distrobox

flake.nix

@@ -3,7 +3,7 @@
 
   inputs = {
     # https://github.com/nixos/nixpkgs
-    nixpkgs-edge.url = "github:NixOS/nixpkgs/nixos-unstable";
+    nixpkgs-edge.url = "github:NixOS/nixpkgs/nixos-unstable"; # "edge" is four letters
     nixpkgs-2311.url = "github:NixOS/nixpkgs/nixos-23.11";
     nixpkgs-2305.url = "github:NixOS/nixpkgs/nixos-23.05";
     nixpkgs-2211.url = "github:NixOS/nixpkgs/nixos-22.11"; # for old docs
@@ -121,7 +121,7 @@
     inputs-2003 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2003; };
     inputs-1909 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-1909; };
 
-    mkFlakeView = inputs: system: inputs.nixpkgs.lib.mapAttrs (name: flake: {
+    mkFlakeView = inputs: system: inputs.nixpkgs.lib.mapAttrs (name: flake: flake // {
       # TODO filter non-flake inputs
       nixos = flake.nixosModules
         or null;
@@ -194,7 +194,7 @@
         to.type = "github";
         to.owner = "NixOS";
         to.repo = "nixpkgs";
-        to.ref = "nixpkgs-unstable-small";
+        to.ref = "nixos-unstable-small";
       };
       nix.nixPath = [
         "nixpkgs=${inputs.nixpkgs}"

hosts/garp/default.nix

@@ -24,8 +24,8 @@
     ./hardware-configuration.nix
     ../../profiles/sshd.nix
     #../../profiles/no-suspend.nix
-    #../../profiles/podman.nix
+    #../../profiles/oci/podman.nix
-    #../../profiles/docker.nix
+    #../../profiles/oci/docker.nix
 
     ../../users/pbsds
 

hosts/sopp/default.nix

@@ -24,8 +24,9 @@
     ./hardware-configuration.nix
     ../../profiles/sshd.nix
     ../../profiles/no-suspend.nix
-    #../../profiles/podman.nix
+    #../../profiles/oci/podman.nix
-    ../../profiles/docker.nix
+    ../../profiles/oci/docker.nix
+    ../../profiles/oci/distrobox.nix
 
     ../../users/pbsds
 

profiles/oci/distrobox.nix

@@ -0,0 +1,39 @@
+{ pkgs, config, ... }:
+
+{
+
+  assertions = [
+    {
+      assertion = config.virtualisation.docker.enable || config.virtualisation.podman.enable;
+      message = "distrobox requires either podman or docker";
+    }
+  ];
+
+  environment.systemPackages = [
+    pkgs.distrobox
+  ];
+
+  # update periodically
+  systemd.user = {
+    timers."distrobox-update" = {
+      enable = true;
+      wantedBy = ["timers.target"];
+      timerConfig = {
+        OnBootSec = "1h";
+        OnUnitActiveSec = "1d";
+        Unit = "distrobox-update.service";
+      };
+    };
+
+    services."distrobox-update" = {
+      enable = true;
+      script = ''
+        ${pkgs.distrobox}/bin/distrobox upgrade --all
+      '';
+      serviceConfig = {
+        Type = "oneshot";
+      };
+    };
+  };
+
+}

profiles/oci/docker.nix

@@ -1,7 +1,8 @@
 { lib, pkgs, ... }:
 {
   virtualisation.docker.enable = true;
-  #virtualisation.oci-containers.backend = lib.mkDefault "docker";
+  virtualisation.oci-containers.backend = lib.mkDefault "docker";
+
 
   virtualisation.docker.autoPrune.enable = true;
   virtualisation.docker.autoPrune.dates = "weekly";
@@ -11,12 +12,13 @@
     #docker-compose
   ];
 
-  # remember to add your user:
-  #users.users.USERNAME.extraGroups = [ "docker" ];
 
   # Required for containers under podman-compose to be able to talk to each other.
   #virtualisation.defaultNetwork.settings.dns_enabled = true;
 
   # TODO: if root-on-zfs
   #virtualisation.podman.extraPackages = [ pkgs.zfs ];
+
+  # remember to add your user:
+  #users.users.USERNAME.extraGroups = [ "docker" ];
 }

profiles/oci/podman.nix

@@ -1,8 +1,8 @@
 { config, pkgs, ... }:
 {
   virtualisation.podman.enable = true;
-  virtualisation.podman.dockerCompat = !config.virtualisation.docker.enable; # alias docker to podman
   virtualisation.oci-containers.backend = "podman"; # default
+  virtualisation.podman.dockerCompat = !config.virtualisation.docker.enable; # alias docker to podman
 
   virtualisation.podman.autoPrune.enable = true;
   virtualisation.podman.autoPrune.dates = "weekly";
@@ -13,7 +13,6 @@
     podman-tui
   ];
 
-
   # Required for containers under podman-compose to be able to talk to each other.
   #virtualisation.defaultNetwork.settings.dns_enabled = true;