X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/69ecd666d73ebc5ee7a0be54f4e24f000d1d7e31..a404716d411cf7cd49ff02e3100f0bbf6622d6d5:/gnu/services/docker.scm diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index 04f9127346..1cce767675 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -1,5 +1,8 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Danny Milosavljevic +;;; Copyright © 2020 Jakub Kądziołka +;;; Copyright © 2020 Maxim Cournoyer +;;; Copyright © 2020 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -51,7 +54,13 @@ loop-back communications.") (enable-proxy? (boolean #t) - "Enable or disable the user-land proxy (enabled by default).")) + "Enable or disable the user-land proxy (enabled by default).") + (debug? + (boolean #f) + "Enable or disable debug output.") + (enable-iptables? + (boolean #t) + "Enable addition of iptables rules (enabled by default).")) (define %docker-accounts (list (user-group (name "docker") (system? #t)))) @@ -70,19 +79,25 @@ loop-back communications.") (mkdir-p #$state-dir)))) (define (containerd-shepherd-service config) - (let* ((package (docker-configuration-containerd config))) + (let* ((package (docker-configuration-containerd config)) + (debug? (docker-configuration-debug? config))) (shepherd-service (documentation "containerd daemon.") (provision '(containerd)) (start #~(make-forkexec-constructor - (list (string-append #$package "/bin/containerd")) + (list (string-append #$package "/bin/containerd") + #$@(if debug? + '("--log-level=debug") + '())) #:log-file "/var/log/containerd.log")) (stop #~(make-kill-destructor))))) (define (docker-shepherd-service config) (let* ((docker (docker-configuration-docker config)) (enable-proxy? (docker-configuration-enable-proxy? config)) - (proxy (docker-configuration-proxy config))) + (enable-iptables? (docker-configuration-enable-iptables? config)) + (proxy (docker-configuration-proxy config)) + (debug? (docker-configuration-debug? config))) (shepherd-service (documentation "Docker daemon.") (provision '(dockerd)) @@ -94,15 +109,21 @@ loop-back communications.") file-system-/sys/fs/cgroup/cpuset file-system-/sys/fs/cgroup/devices file-system-/sys/fs/cgroup/memory - ; TODO: file-system-/sys/fs/cgroup/pids + file-system-/sys/fs/cgroup/pids networking udev)) (start #~(make-forkexec-constructor (list (string-append #$docker "/bin/dockerd") "-p" "/var/run/docker.pid" + #$@(if debug? + '("--debug" "--log-level=debug") + '()) (if #$enable-proxy? "--userland-proxy" "") "--userland-proxy-path" (string-append #$proxy - "/bin/proxy")) + "/bin/proxy") + (if #$enable-iptables? + "--iptables" + "--iptables=false")) #:pid-file "/var/run/docker.pid" #:log-file "/var/log/docker.log")) (stop #~(make-kill-destructor))))) @@ -113,6 +134,9 @@ loop-back communications.") bundles in Docker containers.") (extensions (list + ;; Make sure the 'docker' command is available. + (service-extension profile-service-type + (compose list docker-cli)) (service-extension activation-service-type %docker-activation) (service-extension shepherd-root-service-type