pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5{
6
7 config = mkIf config.boot.isContainer {
8
9 # Disable some features that are not useful in a container.
10 nix.optimise.automatic = mkDefault false; # the store is host managed
11 services.udisks2.enable = mkDefault false;
12 powerManagement.enable = mkDefault false;
13 documentation.nixos.enable = mkDefault false;
14
15 networking.useHostResolvConf = mkDefault true;
16
17 # Containers should be light-weight, so start sshd on demand.
18 services.openssh.startWhenNeeded = mkDefault true;
19
20 # Shut up warnings about not having a boot loader.
21 system.build.installBootLoader = "${pkgs.coreutils}/bin/true";
22
23 # Not supported in systemd-nspawn containers.
24 security.audit.enable = false;
25
26 # Use the host's nix-daemon.
27 environment.variables.NIX_REMOTE = "daemon";
28
29 };
30
31}