commit a54b2e3ba226c9fa3e7f4ec72fbada8e0859a300 · pyrox.dev/nixpkgs

+13 -4

nixos/modules/virtualisation/docker.nix

···

       126
       126
        
               '';

     

       127
       127
        
             };

     

       128
       128
        
           };

     

       129
       129
       +
       

     

       130
       130
       +
           package = mkOption {

     

       131
       131
       +
             default = pkgs.docker;

     

       132
       132
       +
             type = types.package;

     

       133
       133
       +
             example = pkgs.docker-edge;

     

       134
       134
       +
             description = ''

     

       135
       135
       +
               Docker package to be used in the module.

     

       136
       136
       +
             '';

     

       137
       137
       +
           };

     

       129
       138
        
         };

     

       130
       139
        
       

     

       131
       140
        
         ###### implementation

     

       132
       141
        
       

     

       133
       142
        
         config = mkIf cfg.enable (mkMerge [{

     

       134
       134
       -
             environment.systemPackages = [ pkgs.docker ];

     

       143
       143
       +
             environment.systemPackages = [ cfg.package ];

     

       135
       144
        
             users.extraGroups.docker.gid = config.ids.gids.docker;

     

       136
       136
       -
             systemd.packages = [ pkgs.docker ];

     

       145
       145
       +
             systemd.packages = [ cfg.package ];

     

       137
       146
        
       

     

       138
       147
        
             systemd.services.docker = {

     

       139
       148
        
               wantedBy = optional cfg.enableOnBoot "multi-user.target";

     
···

       142
       151
        
                 ExecStart = [

     

       143
       152
        
                   ""

     

       144
       153
        
                   ''

     

       145
       145
       -
                     ${pkgs.docker}/bin/dockerd \

     

       154
       154
       +
                     ${cfg.package}/bin/dockerd \

     

       146
       155
        
                       --group=docker \

     

       147
       156
        
                       --host=fd:// \

     

       148
       157
        
                       --log-driver=${cfg.logDriver} \

     
···

       180
       189
        
               serviceConfig.Type = "oneshot";

     

       181
       190
        
       

     

       182
       191
        
               script = ''

     

       183
       183
       -
                 ${pkgs.docker}/bin/docker system prune -f ${toString cfg.autoPrune.flags}

     

       192
       192
       +
                 ${cfg.package}/bin/docker system prune -f ${toString cfg.autoPrune.flags}

     

       184
       193
        
               '';

     

       185
       194
        
       

     

       186
       195
        
               startAt = optional cfg.autoPrune.enable cfg.autoPrune.dates;

nixos/release-combined.nix

···

       81
       81
        
               (all nixos.tests.boot.uefiUsb)

     

       82
       82
        
               (all nixos.tests.boot-stage1)

     

       83
       83
        
               nixos.tests.hibernate.x86_64-linux # i686 is flaky, see #23107

     

       84
       84
       +
               nixos.tests.docker.x86_64-linux

     

       85
       85
       +
               nixos.tests.docker-edge.x86_64-linux

     

       84
       86
        
               (all nixos.tests.ecryptfs)

     

       85
       87
        
               (all nixos.tests.ipv6)

     

       86
       88
        
               (all nixos.tests.i3wm)

nixos/release.nix

···

       234
       234
        
         tests.containers-hosts = callTest tests/containers-hosts.nix {};

     

       235
       235
        
         tests.containers-macvlans = callTest tests/containers-macvlans.nix {};

     

       236
       236
        
         tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });

     

       237
       237
       +
         tests.docker-edge = hydraJob (import tests/docker-edge.nix { system = "x86_64-linux"; });

     

       237
       238
        
         tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };

     

       238
       239
        
         tests.ecryptfs = callTest tests/ecryptfs.nix {};

     

       239
       240
        
         tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });

+47

nixos/tests/docker-edge.nix

···

       1
       1
       +
       # This test runs docker and checks if simple container starts

     

