From c4f66eb85d721dcb97f717d4a6f28c3de3ff0f47 Mon Sep 17 00:00:00 2001
From: Ian-Woo Kim <ianwookim@gmail.com>
Date: Mon, 25 May 2015 19:09:53 +0000
Subject: [PATCH] unify extraBindsRW/RO into extraBinds. Now arbitrary mount
 point is supported.

---
 nixos/modules/virtualisation/containers.nix | 37 +++++++++++++--------
 1 file changed, 23 insertions(+), 14 deletions(-)

diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix
index 512b4ee15ec6..bfc75ea3efce 100644
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@@ -41,6 +41,9 @@ let
 
   system = config.nixpkgs.system;
 
+  mkBindFlag = d: if d.isReadOnly then " --bind-ro=${d.host}:${d.container}" else " --bind=${d.host}:${d.container}";
+  mkBindFlags = bs: concatMapStrings mkBindFlag bs;
+
 in
 
 {
@@ -128,25 +131,28 @@ in
               '';
             };
 
-            extraBindsRO = mkOption {
-              type = types.listOf types.str;
+            extraBinds = mkOption {
+              type = types.listOf types.attrs;
 	      default = [];
-	      example = [ "/home/alice" ];
+	      example = [ { host = "/home/alice";
+                            container = "/home";
+			    isReadOnly = false; }
+                        ];
               description =
 	        ''
-                  An extra list of directories that is bound to the container with read-only permission. 
+                  An extra list of directories that is bound to the container.
                 '';
             };
 
-            extraBindsRW = mkOption {
-              type = types.listOf types.str;
-	      default = [];
-	      example = [ "/home/alice" ];
-              description =
-	        ''
-                  An extra list of directories that is bound to the container with read-only permission. 
-                '';
-            };
+            #extraBindsRW = mkOption {
+            #  type = types.listOf types.str;
+	    # default = [];
+	    #  example = [ "/home/alice" ];
+            #  description =
+	    #    ''
+            #      An extra list of directories that is bound to the container with read-only permission. 
+            #    '';
+            #};
 
           };
 
@@ -359,11 +365,14 @@ in
              AUTO_START=1
            ''}
 
-           EXTRABINDS="${concatMapStrings (d: " --bind-ro=${d}") cfg.extraBindsRO + concatMapStrings (d: " --bind=${d}") cfg.extraBindsRW}"
+           EXTRABINDS="${mkBindFlags cfg.extraBinds}"
 
           '';
       }) config.containers;
 
+    #"${concatMapStrings (d: " --bind-ro=${d}") cfg.extraBindsRO + concatMapStrings (d: " --bind=${d}") cfg.extraBindsRW}"
+
+
     # Generate /etc/hosts entries for the containers.
     networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null)
       ''