Commit graph

29 commits

Author SHA1 Message Date
Connor Clark
2f642b6023
services: docker: Add config-file option.
* gnu/services/docker.scm (docker-configuration)[config-file] Add file-like
field.
* doc/guix.texi (Docker Service): Add information about config-file.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2024-01-03 15:32:01 +01:00
Giacomo Leidi
be3b7f4467
services: Fix oci-container-service-type container user.
The oci-container-configuration supports two user fields: one is the
user, from the host system, under whose authority the OCI-backed
Shepherd service is run; the other is an optional user/UID that can be
passed to the docker run invokation to override the user defined in the
OCI image.

The user from the host system is incorrectly passed to docker run
command, this patches reverts the incorrect behavior and passes the
correct container-user field value.

* gnu/services/docker.scm (oci-container-configuration): Fix the user
passed to the docker run invokation.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-12-10 22:23:29 +01:00
Giacomo Leidi
267786721b
services: Add oci-container-service-type.
* gnu/services/docker.scm (oci-container-configuration): New variable;
(oci-container-shepherd-service): new variable;
(oci-container-service-type): new variable.
* doc/guix.texi (Miscellaneous Services): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I17cede1975051a9fdd0e0a13b2191d8055266f80
2023-11-23 12:56:42 +01:00
Sam Lockart
969cea6836
file-systems: Use cgroups v2.
cgroup v2 is the next generation of the control groups API.  This patch
replaces the cgroup v1 file systems with the unified cgroup v2 file
system.

cgroup v2 allows for things like containerd/podman to run rootless
containers and opens guix system up to running things like Kubernetes.

Thanks to Hilton Chain <hako@ultrarare.space> for suggesting the Docker
service change.

* gnu/system/file-systems.scm (%control-groups): Change to a single
"cgroup2" mount point.
* gnu/services/docker.scm (docker-shepherd-service): Trim 'requirement'
field accordingly.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2023-08-08 18:01:55 +02:00
Oleg Pykhalov
b33e1a183f
services: docker: Fix race condition.
Fixes <https://issues.guix.gnu.org/38432>.

* gnu/packages/patches/containerd-create-pid-file.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add this.
* gnu/packages/docker.scm (containerd)[source]: Add this patch.
* gnu/services/docker.scm
(containerd-shepherd-service): Add #:pid-file and #:pid-file-timeout.
* gnu/services/docker.scm (docker-shepherd-service): Add --containerd flag.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-07-13 21:36:41 -04:00
Tobias Geerinckx-Rice
892f1b7273
services: Accept <inferior-package>s in lieu of <package>s.
* gnu/services/authentication.scm (fprintd-configuration)
(nslcd-configuration): Substitute file-like objects for package ones.
* gnu/services/cgit.scm (cgit-configuration, opaque-cgit-configuration):
Likewise.
* gnu/services/cups.scm (package-list?, cups-configuration): Likewise.
* gnu/services/dns.scm (verify-knot-configuration)
(ddclient-configuration): Likewise.
* gnu/services/docker.scm (docker-configuration): Likewise.
* gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise.
* gnu/services/getmail.scm (getmail-configuration): Likewise.
* gnu/services/mail.scm (dovecot-configuration)
(opaque-dovecot-configuration): Likewise.
* gnu/services/messaging.scm (prosody-configuration)
(opaque-prosody-configuration): Likewise.
* gnu/services/monitoring.scm (zabbix-server-configuration)
(zabbix-agent-configuration): Likewise.
* gnu/services/networking.scm (opendht-configuration): Likewise.
* gnu/services/pm.scm (tlp-configuration): Likewise.
* gnu/services/telephony.scm (jami-configuration): Likewise.
* gnu/services/virtualization.scm (libvirt-configuration)
(qemu-guest-agent-configuration): Likewise.
* gnu/services/vpn.scm (openvpn-client-configuration): Likewise.
2021-11-30 01:08:55 +01:00
Alexey Abramov
4ace645506
services: docker: Add 'environment-variables' configuration field.
* gnu/services/docker.scm (docker-configuration):  Add the field
(docker-shepherd-service): Pass the list of defined variables to
make-forkexec-constructor.
* doc/guix.texi (Miscellaneous Services): Update doc.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-11-17 23:05:56 +01:00
Brice Waegeneire
a85ec0bf69
services: Migrate to <setuid-program>.
* gnu/services/dbus.scm (dbus-setuid-programs, polkit-setuid-programs):
  Return setuid-programs.
* gnu/services/desktop.scm (enlightenment-setuid-programs): Return
 setuid-programs.
 (%desktop-services)[mount-setuid-helpers]: Use setuid-programs.
* gnu/services/docker.scm (singularity-setuid-programs): Return
 setuid-programs.
* gnu/services/xorg.scm(screen-locker-setuid-programs): Return
 setuid-programs.
* gnu/system.scm (%setuid-programs): Return setuid-programs.
* doc/guix.texi (Setuid Programs, operating-system Reference): Replace
  'list of G-expressions' with 'list of <setuid-program>'.
2021-07-29 11:32:48 -04:00
Maxim Cournoyer
a9a67da573
services: docker: Disable configuration serialization.
* gnu/services/docker.scm (serialize-boolean): Delete procedure.
(docker-configuration) <no-serialization>: New syntactic keyword.
2021-05-08 01:04:31 -04:00
Oleg Pykhalov
6a5a477df4
services: docker: Fix missing containerd-shim binary.
This commit fixes error 'time="2020-10-16T…" level=error msg="Handler for POST
/v1.40/containers/…/start returned error: failed to start shim: exec:
\"containerd-shim\": executable file not found in $PATH: unknown"'.