       2
       2
       +
       

     

       3
       3
       +
       import ./make-test.nix ({ pkgs, ...} : {

     

       4
       4
       +
         name = "docker";

     

       5
       5
       +
         meta = with pkgs.stdenv.lib.maintainers; {

     

       6
       6
       +
           maintainers = [ nequissimus offline ];

     

       7
       7
       +
         };

     

       8
       8
       +
       

     

       9
       9
       +
         nodes = {

     

       10
       10
       +
           docker =

     

       11
       11
       +
             { config, pkgs, ... }:

     

       12
       12
       +
               {

     

       13
       13
       +
                 virtualisation.docker.enable = true;

     

       14
       14
       +
                 virtualisation.docker.package = pkgs.docker-edge;

     

       15
       15
       +
       

     

       16
       16
       +
                 users.users = {

     

       17
       17
       +
                   noprivs = {

     

       18
       18
       +
                     isNormalUser = true;

     

       19
       19
       +
                     description = "Can't access the docker daemon";

     

       20
       20
       +
                     password = "foobar";

     

       21
       21
       +
                   };

     

       22
       22
       +
       

     

       23
       23
       +
                   hasprivs = {

     

       24
       24
       +
                     isNormalUser = true;

     

       25
       25
       +
                     description = "Can access the docker daemon";

     

       26
       26
       +
                     password = "foobar";

     

       27
       27
       +
                     extraGroups = [ "docker" ];

     

       28
       28
       +
                   };

     

       29
       29
       +
                 };

     

       30
       30
       +
               };

     

       31
       31
       +
           };

     

       32
       32
       +
       

     

       33
       33
       +
         testScript = ''

     

       34
       34
       +
           startAll;

     

       35
       35
       +
       

     

       36
       36
       +
           $docker->waitForUnit("sockets.target");

     

       37
       37
       +
           $docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg");

     

       38
       38
       +
           $docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10");

     

       39
       39
       +
           $docker->succeed("docker ps | grep sleeping");

     

       40
       40
       +
           $docker->succeed("sudo -u hasprivs docker ps");

     

       41
       41
       +
           $docker->fail("sudo -u noprivs docker ps");

     

       42
       42
       +
           $docker->succeed("docker stop sleeping");

     

       43
       43
       +
       

     

       44
       44
       +
           # Must match version twice to ensure client and server versions are correct

     

       45
       45
       +
           $docker->succeed('[ $(docker version | grep ${pkgs.docker-edge.version} | wc -l) = "2" ]');

     

       46
       46
       +
         '';

     

       47
       47
       +
       })

+5 -1

nixos/tests/docker.nix

···

       3
       3
        
       import ./make-test.nix ({ pkgs, ...} : {

     

       4
       4
        
         name = "docker";

     

       5
       5
        
         meta = with pkgs.stdenv.lib.maintainers; {

     

       6
       6
       -
           maintainers = [ offline ];

     

       6
       6
       +
           maintainers = [ nequissimus offline ];

     

       7
       7
        
         };

     

       8
       8
        
       

     

       9
       9
        
         nodes = {

     
···

       11
       11
        
             { config, pkgs, ... }:

     

       12
       12
        
               {

     

       13
       13
        
                 virtualisation.docker.enable = true;

     

       14
       14
       +
                 virtualisation.docker.package = pkgs.docker;

     

       14
       15
        
       

     

       15
       16
        
                 users.users = {

     

       16
       17
        
                   noprivs = {

     
···

       39
       40
        
           $docker->succeed("sudo -u hasprivs docker ps");

     

       40
       41
        
           $docker->fail("sudo -u noprivs docker ps");

     

       41
       42
        
           $docker->succeed("docker stop sleeping");

     

       43
       43
       +
       

     

       44
       44
       +
           # Must match version twice to ensure client and server versions are correct

     

       45
       45
       +
           $docker->succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "2" ]');

     

       42
       46
        
         '';

     

       43
       47
        
       })