NixOS
diff --git a/‎.git-blame-ignore-revs‎
Lines changed: 3 additions & 0 deletions b/‎.git-blame-ignore-revs‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎nixos/modules/virtualisation/lxc-image-metadata.nix‎
Lines changed: 67 additions & 42 deletions b/‎nixos/modules/virtualisation/lxc-image-metadata.nix‎
Lines changed: 67 additions & 42 deletions
diff --git a/‎nixos/modules/virtualisation/lxc-instance-common.nix‎
Lines changed: 1 addition & 1 deletion b/‎nixos/modules/virtualisation/lxc-instance-common.nix‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎nixos/modules/virtualisation/lxc.nix‎
Lines changed: 53 additions & 48 deletions b/‎nixos/modules/virtualisation/lxc.nix‎
Lines changed: 53 additions & 48 deletions
diff --git a/‎nixos/modules/virtualisation/lxcfs.nix‎
Lines changed: 25 additions & 20 deletions b/‎nixos/modules/virtualisation/lxcfs.nix‎
Lines changed: 25 additions & 20 deletions
@@ -212,3 +212,6 @@ ce21e97a1f20dee15da85c084f9d1148d84f853b
 
 # format files with nixfmt (#347275)
 adb9714bd909df283c66bbd641bd631ff50a4260
+
+# treewide: incus packages
+9ab59bb5fb943ad6740f64f5a79eae9642fb8211
@@ -1,51 +1,71 @@
-{ lib, config, pkgs, ... }:
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
 
 let
-  templateSubmodule = {...}: {
-    options = {
-      enable = lib.mkEnableOption "this template";
+  templateSubmodule =
+    { ... }:
+    {
+      options = {
+        enable = lib.mkEnableOption "this template";
 
-      target = lib.mkOption {
-        description = "Path in the container";
-        type = lib.types.path;
-      };
-      template = lib.mkOption {
-        description = ".tpl file for rendering the target";
-        type = lib.types.path;
-      };
-      when = lib.mkOption {
-        description = "Events which trigger a rewrite (create, copy)";
-        type = lib.types.listOf (lib.types.str);
-      };
-      properties = lib.mkOption {
-        description = "Additional properties";
-        type = lib.types.attrs;
-        default = {};
+        target = lib.mkOption {
+          description = "Path in the container";
+          type = lib.types.path;
+        };
+        template = lib.mkOption {
+          description = ".tpl file for rendering the target";
+          type = lib.types.path;
+        };
+        when = lib.mkOption {
+          description = "Events which trigger a rewrite (create, copy)";
+          type = lib.types.listOf (lib.types.str);
+        };
+        properties = lib.mkOption {
+          description = "Additional properties";
+          type = lib.types.attrs;
+          default = { };
+        };
       };
     };
-  };
 
-  toYAML = name: data: pkgs.writeText name (lib.generators.toYAML {} data);
+  toYAML = name: data: pkgs.writeText name (lib.generators.toYAML { } data);
 
   cfg = config.virtualisation.lxc;
-  templates = if cfg.templates != {} then let
-    list = lib.mapAttrsToList (name: value: { inherit name; } // value)
-      (lib.filterAttrs (name: value: value.enable) cfg.templates);
-  in
-    {
-      files = map (tpl: {
-        source = tpl.template;
-        target = "/templates/${tpl.name}.tpl";
-      }) list;
-      properties = lib.listToAttrs (map (tpl: lib.nameValuePair tpl.target {
-        when = tpl.when;
-        template = "${tpl.name}.tpl";
-        properties = tpl.properties;
-      }) list);
-    }
-  else { files = []; properties = {}; };
+  templates =
+    if cfg.templates != { } then
+      let
+        list = lib.mapAttrsToList (name: value: { inherit name; } // value) (
+          lib.filterAttrs (name: value: value.enable) cfg.templates
+        );
+      in
+      {
+        files = map (tpl: {
+          source = tpl.template;
+          target = "/templates/${tpl.name}.tpl";
+        }) list;
+        properties = lib.listToAttrs (
+          map (
+            tpl:
+            lib.nameValuePair tpl.target {
+              when = tpl.when;
+              template = "${tpl.name}.tpl";
+              properties = tpl.properties;
+            }
+          ) list
+        );
+      }
+    else
+      {
+        files = [ ];
+        properties = { };
+      };
 
