Open msackman opened 4 months ago
MagicRB
commented
4 months ago Yes, you can use nixosSystem like normal, then use ${nicos.config.system.build.toplevel}/init and set boot.isContainer = true. And it should boot normally. Word of warning the images will be VERY heavy. And shameless plug https://github.com/nix-community/NixNG
msackman
commented
4 months ago Thank you for the pointers, I'll start working with that.
Lillecarl
commented
3 months ago @MagicRB I never got the point of decoupling from systemd, now it makes more sense
MagicRB
commented
3 months ago Putting systemd into containers is a horrible idea, outside of systemd-nspawn. Having a hard dependency on systemd is a blocker for nix built containers gaining general adoption and for anything but toy examples the tooling nixpkgs just doesn't cut it. What that tooling ends up building is a distroless container, those are generally only seen with Go/Rust programs as those generally are completely statically linked and don't depend on the operating system anyway. With for example PostreSQL you'll run into a cryptic error if /bin/sh is missing, as the devs never accounted for it missing and the error thrown by system() gets completely misinterpreted by the surrounding code.
It would be nice to use this to containerise not just nixos services and modules, but entire machine configs. I'm thinking both things like
services.caddy,security.acme, and also, rather than settingconfig.entrypointto some pkg, also supporting machine configuration, just like how the native nixos containers work, soconfigbecomes a function:config = { config, pkgs, lib, ... }: { ...Is there any way to do this sort of thing with nix-snapshotter? For the whole machine config, would it be "as simple" (ha!) as just figuring out what the relevant systemd entry point is and adding some flags so it knows it's in an image?