containers: Make declarative containers real systemd services

Without the templating (which is still present for imperative containers), it will be possible to set individual dependencies. Like depending on the network only if the hostbridge or hardware interfaces are used. Ported from #3021
2025-06-13 21:25:30 +03:00 · 2016-04-02 17:03:30 +02:00 · 2016-04-02 17:03:30 +02:00 · 3c819f28f5
commit 3c819f28f5
parent 2d6a2b4131
1 changed files with 147 additions and 160 deletions
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -278,10 +278,10 @@ in
  };


-  config = mkIf (config.boot.enableContainers) {
+  config = mkIf (config.boot.enableContainers) (let

-    systemd.services."container@" =
-      { description = "Container '%i'";
+    unit = {
+      description = "Container '%i'";

      unitConfig.RequiresMountsFor = [ "/var/lib/containers/%i" ];

@ -401,10 +401,6 @@ in
        '';

      restartIfChanged = false;
-        #reloadIfChanged = true; # FIXME
-
-        wants = [ "netwprk.target" ];
-        after = [ "network.target" ];

      serviceConfig = {
        ExecReload = pkgs.writeScript "reload-container"
@ -439,6 +435,23 @@ in
        KillSignal = "WINCH";
      };
    };
+  in {
+    systemd.services = listToAttrs (filter (x: x.value != null) (
+      # The generic container template used by imperative containers
+      [{ name = "container@"; value = unit; }]
+      # declarative containers
+      ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (
+        if cfg.autoStart then
+          unit // {
+            wantedBy = [ "multi-user.target" ];
+            wants = [ "network.target" ];
+            after = [ "network.target" ];
+            restartTriggers = [ cfg.path ];
+            reloadIfChanged = true;
+          }
+        else null
+      )) config.containers)
+    ));

    # Generate a configuration file in /etc/containers for each
    # container so that container@.target can get the container
@ -482,31 +495,5 @@ in
    networking.dhcpcd.denyInterfaces = [ "ve-*" ];

    environment.systemPackages = [ nixos-container ];
-
-    # Start containers at boot time.
-    systemd.services.all-containers =
-      { description = "All Containers";
-
-        wantedBy = [ "multi-user.target" ];
-
-        unitConfig.ConditionDirectoryNotEmpty = "/etc/containers";
-
-        serviceConfig.Type = "oneshot";
-
-        script =
-          ''
-            res=0
-            shopt -s nullglob
-            for i in /etc/containers/*.conf; do
-              AUTO_START=
-              source "$i"
-              if [ "$AUTO_START" = 1 ]; then
-                systemctl start "container@$(basename "$i" .conf).service" || res=1
-              fi
-            done
-            exit $res
-          ''; # */
-      };
-
-  };
+  });
 }