* gnu/services/docker.scm
(containerd-shepherd-service): Add "containerd-shim" to PATH.
2020-10-17 00:43:24 +03:00
Oleg Pykhalov
cd4bb173e0
services: docker: Fix configuration.
This is a follow-up to e04b90607a.

* gnu/services/docker.scm
(docker-shepherd-service): Fix "enable-proxy?" configuration.
2020-09-23 23:40:29 +03:00
Efraim Flashner
e04b90607a
services: Docker: Fix typo in configuration.
This is a follow-up to f0a09310e6.

* gnu/services/docker.scm (docker-shepherd-service): Properly reference
variables in service definition.
2020-09-21 15:04:14 +03:00
Jesse Dowell
f0a09310e6
services: docker: Fix enable-proxy? option.
The userland proxy option does not properly disable the userland proxy when
set to false. Docker defaults to enabling the userland proxy if the option is
unset on the command line.

* gnu/services/docker.scm (docker-shepherd-service): Properly handle the
'enable-proxy?' option.

Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2020-09-21 13:18:25 +03:00
Oleg Pykhalov
f6dfe42129
services: docker: Fix service definition.
This commit follows a404716d41.

* gnu/services/docker.scm
(docker-configuration)[docker-cli]: New record field.
(docker-service-type): Use this.
* doc/guix.texi (Miscellaneous Services)[Docker Service]: Document this.
2020-09-15 01:10:55 +03:00
Efraim Flashner
a404716d41
services: docker: Fix service definition.
This is a follow-up to 8422a67dc1.

