50 lines
1.6 KiB
Nix
50 lines
1.6 KiB
Nix
{ ... }: {
|
|
|
|
flake.nixosModules.docker = { config, lib, pkgs, ... }: {
|
|
|
|
config = {
|
|
|
|
networking.nat.internalInterfaces = [ "docker0" "docker-main" ];
|
|
|
|
virtualisation = {
|
|
docker = {
|
|
enable = true;
|
|
storageDriver = "btrfs";
|
|
};
|
|
|
|
oci-containers = {
|
|
backend = "docker";
|
|
};
|
|
};
|
|
|
|
hardware.nvidia-container-toolkit.enable = lib.mkDefault (builtins.any
|
|
(x: x == "nvidia")
|
|
config.services.xserver.videoDrivers
|
|
);
|
|
|
|
systemd.services."docker-network-setup" = {
|
|
path = [ pkgs.docker ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
RemainAfterExit = true;
|
|
ExecStop = "docker network rm -f docker-main";
|
|
};
|
|
script = ''
|
|
docker network inspect docker-main ||
|
|
docker network create -d bridge docker-main \
|
|
--attachable --subnet 192.168.101.0/24 --ip-range 192.168.101.0/24 \
|
|
--gateway 192.168.101.1 \
|
|
-o "com.docker.network.bridge.name"="docker-main" \
|
|
-o "com.docker.network.bridge.trusted_host_interfaces"="wt0:ve-netbird:ve-traefik"
|
|
'';
|
|
wantedBy = [ "docker-net.target" ];
|
|
};
|
|
|
|
systemd.targets."docker-net" = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
};
|
|
};
|
|
};
|
|
}
|
|
|