-in {
+in
+{
   imports = [
     ../image/file-options.nix
   ];
@@ -59,7 +79,7 @@ in {
       templates = lib.mkOption {
         description = "Templates for LXD";
         type = lib.types.attrsOf (lib.types.submodule templateSubmodule);
-        default = {};
+        default = { };
         example = lib.literalExpression ''
           {
             # create /etc/hostname on container creation
@@ -91,7 +111,10 @@ in {
   };
 
   config = {
-    system.nixos.tags = [ "lxc" "metadata" ];
+    system.nixos.tags = [
+      "lxc"
+      "metadata"
+    ];
     image.extension = "tar.xz";
     image.filePath = "tarball/${config.image.fileName}";
     system.build.image = config.system.build.metadata;
@@ -100,7 +123,9 @@ in {
       contents = [
         {
           source = toYAML "metadata.yaml" {
-            architecture = builtins.elemAt (builtins.match "^([a-z0-9_]+).+" (toString pkgs.stdenv.hostPlatform.system)) 0;
+            architecture = builtins.elemAt (builtins.match "^([a-z0-9_]+).+" (
+              toString pkgs.stdenv.hostPlatform.system
+            )) 0;
             creation_date = 1;
             properties = {
               description = "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} ${pkgs.stdenv.hostPlatform.system}";
 
@@ -1,4 +1,4 @@
-{lib, ...}:
+{ lib, ... }:
 
 {
   meta = {
 
@@ -1,6 +1,11 @@
 # LXC Configuration
 
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 let
   cfg = config.virtualisation.lxc;
@@ -12,58 +17,53 @@ in
   };
 
   options.virtualisation.lxc = {
-    enable =
-      lib.mkOption {
-        type = lib.types.bool;
-        default = false;
-        description = ''
-            This enables Linux Containers (LXC), which provides tools
-            for creating and managing system or application containers
-            on Linux.
-          '';
-      };
+    enable = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        This enables Linux Containers (LXC), which provides tools
+        for creating and managing system or application containers
+        on Linux.
+      '';
+    };
 
     unprivilegedContainers = lib.mkEnableOption "support for unprivileged users to launch containers";
 
-    systemConfig =
-      lib.mkOption {
-        type = lib.types.lines;
-        default = "";
-        description = ''
-            This is the system-wide LXC config. See
-            {manpage}`lxc.system.conf(5)`.
-          '';
-      };
+    systemConfig = lib.mkOption {
+      type = lib.types.lines;
+      default = "";
+      description = ''
+        This is the system-wide LXC config. See
+        {manpage}`lxc.system.conf(5)`.
+      '';
+    };
     package = lib.mkPackageOption pkgs "lxc" { };
 
-    defaultConfig =
-      lib.mkOption {
-        type = lib.types.lines;
-        default = "";
-        description = ''
-            Default config (default.conf) for new containers, i.e. for
-            network config. See {manpage}`lxc.container.conf(5)`.
-          '';
-      };
+    defaultConfig = lib.mkOption {
+      type = lib.types.lines;
+      default = "";
+      description = ''
+        Default config (default.conf) for new containers, i.e. for
+        network config. See {manpage}`lxc.container.conf(5)`.
+      '';
+    };
 
