nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-12-03 15:41:02 +01:00
Code Activity
home-manager/tests/modules/services/podman-linux/configuration.nix
Terje Larsen 83f978812c
podman: support mounts configuration (#7377)
2025-07-03 19:34:57 -05:00

67 lines
2 KiB
Nix
Raw Blame History

{
services.podman = {
enable = true;
settings = {
containers = {
network = {
default_subnet = "172.16.10.0/24";
default_subnet_pools = [
{
base = "172.16.11.0/24";
size = 24;
}
{
base = "172.16.12.0/24";
size = 24;
}
];
};
};
storage = {
storage = {
runroot = "$HOME/.containers/runroot";
graphroot = "$HOME/.containers/graphroot";
};
};
registries = {
block = [
"ghcr.io"
"gallery.ecr.aws"
];
insecure = [ "quay.io" ];
search = [ "docker.io" ];
};
policy = {
default = [ { type = "insecureAcceptAnything"; } ];
};
mounts = [ "/usr/share/secrets:/run/secrets" ];
};
};
nmt.script = ''
configPath=home-files/.config/containers
containersFile=$configPath/containers.conf
policyFile=$configPath/policy.json
registriesFile=$configPath/registries.conf
storageFile=$configPath/storage.conf
mountsFile=$configPath/mounts.conf
assertFileExists $containersFile
assertFileExists $policyFile
assertFileExists $registriesFile
assertFileExists $storageFile
assertFileExists $mountsFile
containersFile=$(normalizeStorePaths $containersFile)
policyFile=$(normalizeStorePaths $policyFile)
registriesFile=$(normalizeStorePaths $registriesFile)
storageFile=$(normalizeStorePaths $storageFile)
mountsFile=$(normalizeStorePaths $mountsFile)
assertFileContent $containersFile ${./configuration-containers-expected.conf}
assertFileContent $policyFile ${./configuration-policy-expected.json}
assertFileContent $registriesFile ${./configuration-registries-expected.conf}
assertFileContent $storageFile ${./configuration-storage-expected.conf}
assertFileContent $mountsFile ${./configuration-mounts-expected.conf}
'';
}
View git blame Copy permalink