38 lines
728 B
Nix
38 lines
728 B
Nix
{ pkgs, lib, config, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.settings.services.docker;
|
|
in {
|
|
options = {
|
|
settings.services.docker.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
description = ''
|
|
Enable docker configuration
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
rootless = {
|
|
enable = true;
|
|
setSocketVariable = true;
|
|
};
|
|
};
|
|
|
|
users.users.xeovalyte.extraGroups = [ "docker" ];
|
|
|
|
security.wrappers = {
|
|
docker-rootlesskit = {
|
|
owner = "root";
|
|
group = "root";
|
|
capabilities = "cap_net_bind_service+ep";
|
|
source = "${pkgs.rootlesskit}/bin/rootlesskit";
|
|
};
|
|
};
|
|
};
|
|
}
|