Branch: refs/heads/containers
Home: https://github.com/NixOS/nixpkgs
Commit: 0d506aa712cf088343dff5863e9e58eb1228c3b0
https://github.com/NixOS/nixpkgs/commit/0d506aa712cf088343dff5863e9e58eb1228c3b0
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
A nixos/modules/virtualisation/container-login.nix
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Provide a simple way to log into containers
On the host, you can run
$ socat unix:<path-to-container>/var/lib/login.socket -,echo=0,raw
to get a login prompt. So this allows logging in even if the
container has no SSH access enabled.
You can also do
$ socat unix:<path-to-container>/var/lib/root-shell.socket -
to get a plain root shell. (This socket is only accessible by root,
obviously.) This makes it easy to execute commands in the container,
e.g.
$ echo reboot | socat unix:<path-to-container>/var/lib/root-shell.socket -
Commit: f13bd41384afadcd94e316759583359de37d15bd
https://github.com/NixOS/nixpkgs/commit/f13bd41384afadcd94e316759583359de37d15bd
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/system/activation/switch-to-configuration.pl
Log Message:
-----------
switch-to-configuration: Restart sockets.target
Commit: f9e2af1e8b62809e9af9acc92826c29f63db8043
https://github.com/NixOS/nixpkgs/commit/f9e2af1e8b62809e9af9acc92826c29f63db8043
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/system/activation/switch-to-configuration.pl
Log Message:
-----------
switch-to-configuration: Don't require /etc/NIXOS
Check /etc/os-release if /etc/NIXOS doesn't exist.
Commit: 28b7d67d08a7a76c7508d4b6a8f791c2eba4a1b9
https://github.com/NixOS/nixpkgs/commit/28b7d67d08a7a76c7508d4b6a8f791c2eba4a1b9
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/services/web-servers/apache-httpd/default.nix
Log Message:
-----------
httpd: Don't require keys.target
This has the unintended side-effect of restarting httpd every time we
run switch-to-configuration, even if httpd hasn't changed (because
we're doing a "stop keys.target" now). So use a "Wants" dependency
instead.
Commit: 511b86d22dbf3d4a52ac9d6437f0ee0375468f01
https://github.com/NixOS/nixpkgs/commit/511b86d22dbf3d4a52ac9d6437f0ee0375468f01
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/system/activation/switch-to-configuration.pl
M nixos/modules/system/boot/systemd-unit-options.nix
M nixos/modules/system/boot/systemd.nix
Log Message:
-----------
Add an option to reload rather than restart changed units
Commit: ef8e0266a2583eb45444b1faa0512f99d18fca6c
https://github.com/NixOS/nixpkgs/commit/ef8e0266a2583eb45444b1faa0512f99d18fca6c
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Don't reboot a container when its configuration changes
Instead, just run "switch-to-configuration" inside the container.
Commit: ac215779dd1fdfe58d75bcc22cb6a5b0a58744a4
https://github.com/NixOS/nixpkgs/commit/ac215779dd1fdfe58d75bcc22cb6a5b0a58744a4
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-17 (Mon, 17 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Give containers a writable /nix/var/nix/{profiles,gcroots}
These are stored on the host in
/nix/var/nix/{profiles,gcroots}/per-container/<container-name> to
ensure that container profiles/roots are not garbage-collected.
Commit: 895bcdd1cb9f98ba032c78d996f3ebc89fd60bc2
https://github.com/NixOS/nixpkgs/commit/895bcdd1cb9f98ba032c78d996f3ebc89fd60bc2
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-18 (Tue, 18 Mar 2014)
Changed paths:
M nixos/modules/services/networking/dhcpcd.nix
M nixos/modules/virtualisation/containers.nix
A nixos/modules/virtualisation/run-in-netns.c
Log Message:
-----------
Add support for running a container with a private network interface
For example, the following sets up a container named ‘foo’. The
container will have a single network interface eth0, with IP address
10.231.136.2. The host will have an interface c-foo with IP address
10.231.136.1.
systemd.containers.foo =
{ privateNetwork = true;
hostAddress = "10.231.136.1";
localAddress = "10.231.136.2";
config =
{ services.openssh.enable = true; };
};
With ‘privateNetwork = true’, the container has the CAP_NET_ADMIN
capability, allowing it to do arbitrary network configuration, such as
setting up firewall rules. This is secure because it cannot touch the
interfaces of the host.
