From 20c2a3ef58bfae108ff76c00feeb733a96043a8c Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Fri, 10 Dec 2021 23:17:44 +0100 Subject: [PATCH] podman: udpate containers.conf --- nix/home-manager/programs/podman.nix | 55 +++++++++++----------------- 1 file changed, 22 insertions(+), 33 deletions(-) diff --git a/nix/home-manager/programs/podman.nix b/nix/home-manager/programs/podman.nix index 193e981..ec8e86a 100644 --- a/nix/home-manager/programs/podman.nix +++ b/nix/home-manager/programs/podman.nix @@ -49,6 +49,15 @@ let # containers.conf is the default configuration file for all tools using libpod to # manage containers + [containers] + + # Maximum size of log files (in bytes) + # -1 is unlimited + log_size_max = -1 + + + [engine] + # Default transport method for pulling and pushing for images image_default_transport = "docker://" @@ -65,21 +74,26 @@ let ] # CGroup Manager - valid values are "systemd" and "cgroupfs" - # cgroup_manager = "systemd" - cgroup_manager = "cgroupfs" + cgroup_manager = "systemd" - # Maximum size of log files (in bytes) - # -1 is unlimited - max_log_size = -1 # Whether to use chroot instead of pivot_root in the runtime no_pivot_root = false + # Determines whether libpod will reserve ports on the host when they are + # forwarded to containers. When enabled, when ports are forwarded to containers, + # they are held open by conmon as long as the container is running, ensuring that + # they cannot be reused by other programs on the host. However, this can cause + # significant memory usage if a container has many ports forwarded to it. + # Disabling this can save memory. + enable_port_reservation = true + + [network] # Directory containing CNI plugin configuration files - cni_config_dir = "${cniConfigDir}" + network_config_dir = "${cniConfigDir}" # Directories where the CNI plugin binaries may be located - cni_plugin_dir = [ + cni_plugin_dirs = [ "${pkgs.cni-plugins}/bin" ] @@ -90,32 +104,7 @@ let # 87-podman-bridge.conflist included in the repository. # Not setting this, or setting it to the empty string, will use normal CNI # precedence rules for selecting between multiple networks. - cni_default_network = "podman" - - # Default libpod namespace - # If libpod is joined to a namespace, it will see only containers and pods - # that were created in the same namespace, and will create new containers and - # pods in that namespace. - # The default namespace is "", which corresponds to no namespace. When no - # namespace is set, all containers and pods are visible. - #namespace = "" - - # Default pause image name for pod pause containers - pause_image = "k8s.gcr.io/pause:3.1" - - # Default command to run the pause container - pause_command = "/pause" - - # Determines whether libpod will reserve ports on the host when they are - # forwarded to containers. When enabled, when ports are forwarded to containers, - # they are held open by conmon as long as the container is running, ensuring that - # they cannot be reused by other programs on the host. However, this can cause - # significant memory usage if a container has many ports forwarded to it. - # Disabling this can save memory. - enable_port_reservation = true - - # Default libpod support for container labeling - # label=true + default_network = "podman" ''; in { home.packages = with pkgs; [