jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

Move podman to module

Browse Source
This commit is contained in:
Jordan Holt
2024-05-06 15:52:57 +01:00
parent 5726e8ad28
commit 4ca00f7717
3 changed files with 47 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
hosts/library/default.nix
View File

@ -21,10 +21,6 @@ with lib.my;
allowedTCPPorts = [ allowedTCPPorts = [
22 # SSH 22 # SSH
]; ];
interfaces."podman+" = {
allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ];
};
}; };
networkmanager.enable = true; networkmanager.enable = true;
}; };
@ -153,6 +149,7 @@ with lib.my;
services.jellyfin.enable = true; services.jellyfin.enable = true;
modules = { modules = {
podman.enable = true;
security = { security = {
gpg.enable = true; gpg.enable = true;
}; };

1
modules/default.nix
View File

@ -1,6 +1,7 @@
{ {
imports = [ imports = [
./options.nix ./options.nix
./podman.nix
./desktop/gnome.nix ./desktop/gnome.nix
./desktop/hyprland.nix ./desktop/hyprland.nix
./desktop/kde.nix ./desktop/kde.nix

45
modules/podman.nix Normal file
View File

@ -0,0 +1,45 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.modules.podman;
in {
options.modules.podman = {
enable = mkOption {
default = false;
example = true;
description = mdDoc "Enable podman on this host";
};
};
config = mkIf cfg.enable {
virtualisation = {
docker.enable = false;
podman = {
enable = true;
defaultNetwork.settings.dns_enabled = true;
autoPrune = {
enable = true;
dates = "weekly";
flags = [ "--all" ];
};
extraPackages = [ pkgs.zfs ];
};
containers.storage.settings.storage = {
driver = "zfs";
graphroot = "/var/lib/containers/storage";
runroot = "/run/containers/storage";
};
oci-containers.backend = "podman";
};
networking.firewall.interfaces."podman+" = {
allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ];
};
};
}