nixos/modules/services/networking/docker-registry-server.nix at release-16.03-start · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / networking / docker-registry-server.nix
at release-16.03-start 2.8 kB view raw
 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.nodeDockerRegistry;
 7
 8in {
 9  options.services.nodeDockerRegistry = {
10    enable = mkEnableOption "docker registry service";
11
12    port = mkOption {
13      description = "Docker registry listening port.";
14      default = 8080;
15      type = types.int;
16    };
17
18    users = mkOption {
19      description = "Docker registry list of users.";
20      default = [];
21      options = [{
22        user = mkOption {
23          description = "Docker registry user username.";
24          type = types.str;
25        };
26
27        pass = mkOption {
28          description = "Docker registry user password.";
29          type = types.str;
30        };
31      }];
32      type = types.listOf types.optionSet;
33    };
34
35    onTag = mkOption {
36      description = "Docker registry hook triggered when an image is tagged.";
37      default = "";
38      type = types.str;
39    };
40
41    onImage = mkOption {
42      description = "Docker registry hook triggered when an image metadata is uploaded.";
43      default = "";
44      type = types.str;
45    };
46
47    onLayer = mkOption {
48      description = "Docker registry hook triggered when an when an image layer is uploaded.";
49      default = "";
50      type = types.str;
51    };
52
53    onVerify = mkOption {
54      description = "Docker registry hook triggered when an image layer+metadata has been verified.";
55      default = "";
56      type = types.str;
57    };
58
59    onIndex = mkOption {
60      description = "Docker registry hook triggered when an when an image file system data has been indexed.";
61      default = "";
62      type = types.str;
63    };
64
65    dataDir = mkOption {
66      description = "Docker registry data directory";
67      default = "/var/lib/docker-registry";
68      type = types.path;
69    };
70  };
71
72  config = mkIf cfg.enable {
73    systemd.services.docker-registry-server = {
74      description = "Docker Registry Service.";
75      wantedBy = ["multi-user.target"];
76      after = ["network.target"];
77      script = ''
78        ${pkgs.nodePackages.docker-registry-server}/bin/docker-registry-server \
79          --dir ${cfg.dataDir} \
80          --port ${toString cfg.port} \
81          ${concatMapStringsSep " " (u: "--user ${u.user}:${u.pass}") cfg.users} \
82          ${optionalString (cfg.onTag != "") "--on-tag '${cfg.onTag}'"} \
83          ${optionalString (cfg.onImage != "") "--on-image '${cfg.onImage}'"} \
84          ${optionalString (cfg.onVerify != "") "--on-verify '${cfg.onVerify}'"} \
85          ${optionalString (cfg.onIndex != "") "--on-index '${cfg.onIndex}'"}
86      '';
87
88      serviceConfig.User = "docker-registry";
89    };
90
91    users.extraUsers.docker-registry = {
92      uid = config.ids.uids.docker-registry;
93      description = "Docker registry user";
94      createHome = true;
95      home = cfg.dataDir;
96    };
97  };
98}