The helper program ‘run-in-netns’ is needed at the moment because ‘ip
netns exec’ doesn't quite do the right thing (it remounts /sys without
bind-mounting the original /sys/fs/cgroups).
Commit: 7b82d1ee27a60157418e241152ef1aa3f909ad7b
https://github.com/NixOS/nixpkgs/commit/7b82d1ee27a60157418e241152ef1aa3f909ad7b
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-18 (Tue, 18 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Ensure that the container root can always be accessed via /var/lib/containers
Commit: 11c4c4ae54bbef647358d2b6d6c3ddf0457f81f7
https://github.com/NixOS/nixpkgs/commit/11c4c4ae54bbef647358d2b6d6c3ddf0457f81f7
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-18 (Tue, 18 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Add command ‘nixos-container-shell’ for logging into a container
Commit: 5b10ea1f99edf1855d0735330634a463771a5ee2
https://github.com/NixOS/nixpkgs/commit/5b10ea1f99edf1855d0735330634a463771a5ee2
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-18 (Tue, 18 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Don't run dhcpcd in containers
Commit: 7ee31c7f94d121f5e57779c0c1478aee30d80cb1
https://github.com/NixOS/nixpkgs/commit/7ee31c7f94d121f5e57779c0c1478aee30d80cb1
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-18 (Tue, 18 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/container-login.nix
Log Message:
-----------
Fix permissions
Commit: 2ace7edb81509189a15a0b8e8d0ee1886be9e725
https://github.com/NixOS/nixpkgs/commit/2ace7edb81509189a15a0b8e8d0ee1886be9e725
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Rename systemd.containers -> containers
That NixOS containers use systemd-nspawn is just an implementation
detail (which we could change in the future).
Commit: 0cca0f477f168cee994b2c90d20b713f2bb67d85
https://github.com/NixOS/nixpkgs/commit/0cca0f477f168cee994b2c90d20b713f2bb67d85
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
A nixos/modules/virtualisation/nixos-container.sh
Log Message:
-----------
nixos-container-shell -> nixos-container { login | root-shell }
Commit: ba88db3cd332e439dd2090b64abb7b9942b5fc94
https://github.com/NixOS/nixpkgs/commit/ba88db3cd332e439dd2090b64abb7b9942b5fc94
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
M nixos/modules/virtualisation/nixos-container.sh
Log Message:
-----------
Add support for imperative container management
The command nixos-container can now create containers. For instance,
the following creates and starts a container named ‘database’:
$ nixos-container create database
The configuration of the container is stored in
/var/lib/containers/<name>/etc/nixos/configuration.nix. After editing
the configuration, you can make the changes take effect by doing
$ nixos-container update database
The container can also be destroyed:
$ nixos-container destroy database
Containers are now executed using a template unit,
‘[email protected]’, so the unit in this example would be
‘[email protected]’.
Commit: 29c469b88db31d56acf02478fffea14f15372b1f
https://github.com/NixOS/nixpkgs/commit/29c469b88db31d56acf02478fffea14f15372b1f
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/containers.nix
Log Message:
-----------
Allow dashes in container names
Commit: 6010b0e8868b5a8058302a7b7839cddb21272043
https://github.com/NixOS/nixpkgs/commit/6010b0e8868b5a8058302a7b7839cddb21272043
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/nixos-container.sh
Log Message:
-----------
nixos-container: NixOps helper functions
Commit: 07adfae5519ae12ce1a06d2b57f027c97288d0fb
https://github.com/NixOS/nixpkgs/commit/07adfae5519ae12ce1a06d2b57f027c97288d0fb
Author: Eelco Dolstra <[email protected]>
Date: 2014-03-24 (Mon, 24 Mar 2014)
Changed paths:
M nixos/modules/virtualisation/nixos-container.sh
Log Message:
-----------
Remove hard-coded SSH key
Compare: https://github.com/NixOS/nixpkgs/compare/0d506aa712cf^...07adfae5519a_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits
