lxd: 2.16 -> 3.0.0

This commit is contained in:
Jörg Thalheim 2018-03-16 09:58:54 +00:00
parent 615599c695
commit 7663de114a
5 changed files with 65 additions and 205 deletions

View File

@ -305,6 +305,8 @@ in
} }
]; ];
virtualisation.lxd.zfsSupport = true;
boot = { boot = {
kernelModules = [ "spl" "zfs" ] ; kernelModules = [ "spl" "zfs" ] ;
extraModulePackages = with packages; [ spl zfs ]; extraModulePackages = with packages; [ spl zfs ];

View File

@ -74,6 +74,9 @@ in
systemd.tmpfiles.rules = [ "d /var/lib/lxc/rootfs 0755 root root -" ]; systemd.tmpfiles.rules = [ "d /var/lib/lxc/rootfs 0755 root root -" ];
security.apparmor.packages = [ pkgs.lxc ]; security.apparmor.packages = [ pkgs.lxc ];
security.apparmor.profiles = [ "${pkgs.lxc}/etc/apparmor.d/lxc-containers" ]; security.apparmor.profiles = [
"${pkgs.lxc}/etc/apparmor.d/lxc-containers"
"${pkgs.lxc}/etc/apparmor.d/usr.bin.lxc-start"
];
}; };
} }

View File

@ -15,28 +15,34 @@ in
options = { options = {
virtualisation.lxd.enable = virtualisation.lxd = {
mkOption { enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = description = ''
'' This option enables lxd, a daemon that manages
This option enables lxd, a daemon that manages containers. Users in the "lxd" group can interact with
containers. Users in the "lxd" group can interact with the daemon (e.g. to start or stop containers) using the
the daemon (e.g. to start or stop containers) using the <command>lxc</command> command line tool, among others.
<command>lxc</command> command line tool, among others. '';
'';
}; };
zfsSupport = mkOption {
type = types.bool;
default = false;
description = ''
enables lxd to use zfs as a storage for containers.
This option is enabled by default if a zfs pool is configured
with nixos.
'';
};
};
}; };
###### implementation ###### implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = environment.systemPackages = [ pkgs.lxd ];
[ pkgs.lxd ];
security.apparmor = { security.apparmor = {
enable = true; enable = true;
@ -47,31 +53,31 @@ in
packages = [ pkgs.lxc ]; packages = [ pkgs.lxc ];
}; };
systemd.services.lxd = systemd.services.lxd = {
{ description = "LXD Container Management Daemon"; description = "LXD Container Management Daemon";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "systemd-udev-settle.service" ]; after = [ "systemd-udev-settle.service" ];
# TODO(wkennington): Add lvm2 and thin-provisioning-tools path = lib.optional cfg.zfsSupport pkgs.zfs;
path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ];
preStart = '' preStart = ''
mkdir -m 0755 -p /var/lib/lxc/rootfs mkdir -m 0755 -p /var/lib/lxc/rootfs
''; '';
serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd"; serviceConfig = {
serviceConfig.Type = "simple"; ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --group lxd";
serviceConfig.KillMode = "process"; # when stopping, leave the containers alone Type = "simple";
KillMode = "process"; # when stopping, leave the containers alone
}; };
};
users.extraGroups.lxd.gid = config.ids.gids.lxd; users.extraGroups.lxd.gid = config.ids.gids.lxd;
users.extraUsers.root = { users.extraUsers.root = {
subUidRanges = [ { startUid = 1000000; count = 65536; } ]; subUidRanges = [ { startUid = 1000000; count = 65536; } ];
subGidRanges = [ { startGid = 1000000; count = 65536; } ]; subGidRanges = [ { startGid = 1000000; count = 65536; } ];
}; };
}; };
} }

