From af609b02546d5361a8200a024df2c689dbba9d1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 21 Nov 2016 13:11:40 +0000 Subject: [PATCH 1/3] lxcfs: init at 2.0.4 --- pkgs/os-specific/linux/lxcfs/default.nix | 36 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 37 insertions(+) create mode 100644 pkgs/os-specific/linux/lxcfs/default.nix diff --git a/pkgs/os-specific/linux/lxcfs/default.nix b/pkgs/os-specific/linux/lxcfs/default.nix new file mode 100644 index 000000000000..ceaed205db96 --- /dev/null +++ b/pkgs/os-specific/linux/lxcfs/default.nix @@ -0,0 +1,36 @@ +{ stdenv, fetchurl, pkgconfig, help2man, fuse, pam }: + +with stdenv.lib; +stdenv.mkDerivation rec { + name = "lxcfs-${version}"; + version = "2.0.4"; + + src = fetchurl { + url = "https://linuxcontainers.org/downloads/lxcfs/lxcfs-${version}.tar.gz"; + sha256 = "0pfrsn7hqccpcnwg4xk8ds0avb2yc9gyvj7bk2bl90vpwsm35j7y"; + }; + + nativeBuildInputs = [ pkgconfig help2man ]; + buildInputs = [ fuse pam ]; + + configureFlags = [ + "--with-init-script=systemd" + "--sysconfdir=/etc" + "--localstatedir=/var" + ]; + + installFlags = [ "SYSTEMD_UNIT_DIR=\${out}/lib/systemd" ]; + + postFixup = '' + # liblxcfs.so is reloaded with dlopen() + patchelf --set-rpath "$(patchelf --print-rpath "$out/bin/lxcfs"):$out/lib" "$out/bin/lxcfs" + ''; + + meta = { + homepage = https://linuxcontainers.org/lxcfs; + description = "FUSE filesystem for LXC"; + license = licenses.asl20; + platforms = platforms.linux; + maintainers = with maintainers; [ mic92 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 0d9a1f1eb12e..cefa0f6be664 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2637,6 +2637,7 @@ in lshw = callPackage ../tools/system/lshw { }; lxc = callPackage ../os-specific/linux/lxc { }; + lxcfs = callPackage ../os-specific/linux/lxcfs { }; lxd = callPackage ../tools/admin/lxd { }; lzfse = callPackage ../tools/compression/lzfse { }; From aa854f192e34f3bce5f0d9bac42daecbaec16372 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 2 Dec 2016 12:38:41 +0000 Subject: [PATCH 2/3] cgmanager: add module --- nixos/modules/module-list.nix | 1 + nixos/modules/services/system/cgmanager.nix | 27 +++++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 nixos/modules/services/system/cgmanager.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 5ae69ffd2230..bf7a68c6cea9 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -483,6 +483,7 @@ ./services/security/torify.nix ./services/security/tor.nix ./services/security/torsocks.nix + ./services/system/cgmanager.nix ./services/system/cloud-init.nix ./services/system/dbus.nix ./services/system/kerberos.nix diff --git a/nixos/modules/services/system/cgmanager.nix b/nixos/modules/services/system/cgmanager.nix new file mode 100644 index 000000000000..59d3deced867 --- /dev/null +++ b/nixos/modules/services/system/cgmanager.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.cgmanager; +in { + meta.maintainers = [ maintainers.mic92 ]; + + ###### interface + options.services.cgmanager.enable = mkEnableOption "cgmanager"; + + ###### implementation + config = mkIf cfg.enable { + systemd.services.cgmanager = { + wantedBy = [ "multi-user.target" ]; + after = [ "local-fs.target" ]; + description = "Cgroup management daemon"; + restartIfChanged = false; + serviceConfig = { + ExecStart = "${pkgs.cgmanager}/bin/cgmanager -m name=systemd"; + KillMode = "process"; + Restart = "on-failure"; + }; + }; + }; +} From 7c7dc15cbfc8c513173ec461e901bf5271e4b47c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 2 Dec 2016 12:39:04 +0000 Subject: [PATCH 3/3] lxcfs: add module --- nixos/modules/module-list.nix | 1 + nixos/modules/virtualisation/lxcfs.nix | 49 ++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 nixos/modules/virtualisation/lxcfs.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index bf7a68c6cea9..155d7a5ef923 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -618,6 +618,7 @@ ./virtualisation/docker.nix ./virtualisation/libvirtd.nix ./virtualisation/lxc.nix + ./virtualisation/lxcfs.nix ./virtualisation/lxd.nix ./virtualisation/amazon-options.nix ./virtualisation/openvswitch.nix diff --git a/nixos/modules/virtualisation/lxcfs.nix b/nixos/modules/virtualisation/lxcfs.nix new file mode 100644 index 000000000000..48462dc66da8 --- /dev/null +++ b/nixos/modules/virtualisation/lxcfs.nix @@ -0,0 +1,49 @@ +# LXC Configuration + +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.virtualisation.lxc.lxcfs; +in { + meta.maintainers = [ maintainers.mic92 ]; + + ###### interface + options.virtualisation.lxc.lxcfs = { + enable = + mkOption { + type = types.bool; + default = false; + description = '' + This enables LXCFS, a FUSE filesystem for LXC. + To use lxcfs in include the following configuration in your + container configuration: + + virtualisation.lxc.defaultConfig = "lxc.include = ''${pkgs.lxcfs}/share/lxc/config/common.conf.d/00-lxcfs.conf"; + + ''; + }; + }; + + ###### implementation + config = mkIf cfg.enable { + services.cgmanager.enable = true; + + systemd.services.lxcfs = { + description = "FUSE filesystem for LXC"; + wantedBy = [ "multi-user.target" ]; + requires = [ "cgmanager.service" ]; + after = [ "cgmanager.service" ]; + before = [ "lxc.service" ]; + restartIfChanged = false; + serviceConfig = { + ExecStartPre="${pkgs.coreutils}/bin/mkdir -p /var/lib/lxcfs"; + ExecStart="${pkgs.lxcfs}/bin/lxcfs /var/lib/lxcfs"; + ExecStopPost="-${pkgs.fuse}/bin/fusermount -u /var/lib/lxcfs"; + KillMode="process"; + Restart="on-failure"; + }; + }; + }; +}