nixos/modules/programs/singularity.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / programs / singularity.nix

at 23.05-pre 1.1 kB view raw

 1{ config, pkgs, lib, ... }:
 2
 3with lib;
 4let
 5  cfg = config.programs.singularity;
 6  singularity = pkgs.singularity.overrideAttrs (attrs : {
 7    installPhase = attrs.installPhase + ''
 8      mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig
 9      ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid
10    '';
11  });
12in {
13  options.programs.singularity = {
14    enable = mkEnableOption (lib.mdDoc "Singularity");
15  };
16
17  config = mkIf cfg.enable {
18      environment.systemPackages = [ singularity ];
19      security.wrappers.singularity-suid =
20      { setuid = true;
21        owner = "root";
22        group = "root";
23        source = "${singularity}/libexec/singularity/bin/starter-suid.orig";
24      };
25      systemd.tmpfiles.rules = [
26        "d /var/singularity/mnt/session 0770 root root -"
27        "d /var/singularity/mnt/final 0770 root root -"
28        "d /var/singularity/mnt/overlay 0770 root root -"
29        "d /var/singularity/mnt/container 0770 root root -"
30        "d /var/singularity/mnt/source 0770 root root -"
31      ];
32  };
33
34}