Merge pull request #3779 from offlinehacker/docker

full nixos inside docker
NixOS · Sep 1, 2014 · d140851 · d140851
2 parents 23b3495 + 296888b
commit d140851
Show file tree

Hide file tree

Showing 4 changed files with 78 additions and 2 deletions.
diff --git a/nixos/lib/make-system-tarball.nix b/nixos/lib/make-system-tarball.nix
@@ -15,14 +15,17 @@
   # store path whose closure will be copied, and `symlink' is a
   # symlink to `object' that will be added to the tarball.
   storeContents ? []
+
+  # Extra tar arguments
+, extraArgs ? ""
 }:
 
 stdenv.mkDerivation {
   name = "tarball";
   builder = ./make-system-tarball.sh;
   buildInputs = [perl xz];
 
-  inherit fileName pathsFromGraph;
+  inherit fileName pathsFromGraph extraArgs;
 
   # !!! should use XML.
   sources = map (x: x.source) contents;

diff --git a/nixos/lib/make-system-tarball.sh b/nixos/lib/make-system-tarball.sh
@@ -50,7 +50,7 @@ done
 
 mkdir -p $out/tarball
 
-tar cvJf $out/tarball/$fileName.tar.xz *
+tar cvJf $out/tarball/$fileName.tar.xz * $extraArgs
 
 mkdir -p $out/nix-support
 echo $system > $out/nix-support/system

diff --git a/nixos/modules/services/ttys/agetty.nix b/nixos/modules/services/ttys/agetty.nix
@@ -66,6 +66,12 @@ with lib;
         restartIfChanged = false;
       };
 
+    systemd.services."console-getty" =
+      { serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud console 115200,38400,9600 $TERM";
+        serviceConfig.Restart = "always";
+        restartIfChanged = false;
+      };
+
     environment.etc = singleton
       { # Friendly greeting on the virtual consoles.
         source = pkgs.writeText "issue" ''

diff --git a/nixos/modules/virtualisation/docker-image.nix b/nixos/modules/virtualisation/docker-image.nix
@@ -0,0 +1,67 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
+
+in {
+  # Create the tarball
+  system.build.dockerImage = import ../../lib/make-system-tarball.nix {
+    inherit (pkgs) stdenv perl xz pathsFromGraph;
+
+    contents = [];
+    extraArgs = "--owner=0";
+    storeContents = [
+      { object = config.system.build.toplevel + "/init";
+        symlink = "/bin/init";
+      }
+    ] ++ (pkgs2storeContents [ pkgs.stdenv ]);
+  };
+
+  boot.postBootCommands =
+    ''
+      # After booting, register the contents of the Nix store in the Nix
+      # database.
+      if [ -f /nix-path-registration ]; then
+        ${config.nix.package}/bin/nix-store --load-db < /nix-path-registration &&
+        rm /nix-path-registration
+      fi
+
+      # nixos-rebuild also requires a "system" profile and an
+      # /etc/NIXOS tag.
+      touch /etc/NIXOS
+      ${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
+
+      # Set virtualisation to docker
+      echo "docker" > /run/systemd/container 
+    '';
+
+
+  # docker image config
+  require = [
+    ../installer/cd-dvd/channel.nix
+    ../profiles/minimal.nix
+    ../profiles/clone-config.nix
+  ];
+
+  boot.isContainer = true;
+
+  # Iptables do not work in docker
+  networking.firewall.enable = false;
+
+  services.openssh.enable = true;
+
+  # Socket activated ssh presents problem in docker
+  services.openssh.startWhenNeeded = false;
+
+  # Allow the user to login as root without password
+  security.initialRootPassword = "";
+
+  # Some more help text.
+  services.mingetty.helpLine =
+    ''
+
+      Log in as "root" with an empty password.
+    '';
+}