pyrox.dev
lol
nixos/lxd: partial fix
+13
nixos/modules/virtualisation/lxd.nix
+13
nixos/modules/virtualisation/lxd.nix
···
38
environment.systemPackages =
39
[ pkgs.lxd ];
40
41
systemd.services.lxd =
42
{ description = "LXD Container Management Daemon";
43
···
46
47
# TODO(wkennington): Add lvm2 and thin-provisioning-tools
48
path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ];
49
50
serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd";
51
serviceConfig.Type = "simple";
···
38
environment.systemPackages =
39
[ pkgs.lxd ];
40
41
+
security.apparmor = {
42
+
enable = true;
43
+
profiles = [
44
+
"${pkgs.lxc}/etc/apparmor.d/usr.bin.lxc-start"
45
+
"${pkgs.lxc}/etc/apparmor.d/lxc-containers"
46
+
];
47
+
packages = [ pkgs.lxc ];
48
+
};
49
+
50
systemd.services.lxd =
51
{ description = "LXD Container Management Daemon";
52
···
55
56
# TODO(wkennington): Add lvm2 and thin-provisioning-tools
57
path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ];
58
+
59
+
preStart = ''
60
+
mkdir -m 0755 -p /var/lib/lxc/rootfs
61
+
'';
62
63
serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd";
64
serviceConfig.Type = "simple";