Difference between revisions of "Podman"
From NixOS Wiki
(Clarify setuid situation) |
(Add instructions for using `virtualisation.oci-containers`) |
||
| Line 23: | Line 23: | ||
Note that rootless podman requires newuidmap which can't come from the shadow Nix package on non-NixOS since [https://nixos.org/manual/nix/unstable/expressions/derivations.html setuid/setgid programs are not currently supported by Nix]. | Note that rootless podman requires newuidmap which can't come from the shadow Nix package on non-NixOS since [https://nixos.org/manual/nix/unstable/expressions/derivations.html setuid/setgid programs are not currently supported by Nix]. | ||
| + | |||
| + | == Run Podman containers as systemd services == | ||
| + | |||
| + | <syntaxHighlight lang="nix"> | ||
| + | { | ||
| + | virtualisation.oci-containers.backend = "podman"; | ||
| + | virtualisation.oci-containers.containers = { | ||
| + | container-name = { | ||
| + | image = "container-image"; | ||
| + | autoStart = true; | ||
| + | ports = [ "127.0.0.1:1234:1234" ]; | ||
| + | }; | ||
| + | }; | ||
| + | } | ||
| + | </syntaxHighlight> | ||
Revision as of 13:40, 10 October 2021
Podman can run rootless containers and be a drop-in replacement for Docker.
Install and configure podman with NixOS service configuration
{ pkgs, ... }:
{
virtualisation = {
podman = {
enable = true;
# Create a `docker` alias for podman, to use it as a drop-in replacement
dockerCompat = true;
};
};
}
Use Podman within nix-shell
https://gist.github.com/adisbladis/187204cb772800489ee3dac4acdd9947
Note that rootless podman requires newuidmap which can't come from the shadow Nix package on non-NixOS since setuid/setgid programs are not currently supported by Nix.
Run Podman containers as systemd services
{
virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers = {
container-name = {
image = "container-image";
autoStart = true;
ports = [ "127.0.0.1:1234:1234" ];
};
};
}