57 lines
1.5 KiB
Nix
57 lines
1.5 KiB
Nix
{ lib, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
imports = [
|
|
../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
|
|
];
|
|
|
|
config = {
|
|
system.build.tarball = mkForce (pkgs.callPackage ../../lib/make-system-tarball.nix {
|
|
extraArgs = "--owner=0";
|
|
|
|
storeContents = [
|
|
config.system.build.toplevel
|
|
];
|
|
|
|
contents = [
|
|
{
|
|
source = pkgs.writeText "metadata.yaml" ''
|
|
architecture: ${builtins.elemAt (builtins.match "^([a-z0-9_]+).+" (toString pkgs.system)) 0}
|
|
creation_date: 0
|
|
properties:
|
|
description: NixOS ${config.system.nixos.codeName} ${config.system.nixos.label} ${pkgs.system}
|
|
os: nixos
|
|
release: ${config.system.nixos.codeName}
|
|
'';
|
|
target = "/metadata.yaml";
|
|
}
|
|
{
|
|
source = config.system.build.toplevel + "/init";
|
|
target = "/sbin/init";
|
|
}
|
|
];
|
|
|
|
extraCommands = "mkdir -p proc sys dev";
|
|
});
|
|
|
|
# Allow the user to login as root without password.
|
|
users.users.root.initialHashedPassword = mkOverride 150 "";
|
|
|
|
# Some more help text.
|
|
services.getty.helpLine =
|
|
''
|
|
|
|
Log in as "root" with an empty password.
|
|
'';
|
|
|
|
# Containers should be light-weight, so start sshd on demand.
|
|
services.openssh.enable = mkDefault true;
|
|
services.openssh.startWhenNeeded = mkDefault true;
|
|
|
|
# Allow ssh connections
|
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
|
};
|
|
}
|