Merge pull request #119 from hercules-ci/nixos-21.05-podman-preparation
Add NixOS 21.05 to ci.nix
This commit is contained in:
Robert Hensing
GitHub
commit
4a38050a05
4 changed files with 37 additions and 13 deletions
2
.envrc
2
.envrc
|
|
@ -1,4 +1,6 @@
|
||||||
|
HOST_XDG_DATA_DIRS="${XDG_DATA_DIRS:-}"
|
||||||
eval "$(lorri direnv)"
|
eval "$(lorri direnv)"
|
||||||
|
export XDG_DATA_DIRS="${XDG_DATA_DIRS}:${HOST_XDG_DATA_DIRS}"
|
||||||
|
|
||||||
# Use system PKI
|
# Use system PKI
|
||||||
unset SSL_CERT_FILE
|
unset SSL_CERT_FILE
|
||||||
|
|
|
||||||
|
|
@ -61,11 +61,18 @@ Add this module to your NixOS configuration:
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }: {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.arion
|
pkgs.arion
|
||||||
pkgs.docker # docker CLI will use podman socket
|
|
||||||
|
# Do install the docker CLI to talk to podman.
|
||||||
|
# Not needed when virtualisation.docker.enable = true;
|
||||||
|
pkgs.docker-client
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Arion works with Docker, but for NixOS-based containers, you need Podman
|
||||||
|
# since NixOS 21.05.
|
||||||
virtualisation.docker.enable = false;
|
virtualisation.docker.enable = false;
|
||||||
virtualisation.podman.enable = true;
|
virtualisation.podman.enable = true;
|
||||||
virtualisation.podman.dockerSocket.enable = true;
|
virtualisation.podman.dockerSocket.enable = true;
|
||||||
|
virtualisation.podman.defaultNetwork.dnsname.enable = true;
|
||||||
|
|
||||||
# Use your username instead of `myuser`
|
# Use your username instead of `myuser`
|
||||||
users.extraUsers.myuser.extraGroups = ["podman"];
|
users.extraUsers.myuser.extraGroups = ["podman"];
|
||||||
|
|
@ -125,8 +132,6 @@ Describe containers using NixOS-style modules. There are a few options:
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
==== NixOS: run only one systemd service
|
==== NixOS: run only one systemd service
|
||||||
|
|
@ -134,7 +139,6 @@ Describe containers using NixOS-style modules. There are a few options:
|
||||||
`examples/nixos-unit/arion-compose.nix`:
|
`examples/nixos-unit/arion-compose.nix`:
|
||||||
|
|
||||||
```nix
|
```nix
|
||||||
|
|
||||||
{
|
{
|
||||||
services.webserver = { config, pkgs, ... }: {
|
services.webserver = { config, pkgs, ... }: {
|
||||||
|
|
||||||
|
|
@ -157,7 +161,6 @@ Describe containers using NixOS-style modules. There are a few options:
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
==== NixOS: run full OS
|
==== NixOS: run full OS
|
||||||
|
|
@ -220,10 +223,10 @@ development environments while working on
|
||||||
https://www.hercules-ci.com[Hercules CI]. (It was also born out of
|
https://www.hercules-ci.com[Hercules CI]. (It was also born out of
|
||||||
ancient Greek deities disguised as horses. More on that later.)
|
ancient Greek deities disguised as horses. More on that later.)
|
||||||
|
|
||||||
If you do want to use Arion for production environments, you’ll probably
|
Arion can be used for simple single host deployments, using Docker's TLS
|
||||||
want to either build normal container images or manage garbage
|
client verification, or https://search.nixos.org/options?channel=unstable&show=virtualisation.podman.networkSocket.enable&query=virtualisation.podman[`virtualisation.podman.networkSocket` options].
|
||||||
collection roots if you control the deployment host. Neither scenario is
|
Remote deployments do not support `useHostStore`, although an SSH-based deployment method could support this.
|
||||||
made easier by arion at this time.
|
Docker Swarm is not currently supported.
|
||||||
|
|
||||||
Arion has run successfully on Linux distributions other than NixOS, but we only perform CI for Arion on NixOS.
|
Arion has run successfully on Linux distributions other than NixOS, but we only perform CI for Arion on NixOS.