-    usernetConfig =
-      lib.mkOption {
-        type = lib.types.lines;
-        default = "";
-        description = ''
-            This is the config file for managing unprivileged user network
-            administration access in LXC. See {manpage}`lxc-usernet(5)`.
-          '';
-      };
+    usernetConfig = lib.mkOption {
+      type = lib.types.lines;
+      default = "";
+      description = ''
+        This is the config file for managing unprivileged user network
+        administration access in LXC. See {manpage}`lxc-usernet(5)`.
+      '';
+    };
 
-      bridgeConfig =
-        lib.mkOption {
-          type = lib.types.lines;
-          default = "";
-          description = ''
-              This is the config file for override lxc-net bridge default settings.
-            '';
-        };
+    bridgeConfig = lib.mkOption {
+      type = lib.types.lines;
+      default = "";
+      description = ''
+        This is the config file for override lxc-net bridge default settings.
+      '';
+    };
   };
 
   ###### implementation
@@ -88,7 +88,7 @@ in
     };
 
     # We don't need the `lxc-user` group, unless the unprivileged containers are enabled.
-    users.groups = lib.mkIf cfg.unprivilegedContainers { lxc-user = {}; };
+    users.groups = lib.mkIf cfg.unprivilegedContainers { lxc-user = { }; };
 
     # `lxc-user-nic` needs suid to attach to bridge for unpriv containers.
     security.wrappers = lib.mkIf cfg.unprivilegedContainers {
@@ -108,7 +108,12 @@ in
       lxc-net = {
         enable = true;
         wantedBy = [ "multi-user.target" ];
-        path = [ pkgs.iproute2 pkgs.iptables pkgs.getent pkgs.dnsmasq ];
+        path = [
+          pkgs.iproute2
+          pkgs.iptables
+          pkgs.getent
+          pkgs.dnsmasq
+        ];
       };
     };
   };
 
@@ -1,29 +1,34 @@
 # LXC Configuration
 
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 let
   cfg = config.virtualisation.lxc.lxcfs;
-in {
+in
+{
   meta = {
     maintainers = lib.teams.lxc.members;
   };
 
   ###### interface
   options.virtualisation.lxc.lxcfs = {
-    enable =
-      lib.mkOption {
-        type = lib.types.bool;
-        default = false;
-        description = ''
-          This enables LXCFS, a FUSE filesystem for LXC.
-          To use lxcfs in include the following configuration in your
-          container configuration:
-          ```
-          virtualisation.lxc.defaultConfig = "lxc.include = ''${pkgs.lxcfs}/share/lxc/config/common.conf.d/00-lxcfs.conf";
-          ```
-        '';
-      };
+    enable = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        This enables LXCFS, a FUSE filesystem for LXC.
+        To use lxcfs in include the following configuration in your
+        container configuration:
+        ```
+        virtualisation.lxc.defaultConfig = "lxc.include = ''${pkgs.lxcfs}/share/lxc/config/common.conf.d/00-lxcfs.conf";
+        ```
+      '';
+    };
   };
 
   ###### implementation
@@ -34,11 +39,11 @@ in {
       before = [ "lxc.service" ];
       restartIfChanged = false;
       serviceConfig = {
-        ExecStartPre="${pkgs.coreutils}/bin/mkdir -p /var/lib/lxcfs";
-        ExecStart="${pkgs.lxcfs}/bin/lxcfs /var/lib/lxcfs";
-        ExecStopPost="-${pkgs.fuse}/bin/fusermount -u /var/lib/lxcfs";
-        KillMode="process";
-        Restart="on-failure";
+        ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /var/lib/lxcfs";
+        ExecStart = "${pkgs.lxcfs}/bin/lxcfs /var/lib/lxcfs";
+        ExecStopPost = "-${pkgs.fuse}/bin/fusermount -u /var/lib/lxcfs";
+        KillMode = "process";
+        Restart = "on-failure";
       };
     };
   };
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-{lib, ...}:`
	`1`	`+{ lib, ... }:`
`2`	`2`
`3`	`3`	`{`
`4`	`4`	`meta = {`