View File

@ -1,23 +1,37 @@
{ stdenv, lib, pkgconfig, lxc, buildGoPackage, fetchFromGitHub }: { stdenv, lib, pkgconfig, lxc, buildGoPackage, fetchurl
, makeWrapper, acl, rsync, gnutar, xz, btrfs-progs, gzip, dnsmasq, squashfsTools, iproute, iptables
}:
buildGoPackage rec { buildGoPackage rec {
name = "lxd-${version}"; name = "lxd-3.0.0";
version = "2.16";
rev = "lxd-${version}";
goPackagePath = "github.com/lxc/lxd"; goPackagePath = "github.com/lxc/lxd";
src = fetchFromGitHub { src = fetchurl {
inherit rev; url = "https://github.com/lxc/lxd/releases/download/${name}/${name}.tar.gz";
owner = "lxc"; sha256 = "0m5prdf9sk8k5bws1zva4n9ycggmy76wnjr6wb423066pszz24ww";
repo = "lxd";
sha256 = "0i2mq9m8k9kznwz1i0xb48plp1ffpzvbdrvqvagis4sm17yab3fn";
}; };
goDeps = ./deps.nix; preBuild = ''
# unpack vendor
pushd go/src/github.com/lxc/lxd
rm dist/src/github.com/lxc/lxd
cp -r dist/src/* ../../..
rm -r dist
popd
'';
nativeBuildInputs = [ pkgconfig ]; postInstall = ''
buildInputs = [ lxc ]; # binaries from test/
rm $bin/bin/{deps,macaroon-identity}
wrapProgram $bin/bin/lxd --prefix PATH ":" ${stdenv.lib.makeBinPath [
acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables
]}
'';
nativeBuildInputs = [ pkgconfig makeWrapper ];
buildInputs = [ lxc acl ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Daemon based on liblxc offering a REST API to manage containers"; description = "Daemon based on liblxc offering a REST API to manage containers";

