BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/virtualisation.oci-containers: follow podman-generated systemd units more closely

Browse source
This commit is contained in:
David Knaack 2022-06-12 15:17:53 +02:00
parent ccc4dc517f
commit 9f7e40205e
1 changed files with 21 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
nixos/modules/virtualisation/oci-containers.nix
View file

@ -250,6 +250,7 @@ let
mkService = name: container: let
dependsOn = map (x: "${cfg.backend}-${x}.service") container.dependsOn;
escapedName = escapeShellArg name;
in {
wantedBy = [] ++ optional (container.autoStart) "multi-user.target";
after = lib.optionals (cfg.backend == "docker") [ "docker.service" "docker.socket" ] ++ dependsOn;
@ -273,16 +274,25 @@ let
${optionalString (container.imageFile != null) ''
${cfg.backend} load -i ${container.imageFile}
''}
${optionalString (cfg.backend == "podman") ''
rm -f /run/podman-${escapedName}.ctr-id
''}
'';
script = concatStringsSep " \\\n " ([
"exec ${cfg.backend} run"
"--rm"
"--name=${escapeShellArg name}"
"--name=${escapedName}"
"--log-driver=${container.log-driver}"
] ++ optional (container.entrypoint != null)
"--entrypoint=${escapeShellArg container.entrypoint}"
++ (mapAttrsToList (k: v: "-e ${escapeShellArg k}=${escapeShellArg v}") container.environment)
++ lib.optionals (cfg.backend == "podman") [
"--cidfile=/run/podman-${escapedName}.ctr-id"
"--cgroups=no-conmon"
"--sdnotify=conmon"
"-d"
"--replace"
] ++ (mapAttrsToList (k: v: "-e ${escapeShellArg k}=${escapeShellArg v}") container.environment)
++ map (f: "--env-file ${escapeShellArg f}") container.environmentFiles
++ map (p: "-p ${escapeShellArg p}") container.ports
++ optional (container.user != null) "-u ${escapeShellArg container.user}"
@ -293,8 +303,12 @@ let
++ map escapeShellArg container.cmd
);
preStop = "[ $SERVICE_RESULT = success ] || ${cfg.backend} stop ${name}";
postStop = "${cfg.backend} rm -f ${name} || true";
preStop = if cfg.backend == "podman"
then "[ $SERVICE_RESULT = success ] || podman stop --ignore --cidfile=/run/podman-${escapedName}.ctr-id"
else "[ $SERVICE_RESULT = success ] || ${cfg.backend} stop ${name}";
postStop = if cfg.backend == "podman"
then "podman rm -f --ignore --cidfile=/run/podman-${escapedName}.ctr-id"
else "${cfg.backend} rm -f ${name} || true";
serviceConfig = {
### There is no generalized way of supporting `reload` for docker
@ -313,6 +327,9 @@ let
# ExecReload = ...;
###
Environment=if cfg.backend == "podman" then "PODMAN_SYSTEMD_UNIT=podman-${name}.service" else {};
Type=if cfg.backend == "podman" then "notify" else {};
NotifyAccess=if cfg.backend == "podman" then "all" else {};
TimeoutStartSec = 0;
TimeoutStopSec = 120;
Restart = "always";