dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

nixos/oci-containers: enable login for registry

Browse Source
This commit is contained in:
Tobias Happ 2021-03-09 21:51:32 +01:00 committed by zowoq
parent f674130fc0
commit bbd5cdac29
1 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
nixos/modules/virtualisation/oci-containers.nix
View File

@ -31,6 +31,30 @@ let
example = literalExample "pkgs.dockerTools.buildDockerImage {...};";
};
login = {
username = mkOption {
type = with types; nullOr str;
default = null;
description = "Username for login.";
};
passwordFile = mkOption {
type = with types; nullOr str;
default = null;
description = "Path to file containing password.";
example = "/etc/nixos/dockerhub-password.txt";
};
registry = mkOption {
type = with types; nullOr str;
default = null;
description = "Registry where to login to.";
example = "https://docker.pkg.github.com";
};
};
cmd = mkOption {
type = with types; listOf str;
default = [];
@ -220,6 +244,8 @@ let
};
};
isValidLogin = login: login.username != null && login.passwordFile != null && login.registry != null;
mkService = name: container: let
dependsOn = map (x: "${cfg.backend}-${x}.service") container.dependsOn;
in {
@ -235,6 +261,13 @@ let
preStart = ''
${cfg.backend} rm -f ${name} || true
${optionalString (isValidLogin container.login) ''
cat ${container.login.passwordFile} | \
${cfg.backend} login \
${container.login.registry} \
--username ${container.login.username} \
--password-stdin
''}
${optionalString (container.imageFile != null) ''
${cfg.backend} load -i ${container.imageFile}
''}