forked from Deuxfleurs/nixcfg
poc 2 for nix containers: use nomad-driver-nix
This commit is contained in:
parent
eac950c47f
commit
49b0dc2d5b
5 changed files with 45 additions and 45 deletions
|
@ -5,17 +5,6 @@ job "dummy-nginx" {
|
||||||
group "nginx" {
|
group "nginx" {
|
||||||
count = 1
|
count = 1
|
||||||
|
|
||||||
volume "nix-store" {
|
|
||||||
type = "host"
|
|
||||||
source = "nix-store"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
volume "nix-current-system-bin" {
|
|
||||||
type = "host"
|
|
||||||
source = "nix-current-system-bin"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
|
|
||||||
network {
|
network {
|
||||||
port "http" {
|
port "http" {
|
||||||
to = 8080
|
to = 8080
|
||||||
|
@ -23,32 +12,12 @@ job "dummy-nginx" {
|
||||||
}
|
}
|
||||||
|
|
||||||
task "not-actually-nginx" {
|
task "not-actually-nginx" {
|
||||||
driver = "exec"
|
driver = "nix"
|
||||||
config {
|
config {
|
||||||
command = "env"
|
packages = [
|
||||||
args = [
|
"github:nixos/nixpkgs/nixos-21.05#python3",
|
||||||
"/run/current-system/sw/bin/nix-shell",
|
|
||||||
"--run", "python3 -m http.server 8080"
|
|
||||||
]
|
]
|
||||||
}
|
command = [ "/bin/python3", "-m", "http.server", "8080" ]
|
||||||
env = {
|
|
||||||
NIX_PATH = "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
|
|
||||||
}
|
|
||||||
|
|
||||||
volume_mount {
|
|
||||||
volume = "nix-store"
|
|
||||||
read_only = true
|
|
||||||
destination = "/nix"
|
|
||||||
}
|
|
||||||
volume_mount {
|
|
||||||
volume = "nix-current-system-bin"
|
|
||||||
read_only = true
|
|
||||||
destination = "/run/current-system/sw/bin"
|
|
||||||
}
|
|
||||||
|
|
||||||
template {
|
|
||||||
data = file("shell.nix")
|
|
||||||
destination = "shell.nix"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -24,14 +24,12 @@
|
||||||
|
|
||||||
# experimental: nomad as root, to enable exec driver
|
# experimental: nomad as root, to enable exec driver
|
||||||
services.nomad.dropPrivileges = false;
|
services.nomad.dropPrivileges = false;
|
||||||
services.nomad.settings.client.host_volume = {
|
services.nomad.extraPackages = [
|
||||||
"nix-store" = {
|
pkgs.nix
|
||||||
path = "/nix";
|
];
|
||||||
read_only = true;
|
services.nomad.extraSettingsPlugins =
|
||||||
};
|
let nomad_driver_nix = import ./nomad-driver-nix.nix { inherit pkgs; };
|
||||||
"nix-current-system-bin" = {
|
in [ nomad_driver_nix ];
|
||||||
path = "/run/current-system/sw/bin";
|
# the nix driver requires flakes to be enabled
|
||||||
read_only = true;
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
copy nix/configuration.nix /etc/nixos/configuration.nix
|
copy nix/configuration.nix /etc/nixos/configuration.nix
|
||||||
copy nix/deuxfleurs.nix /etc/nixos/deuxfleurs.nix
|
copy nix/deuxfleurs.nix /etc/nixos/deuxfleurs.nix
|
||||||
copy nix/remote-unlock.nix /etc/nixos/remote-unlock.nix
|
copy nix/remote-unlock.nix /etc/nixos/remote-unlock.nix
|
||||||
|
copy nix/nomad-driver-nix.nix /etc/nixos/nomad-driver-nix.nix
|
||||||
copy cluster/$CLUSTER/cluster.nix /etc/nixos/cluster.nix
|
copy cluster/$CLUSTER/cluster.nix /etc/nixos/cluster.nix
|
||||||
copy cluster/$CLUSTER/node/$NIXHOST.nix /etc/nixos/node.nix
|
copy cluster/$CLUSTER/node/$NIXHOST.nix /etc/nixos/node.nix
|
||||||
copy cluster/$CLUSTER/node/$NIXHOST.site.nix /etc/nixos/site.nix
|
copy cluster/$CLUSTER/node/$NIXHOST.site.nix /etc/nixos/site.nix
|
||||||
|
|
31
nix/nomad-driver-nix.nix
Normal file
31
nix/nomad-driver-nix.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
{
|
||||||
|
pkgs ? import <nixpkgs> {}
|
||||||
|
}:
|
||||||
|
pkgs.buildGoModule rec {
|
||||||
|
pname = "nomad-driver-nix";
|
||||||
|
version = "0.1.0";
|
||||||
|
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "input-output-hk";
|
||||||
|
repo = "nomad-driver-nix";
|
||||||
|
rev = "010b09c680887d0cade86e8ac136c3a04609e04a";
|
||||||
|
sha256 = "sha256-hET+b7XhDLSuVQwXLI2V5nYCcdvxQQj9BAG8z4ta6CE=";
|
||||||
|
};
|
||||||
|
|
||||||
|
vendorSha256 = "sha256-FDJpbNtcFEHnZvWip2pvUHF3BFyfcSohrr/3nk9YS24=";
|
||||||
|
|
||||||
|
ldflags = [
|
||||||
|
"-X github.com/input-output-hk/nomad-driver-nix/nix.pluginVersion=${version}"
|
||||||
|
];
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
mv $out/bin/nomad-driver-nix $out/bin/nix-driver
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with pkgs.lib; {
|
||||||
|
description = "Nomad driver to run Nix packages / NixOS in systemd-nspawn containers";
|
||||||
|
homepage = "https://github.com/input-output-hk/nomad-driver-nix";
|
||||||
|
license = licenses.mpl20;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
1
result
Symbolic link
1
result
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
/nix/store/q7a8xkk72pzdw468iv7zni4lar20vwzs-nomad-driver-nix-0.1.0
|
Loading…
Reference in a new issue