* gnu/services/docker.scm (docker-service-type): Use a composed list for
packages in profile-service-type.
2020-09-14 23:22:34 +03:00
Efraim Flashner
8422a67dc1
services: docker: Make docker command available.
* gnu/services/docker.scm (docker-service-type): Extend the
profile-service-type and add the docker-cli package.
2020-09-14 17:21:16 +03:00
Alexey Abramov
2b68a96422
services: docker: Add 'enable-iptables?' argument.
* gnu/services/docker.scm (docker-configuration): Define the argument.
* gnu/services/docker.scm (docker-shepherd-service): Use it.
* doc/guix.texi (Docker Service): Document it.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2020-08-16 11:07:50 +02:00
Maxim Cournoyer
7c9be7b7cb
gnu: services: docker: Add a debug? parameter.
* gnu/services/docker.scm (docker-configuration): Add a debug? field.
(containerd-shepherd-service): Pass the "--log-level=debug" argument when
DEBUG? is true.
(docker-shepherd-service): Pass the "--debug" and "--log-level=debug"
arguments when DEBUG? is true.
* doc/guix.texi (Miscellaneous Services): Update doc.
2020-06-03 11:31:07 -04:00
Jakub Kądziołka
2ef4d273d1
file-systems: mount the PID cgroup filesystem.
* gnu/system/file-systems.scm (%control-groups): Add "pids".
* gnu/services/docker.scm (docker-shepherd-service): Resolve a TODO.

This has allowed me to make a specific configuration of nsjail work.
2020-04-27 14:14:47 +02:00
Ludovic Courtès
08814aec6a
services: Add Singularity.
* gnu/packages/linux.scm (singularity)[source](snippet): Change file
name of setuid helpers in libexec/cli/*.exec.
[arguments]: Remove "--disable-suid".
* gnu/services/docker.scm (%singularity-activation): New variable.
(singularity-setuid-programs): New procedure.
(singularity-service-type): New variable.
* gnu/tests/singularity.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.
2019-06-07 09:57:19 +02:00
Maxim Cournoyer
7a31d93a61
services: docker: Add new fields to support proxy.
The Docker proxy enables inter-container and outside-to-container loopback,
and is required by the Docker registry server.

* gnu/services/docker.scm (docker-configuration)[proxy,
enable-proxy?]: Add fields.
(docker-shepherd-service): Use them.
(serialize-boolean): New function.
2019-05-05 20:14:15 -04:00
Danny Milosavljevic
1c84e68bde
services: docker: Make shepherd service also require "dbus-system",
"elogind" and "udev".

Fixes <https://bugs.gnu.org/34333>.

* gnu/services/docker.scm (docker-shepherd-service): Require "dbus-system",
"elogind" and "udev".
2019-02-11 18:29:01 +01:00
Danny Milosavljevic
268e12a894
services: docker: Make shepherd service require "networking".
Fixes <https://bugs.gnu.org/34333>.

* gnu/services/docker.scm (docker-shepherd-service): Require "networking".
2019-02-11 11:45:12 +01:00
Danny Milosavljevic
9757b57f4e
services: docker: Update comment.
* gnu/services/docker.scm (docker-shepherd-service): Update comment.
2019-01-11 02:53:28 +01:00
Danny Milosavljevic
8b0c174415
services: docker: Use more minimal service requrements.
* gnu/services/docker.scm (docker-service-type)[requirement]: Add
file-system-/sys/fs/cgroup/blkio, file-system-/sys/fs/cgroup/cpu,
file-system-/sys/fs/cgroup/cpuset, file-system-/sys/fs/cgroup/devices,
file-system-/sys/fs/cgroup/memory.  Remove elogind.
2019-01-10 19:17:49 +01:00
Danny Milosavljevic
d3a0e74d6a
services: docker: Clarify service-extension shepherd-root-service-type.
* gnu/services/docker.scm (docker-service-type)[extensions]: Clarify
service-extension shepherd-root-service-type.
2019-01-10 19:17:48 +01:00
Danny Milosavljevic
f946a370ed
services: docker: Depend on elogind.
* gnu/services/docker.scm (docker-shepherd-service)[requirement]: Add elogind.
2019-01-10 05:15:42 +01:00
Danny Milosavljevic
f0bfd0fc21
services: docker: Specify log file for containerd.
* gnu/services/docker.scm (containerd-shepherd-service): Specify log file
for containerd.
2019-01-10 03:54:28 +01:00
Danny Milosavljevic
8af4c335e3
services: Add docker.
* gnu/services/docker.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document the service.
2019-01-10 03:00:55 +01:00