lelgenio/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 2 Releases Packages Wiki Activity Actions
nixos-config/system/containers.nix

52 lines
1.2 KiB
Nix
Raw Blame History

{
pkgs,
lib,
config,
...
}:
{
options.my.containers.enable = lib.mkEnableOption { };
config = lib.mkIf config.my.containers.enable {
services.flatpak.enable = true;
programs.appimage.enable = true;
virtualisation.docker = {
enable = true;
autoPrune = {
enable = true;
dates = "monthly";
flags = [
"--all"
"--volumes"
];
};
daemon.settings = {
# needed by bitbucket runner ???
log-driver = "json-file";
log-opts = {
max-size = "10m";
max-file = "3";
};
};
};
networking.firewall.extraCommands = lib.getExe pkgs._docker-block-external-connections;
# Docker punches holes in your firewall
systemd.services.docker-update-firewall = {
script = lib.getExe pkgs._docker-block-external-connections;
};
systemd.timers.docker-update-firewall = {
timerConfig = {
OnCalendar = "minutely";
Unit = "docker-update-firewall.service";
};
wantedBy = [ "multi-user.target" ];
};
programs.extra-container.enable = true;
programs.firejail.enable = true;
};
}
Reference in a new issue View git blame Copy permalink