|
||||||
|
|
||||||
|
|
@ -254,6 +257,8 @@ container.
|
||||||
|
|
||||||
Nope, it’s just Nix and Docker Compose under the hood.
|
Nope, it’s just Nix and Docker Compose under the hood.
|
||||||
|
|
||||||
|
It does xref:hercules-ci-effects:ROOT:reference/nix-functions/runArion.adoc[integrate] nicely though.
|
||||||
|
|
||||||
=== What about garbage collection?
|
=== What about garbage collection?
|
||||||
|
|
||||||
Arion removes the need for garbage collecting docker images, delegating
|
Arion removes the need for garbage collecting docker images, delegating
|
||||||
|
|
@ -266,8 +271,9 @@ generate images that can be used in production.
|
||||||
|
|
||||||
=== Why is my container not running latest code?
|
=== Why is my container not running latest code?
|
||||||
|
|
||||||
Restart it with `arion restart <name>` or if you've changed the image rebuild
|
Rebuild the image using `arion up -d --always-recreate-deps <name>` or simply `arion up -d`.
|
||||||
them using `arion up -d --always-recreate-deps <name>`.
|
|
||||||
|
Like `docker-compose restart`, `arion restart` does not update the image before starting.
|
||||||
|
|
||||||
=== What is messing with my environment variables?
|
=== What is messing with my environment variables?
|
||||||
|
|
||||||
|
|
@ -278,11 +284,11 @@ reference a script from `pkgs.writeScript` or escape the dollar sign as
|
||||||
|
|
||||||
=== Why name it ``Arion``?
|
=== Why name it ``Arion``?
|
||||||
|
|
||||||
Arion comes from Greek mythology. Poseidon, the god of ~Docker~ the seas
|
Arion comes from Greek mythology. Poseidon, the god of Docker -- I mean the seas --
|
||||||
had his eye on Demeter. Demeter tried to trick him by disguising as a
|
had his eye on Demeter. Demeter tried to trick him by disguising as a
|
||||||
horse, but Poseidon saw through the deception and they had Arion.
|
horse, but Poseidon saw through the deception and they had Arion.
|
||||||
|
|
||||||
So Arion is a super fast divine horse; the result of some weird mixing.
|
So Arion is a super fast divine horse; the result of some weird mixing.
|
||||||
Also it talks.
|
Also it talks.
|
||||||
|
|
||||||
(And we feel morally obliged to name our stuff after Greek mythology)
|
(And we felt morally obliged to name our stuff after Greek mythology)
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,10 @@ dimension "Nixpkgs version" {
|
||||||
dockerSupportsSystemd = true;
|
dockerSupportsSystemd = true;
|
||||||
nixosHasPodmanDockerSocket = false;
|
nixosHasPodmanDockerSocket = false;
|
||||||
};
|
};
|
||||||
|
"nixos-21_05" = {
|
||||||
|
nixpkgsSource = "nixos-21.05";
|
||||||
|
enableDoc = true;
|
||||||
|
};
|
||||||
"nixos-unstable" = {
|
"nixos-unstable" = {
|
||||||
nixpkgsSource = "nixos-unstable";
|
nixpkgsSource = "nixos-unstable";
|
||||||
enableDoc = true;
|
enableDoc = true;
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,18 @@
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/0cfe5377e8993052f9b0dd56d058f8008af45bd9.tar.gz",
|
"url": "https://github.com/NixOS/nixpkgs/archive/0cfe5377e8993052f9b0dd56d058f8008af45bd9.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
|
"nixos-21.05": {
|
||||||
|
"branch": "nixos-21.05",
|
||||||
|
"description": "Nix Packages collection",
|
||||||
|
"homepage": null,
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "297970378b9437541c065f3fef26871397edd2d4",
|
||||||
|
"sha256": "1q5dnylr4w1xqn3qxx7hn0pn01pcwdmsy70cjs01dn8b50ppc93g",
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://github.com/NixOS/nixpkgs/archive/297970378b9437541c065f3fef26871397edd2d4.tar.gz",
|
||||||
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
|
},
|
||||||
"nixos-unstable": {
|
"nixos-unstable": {
|
||||||
"branch": "master",
|
"branch": "master",
|
||||||
"description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",
|
"description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue