix
+++ b/modules/virtualisation/proxmox.nix
@ -0,0 +1,48 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.proxmox;
+in
+{
+
+  options.proxmox = {
+    enable = lib.mkEnableOption "If this host is running inside Proxmox";
+
+    privileged = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to enable privileged mounts
+      '';
+    };
+
+    manageNetwork = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to manage network interfaces through nix options
+        When false, systemd-networkd is enabled to accept network
+        configuration from proxmox.
+      '';
+    };
+
+    manageHostName = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to manage hostname through nix options
+        When false, the hostname is picked up from /etc/hostname
+        populated by proxmox.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    proxmoxLXC = {
+      enable = true;
+      privileged = cfg.privileged;
+      manageNetwork = cfg.manageNetwork;
+      manageHostName = cfg.manageHostName;
+    };
+  };
+}