Official NixOS Wiki

Docker: Difference between revisions

← Older edit
QuBe (talk | contribs)
9 edits
VisualWikitext
m Modify the flake reproducible image dates section to use a snippet which doesn't exclude the the time of the commit. The original snippet intentionally cut the time so the `date` command would accept the input of `self.lastModifiedDate`. By using `self.lastModified` (seconds since epoch of commit) and prepending "@", the date command can interpret the full datetime and embed it into the resulting image.
QuBe (talk | contribs)
9 edits
System setup: Add note about restart being possibly required
Tags: Mobile edit Mobile web edit
 
(2 intermediate revisions by 2 users not shown)
Line 32: Line 32:
<!--T:7-->
<!--T:7-->
To install Docker on NixOS, add the virtualization.docker module to your system configuration at <code>/etc/nixos/configuration.nix</code>:<ref>https://nixos.org/manual/nixos/stable/options#opt-virtualisation.docker.enable</ref>
To install Docker on NixOS, add the virtualization.docker module to your system configuration at <code>/etc/nixos/configuration.nix</code>:<ref>https://nixos.org/manual/nixos/stable/options#opt-virtualisation.docker.enable</ref>
(Note that it may take a restart for the group changes to take effect.)
</translate>
</translate>
<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
Line 52: Line 53:


<translate>
<translate>
== Configuration == <!--T:9-->
== Configuration == <!--T:9-->
</translate>
</translate>
Line 301: Line 303:
   allowedTCPPorts = [ 80 8000 53 5300 ];
   allowedTCPPorts = [ 80 8000 53 5300 ];
   allowedUDPPorts = [ 53 5300 ];
   allowedUDPPorts = [ 53 5300 ];
  extraCommands = ''
    iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 80 -j REDIRECT --to-port 8000
    iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 53 -j REDIRECT --to-port 5300
    iptables -A PREROUTING -t nat -i eth0 -p UDP --dport 53 -j REDIRECT --to-port 5300
  '';
};
};


boot.kernel.sysctl = {
boot.kernel.sysctl = {
   "net.ipv4.conf.eth0.forwarding" = 1;    # enable port forwarding
   "net.ipv4.conf.eth0.forwarding" = 1;    # enable port forwarding
};
   
networking = {
  firewall.extraCommands = ''
    iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 80 -j REDIRECT --to-port 8000
    iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 53 -j REDIRECT --to-port 5300
    iptables -A PREROUTING -t nat -i eth0 -p UDP --dport 53 -j REDIRECT --to-port 5300
  '';
};</syntaxhighlight>Whilst the docker-compose.yaml might look like this:<syntaxhighlight lang="dockerfile">
};</syntaxhighlight>Whilst the docker-compose.yaml might look like this:<syntaxhighlight lang="dockerfile">
services:
services:
Line 725: Line 724:


{{File|3={
{{File|3={
   virtualisation.docker.enable = true;
   # virtualisation.docker.enable = true; # This option is deprecated, please set hardware.nvidia-container-toolkit.enable instead.


   hardware.nvidia-container-toolkit.enable = true;
   hardware.nvidia-container-toolkit.enable = true;
  # Prevents: - Option enableNvidia on x86_64 requires 32-bit support libraries
   # Regular Docker
   # Regular Docker
   virtualisation.docker.daemon.settings.features.cdi = true;
   virtualisation.docker.daemon.settings.features.cdi = true;
Retrieved from "https://wiki.nixos.org/wiki/Docker"