50 lines
969 B
Nix
50 lines
969 B
Nix
{ pkgs, options, ...}:
|
|
|
|
let
|
|
unstable = import <nixos-unstable> {};
|
|
in {
|
|
environment.systemPackages = with pkgs; [
|
|
kubectl
|
|
cryptsetup
|
|
unstable.kubernetes-helm
|
|
|
|
# podman
|
|
conmon
|
|
fuse-overlayfs
|
|
podman
|
|
podman-compose
|
|
runc
|
|
slirp4netns
|
|
];
|
|
|
|
users.users.stefan.subUidRanges = [{ startUid = 100000; count = 65536; }];
|
|
users.users.stefan.subGidRanges = [{ startGid = 100000; count = 65536; }];
|
|
|
|
environment.etc."containers/policy.json" = {
|
|
mode="0644";
|
|
text=''
|
|
{
|
|
"default": [
|
|
{
|
|
"type": "insecureAcceptAnything"
|
|
}
|
|
],
|
|
"transports":
|
|
{
|
|
"docker-daemon":
|
|
{
|
|
"": [{"type":"insecureAcceptAnything"}]
|
|
}
|
|
}
|
|
}
|
|
'';
|
|
};
|
|
|
|
environment.etc."containers/registries.conf" = {
|
|
mode="0644";
|
|
text=''
|
|
[registries.search]
|
|
registries = ['docker.io', 'quay.io']
|
|
'';
|
|
};
|
|
}
|