View File

@ -1,165 +0,0 @@
# This file was generated by https://github.com/kamilchm/go2nix v1.2.0
[
{
goPackagePath = "github.com/dustinkirkland/golang-petname";
fetch = {
type = "git";
url = "https://github.com/dustinkirkland/golang-petname";
rev = "4f77bdee0b67a08d17afadc0d5a4a3d1cb7d8d14";
sha256 = "1cizm3xywsp9vc381k02dhjq5a6c772wc05w60m4gfdmp2kmd4di";
};
}
{
goPackagePath = "github.com/golang/protobuf";
fetch = {
type = "git";
url = "https://github.com/golang/protobuf";
rev = "2bba0603135d7d7f5cb73b2125beeda19c09f4ef";
sha256 = "1xy0bj66qks2xlzxzlfma16w7m8g6rrwawmlhlv68bcw2k5hvvib";
};
}
{
goPackagePath = "github.com/gorilla/mux";
fetch = {
type = "git";
url = "https://github.com/gorilla/mux";
rev = "599cba5e7b6137d46ddf58fb1765f5d928e69604";
sha256 = "0wd6jjii1kg5s0nk3ri6gqriz6hbd6bbcn6x4jf8n7ncrb8qsxyz";
};
}
{
goPackagePath = "github.com/gorilla/websocket";
fetch = {
type = "git";
url = "https://github.com/gorilla/websocket";
rev = "a91eba7f97777409bc2c443f5534d41dd20c5720";
sha256 = "13cg6wwkk2ddqbm0nh9fpx4mq7f6qym12ch4lvs53n028ycdgw87";
};
}
{
goPackagePath = "github.com/mattn/go-colorable";
fetch = {
type = "git";
url = "https://github.com/mattn/go-colorable";
rev = "ded68f7a9561c023e790de24279db7ebf473ea80";
sha256 = "0q019h59jq815jfl9rgk4yrpkn5rpcx9s6dksdm48rp1abafwvfc";
};
}
{
goPackagePath = "github.com/mattn/go-sqlite3";
fetch = {
type = "git";
url = "https://github.com/mattn/go-sqlite3";
rev = "cf7286f069c3ef596efcc87781a4653a2e7607bd";
sha256 = "19ipf6bf1xd7w2fm8dnv5my4jp3lhwhlrhfwhwq559amp1h4nwyq";
};
}
{
goPackagePath = "github.com/pborman/uuid";
fetch = {
type = "git";
url = "https://github.com/pborman/uuid";
rev = "1b00554d822231195d1babd97ff4a781231955c9";
sha256 = "0rjkcf85sagdwzsycj1bbjyx5bgmrc1i8l5qf1f44z24rhbbkaan";
};
}
{
goPackagePath = "github.com/syndtr/gocapability";
fetch = {
type = "git";
url = "https://github.com/syndtr/gocapability";
rev = "e7cb7fa329f456b3855136a2642b197bad7366ba";
sha256 = "1i65kyjhbaya45zj9zqkb17plbqf92sfvl9fcz9s9qslg0qab2i1";
};
}
{
goPackagePath = "golang.org/x/crypto";
fetch = {
type = "git";
url = "https://go.googlesource.com/crypto";
rev = "3543873453996aaab2fc6b3928a35fc5ca2b5afb";
sha256 = "1d7pjqzh5893mzkz60bv5ypmr9zgyvb9z2gvcjrsqniwcqlhbk2c";
};
}
{
goPackagePath = "golang.org/x/net";
fetch = {
type = "git";
url = "https://go.googlesource.com/net";
rev = "da118f7b8e5954f39d0d2130ab35d4bf0e3cb344";
sha256 = "09xpndqc6a2r0lw42cyl1pkhfddl01sd9c3qqjjwp3vmxm004whv";
};
}
{
goPackagePath = "gopkg.in/flosch/pongo2.v3";
fetch = {
type = "git";
url = "https://gopkg.in/flosch/pongo2.v3";
rev = "5e81b817a0c48c1c57cdf1a9056cf76bdee02ca9";
sha256 = "0fd7d79644zmcirsb1gvhmh0l5vb5nyxmkzkvqpmzzcg6yfczph8";
};
}
{
goPackagePath = "gopkg.in/inconshreveable/log15.v2";
fetch = {
type = "git";
url = "https://gopkg.in/inconshreveable/log15.v2";
rev = "b105bd37f74e5d9dc7b6ad7806715c7a2b83fd3f";
sha256 = "18rldvi60i7b3lljfrsqgcc24gdkw2pcixxydznyggaqhh96l6a8";
};
}
{
goPackagePath = "gopkg.in/lxc/go-lxc.v2";
fetch = {
type = "git";
url = "https://gopkg.in/lxc/go-lxc.v2";
rev = "8304875cc3423823032ec93556beee076c6ba687";
sha256 = "12vrx9ilxkl1nxc5k81c6b2a1i715843r23fra681digdjnd8bpk";
};
}
{
goPackagePath = "gopkg.in/tomb.v2";
fetch = {
type = "git";
url = "https://gopkg.in/tomb.v2";
rev = "d5d1b5820637886def9eef33e03a27a9f166942c";
sha256 = "1sv15sri99szkdz1bkh0ir46w9n8prrwx5hfai13nrhkawfyfy10";
};
}
{
goPackagePath = "gopkg.in/yaml.v2";
fetch = {
type = "git";
url = "https://gopkg.in/yaml.v2";
rev = "cd8b52f8269e0feb286dfeef29f8fe4d5b397e0b";
sha256 = "1hj2ag9knxflpjibck0n90jrhsrqz7qvad4qnif7jddyapi9bqzl";
};
}
{
goPackagePath = "github.com/gosexy/gettext";
fetch = {
type = "git";
url = "https://github.com/gosexy/gettext";
rev = "74466a0a0c4a62fea38f44aa161d4bbfbe79dd6b";
sha256 = "0asphx8nd7zmp88wk6aakk5292np7yw73akvfdvlvs9q5r5ahkgi";
};
}
{
goPackagePath = "github.com/olekukonko/tablewriter";
fetch = {
type = "git";
url = "https://github.com/olekukonko/tablewriter";
rev = "febf2d34b54a69ce7530036c7503b1c9fbfdf0bb";
sha256 = "1ir7bs4m5rk8v9vpycjj7mn6sc6j9wvxkd63i9b6fmrdsx9q0x4g";
};
}
{
goPackagePath = "github.com/mattn/go-runewidth";
fetch = {
type = "git";
url = "https://github.com/mattn/go-runewidth";
rev = "14207d285c6c197daabb5c9793d63e7af9ab2d50";
sha256 = "0y6yq9zd4kh7fimnc00r3h9pr2pwa5j85b3jcn5dyfamsnm2xdsv";
};
}
]