NixOS Containers: Difference between revisions
imported>Nix add more see also references |
imported>Onny Added example for native NixOS containers |
||
| Line 1: | Line 1: | ||
== Native NixOS containers == | |||
It is possible to configure native systemd-nspawn containers, which are running NixOS and are configured and managed by NixOS using the <code>containers</code> directive. | |||
The following example creates a container called <code>nextcloud</code> running the web application [[Nextcloud]]. It will start automatically at boot and has its private network subnet. | |||
{{file|/etc/nixos/configuration.nix|nix|<nowiki> | |||
networking.nat = { | |||
enable = true; | |||
internalInterfaces = ["ve-+"]; | |||
externalInterface = "ens3"; | |||
}; | |||
containers.nextcloud = { | |||
autoStart = true; | |||
privateNetwork = true; | |||
hostAddress = "192.168.100.10"; | |||
localAddress = "192.168.100.11"; | |||
config = { config, pkgs, ... }: { | |||
services.nextcloud = { | |||
enable = true; | |||
package = pkgs.nextcloud24; | |||
hostName = "localhost"; | |||
config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}"; | |||
}; | |||
system.stateVersion = "22.05"; | |||
networking.firewall = { | |||
enable = true; | |||
allowedTCPPorts = [ 80 ]; | |||
}; | |||
}; | |||
}; | |||
</nowiki>}} | |||
In order to reach the web application on the host system, we have to open [[Firewall]] port 80 and also configure NAT through <code>networking.nat</code>. | |||
Checking the status of the container | |||
<syntaxhighlight lang="console"> | |||
# systemctl status container@nextcloud | |||
</syntaxhighlight> | |||
Login into the container | |||
<syntaxhighlight lang="console"> | |||
# nixos-container root-login nextcloud | |||
</syntaxhighlight> | |||
Start or stop a container | |||
<syntaxhighlight lang="console"> | |||
# nixos-container start nextcloud | |||
# nixos-container stop nextcloud | |||
</syntaxhighlight> | |||
Destroy a container including its file system | |||
<syntaxhighlight lang="console"> | |||
# nixos-container destroy nextcloud | |||
</syntaxhighlight> | |||
Further informations are available in the {{manual:nixos|sec=#ch-containers|chapter=NixOS manual}}. | |||
== Declarative docker containers == | == Declarative docker containers == | ||
Revision as of 15:25, 30 July 2022
Native NixOS containers
It is possible to configure native systemd-nspawn containers, which are running NixOS and are configured and managed by NixOS using the containers directive.
The following example creates a container called nextcloud running the web application Nextcloud. It will start automatically at boot and has its private network subnet.
/etc/nixos/configuration.nix
networking.nat = {
enable = true;
internalInterfaces = ["ve-+"];
externalInterface = "ens3";
};
containers.nextcloud = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
config = { config, pkgs, ... }: {
services.nextcloud = {
enable = true;
package = pkgs.nextcloud24;
hostName = "localhost";
config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}";
};
system.stateVersion = "22.05";
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 ];
};
};
};
In order to reach the web application on the host system, we have to open Firewall port 80 and also configure NAT through networking.nat.
Checking the status of the container
# systemctl status container@nextcloud
Login into the container
# nixos-container root-login nextcloud
Start or stop a container
# nixos-container start nextcloud
# nixos-container stop nextcloud
Destroy a container including its file system
# nixos-container destroy nextcloud
Further informations are available in the NixOS Manual, NixOS manual.
Declarative docker containers
Example config:
{ config, pkgs, ... }:
{
config.virtualisation.oci-containers.containers = {
hackagecompare = {
image = "chrissound/hackagecomparestats-webserver:latest";
ports = ["127.0.0.1:3010:3010"];
volumes = [
"/root/hackagecompare/packageStatistics.json:/root/hackagecompare/packageStatistics.json"
];
cmd = [
"--base-url"
"\"/hackagecompare\""
];
};
};
}
Troubleshooting
I have changed the host's channel and some services are no longer functional
Symptoms:
- Lost data in PostgreSQL database
- MySQL has changed its path, where it creates the database
Solution
If you did not have a system.stateVersion option set inside your declarative container configuration, it will use the default one for the channel. Your data might be safe, if you did nothing meanwhile. Add the missing system.stateVersion to your container, rebuild, and possibly stop/start the container.