mirror of
https://github.com/nix-community/home-manager.git
synced 2025-03-29 03:04:34 +00:00
ce9cb2496c
Added support for build, image, and volume quadlets Resolved test failures due to podman 5.3.0 upgrade Replaced several instances of pkgs.podman with services.podman.package
106 lines
2.8 KiB
Nix
106 lines
2.8 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let
|
|
cfg = config.services.podman;
|
|
toml = pkgs.formats.toml { };
|
|
in {
|
|
meta.maintainers = with lib.hm.maintainers; [ bamhm182 n-hass ];
|
|
|
|
imports = [
|
|
./builds.nix
|
|
./containers.nix
|
|
./images.nix
|
|
./install-quadlet.nix
|
|
./networks.nix
|
|
./services.nix
|
|
./volumes.nix
|
|
];
|
|
|
|
options.services.podman = {
|
|
enable = lib.mkEnableOption "Podman, a daemonless container engine";
|
|
|
|
settings = {
|
|
containers = lib.mkOption {
|
|
type = toml.type;
|
|
default = { };
|
|
description = "containers.conf configuration";
|
|
};
|
|
|
|
storage = lib.mkOption {
|
|
type = toml.type;
|
|
description = "storage.conf configuration";
|
|
};
|
|
|
|
registries = {
|
|
search = lib.mkOption {
|
|
type = lib.types.listOf lib.types.str;
|
|
default = [ "docker.io" ];
|
|
description = ''
|
|
List of repositories to search.
|
|
'';
|
|
};
|
|
|
|
insecure = lib.mkOption {
|
|
default = [ ];
|
|
type = lib.types.listOf lib.types.str;
|
|
description = ''
|
|
List of insecure repositories.
|
|
'';
|
|
};
|
|
|
|
block = lib.mkOption {
|
|
default = [ ];
|
|
type = lib.types.listOf lib.types.str;
|
|
description = ''
|
|
List of blocked repositories.
|
|
'';
|
|
};
|
|
};
|
|
|
|
policy = lib.mkOption {
|
|
default = { };
|
|
type = lib.types.attrs;
|
|
example = lib.literalExpression ''
|
|
{
|
|
default = [ { type = "insecureAcceptAnything"; } ];
|
|
transports = {
|
|
docker-daemon = {
|
|
"" = [ { type = "insecureAcceptAnything"; } ];
|
|
};
|
|
};
|
|
}
|
|
'';
|
|
description = ''
|
|
Signature verification policy file.
|
|
If this option is empty the default policy file from
|
|
`skopeo` will be used.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
assertions =
|
|
[ (lib.hm.assertions.assertPlatform "podman" pkgs lib.platforms.linux) ];
|
|
|
|
home.packages = [ cfg.package ];
|
|
|
|
services.podman.settings.storage = {
|
|
storage.driver = lib.mkDefault "overlay";
|
|
};
|
|
|
|
xdg.configFile = {
|
|
"containers/policy.json".source = if cfg.settings.policy != { } then
|
|
pkgs.writeText "policy.json" (builtins.toJSON cfg.settings.policy)
|
|
else
|
|
"${pkgs.skopeo.policy}/default-policy.json";
|
|
"containers/registries.conf".source = toml.generate "registries.conf" {
|
|
registries =
|
|
lib.mapAttrs (n: v: { registries = v; }) cfg.settings.registries;
|
|
};
|
|
"containers/storage.conf".source =
|
|
toml.generate "storage.conf" cfg.settings.storage;
|
|
"containers/containers.conf".source =
|
|
toml.generate "containers.conf" cfg.settings.containers;
|
|
};
|
|
};
|
|
}
|