pkgs/applications/virtualization/podman/default.nix at netboot-syslinux-multiplatform

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / applications / virtualization / podman / default.nix
at netboot-syslinux-multiplatform 159 lines 4.2 kB view raw
wrap content
  1{ lib
  2, stdenv
  3, fetchFromGitHub
  4, pkg-config
  5, installShellFiles
  6, buildGoModule
  7, gpgme
  8, lvm2
  9, btrfs-progs
 10, libapparmor
 11, libseccomp
 12, libselinux
 13, systemd
 14, go-md2man
 15, nixosTests
 16, python3
 17, makeWrapper
 18, runtimeShell
 19, symlinkJoin
 20, extraPackages ? [ ]
 21, runc
 22, crun
 23, conmon
 24, slirp4netns
 25, fuse-overlayfs
 26, util-linux
 27, iptables
 28, iproute2
 29, catatonit
 30, gvproxy
 31, aardvark-dns
 32, netavark
 33, testers
 34, podman
 35}:
 36let
 37  # do not add qemu to this wrapper, store paths get written to the podman vm config and break when GCed
 38
 39  binPath = lib.makeBinPath (lib.optionals stdenv.isLinux [
 40    runc
 41    crun
 42    conmon
 43    slirp4netns
 44    fuse-overlayfs
 45    util-linux
 46    iptables
 47    iproute2
 48  ] ++ extraPackages);
 49
 50  helpersBin = symlinkJoin {
 51    name = "podman-helper-binary-wrapper";
 52
 53    # this only works for some binaries, others may need to be be added to `binPath` or in the modules
 54    paths = [
 55      gvproxy
 56    ] ++ lib.optionals stdenv.isLinux [
 57      aardvark-dns
 58      catatonit # added here for the pause image and also set in `containersConf` for `init_path`
 59      netavark
 60    ];
 61  };
 62in
 63buildGoModule rec {
 64  pname = "podman";
 65  version = "4.5.1";
 66
 67  src = fetchFromGitHub {
 68    owner = "containers";
 69    repo = "podman";
 70    rev = "v${version}";
 71    hash = "sha256-PG2/iMsr/shLqhuYSvhT1I1kPDh0g0ebnGUHHzA7u5A=";
 72  };
 73
 74  patches = [
 75    # we intentionally don't build and install the helper so we shouldn't display messages to users about it
 76    ./rm-podman-mac-helper-msg.patch
 77  ];
 78
 79  vendorHash = null;
 80
 81  doCheck = false;
 82
 83  outputs = [ "out" "man" ];
 84
 85  nativeBuildInputs = [ pkg-config go-md2man installShellFiles makeWrapper python3 ];
 86
 87  buildInputs = lib.optionals stdenv.isLinux [
 88    btrfs-progs
 89    gpgme
 90    libapparmor
 91    libseccomp
 92    libselinux
 93    lvm2
 94    systemd
 95  ];
 96
 97  HELPER_BINARIES_DIR = "${PREFIX}/libexec/podman"; # used in buildPhase & installPhase
 98  PREFIX = "${placeholder "out"}";
 99
100  buildPhase = ''
101    runHook preBuild
102    patchShebangs .
103    substituteInPlace Makefile --replace "/bin/bash" "${runtimeShell}"
104    ${if stdenv.isDarwin then ''
105      make podman-remote # podman-mac-helper uses FHS paths
106    '' else ''
107      make bin/podman bin/rootlessport bin/quadlet
108    ''}
109    make docs
110    runHook postBuild
111  '';
112
113  installPhase = ''
114    runHook preInstall
115    ${if stdenv.isDarwin then ''
116      install bin/darwin/podman -Dt $out/bin
117    '' else ''
118      make install.bin install.systemd
119    ''}
120    make install.completions install.man
121    mkdir -p ${HELPER_BINARIES_DIR}
122    ln -s ${helpersBin}/bin/* ${HELPER_BINARIES_DIR}
123    wrapProgram $out/bin/podman \
124      --prefix PATH : ${lib.escapeShellArg binPath}
125    runHook postInstall
126  '';
127
128  postFixup = lib.optionalString stdenv.isLinux ''
129    RPATH=$(patchelf --print-rpath $out/bin/.podman-wrapped)
130    patchelf --set-rpath "${lib.makeLibraryPath [ systemd ]}":$RPATH $out/bin/.podman-wrapped
131  '';
132
133  passthru.tests = {
134    version = testers.testVersion {
135      package = podman;
136      command = "HOME=$TMPDIR podman --version";
137    };
138  } // lib.optionalAttrs stdenv.isLinux {
139    inherit (nixosTests) podman;
140    # related modules
141    inherit (nixosTests)
142      podman-tls-ghostunnel
143      ;
144    oci-containers-podman = nixosTests.oci-containers.podman;
145  };
146
147  meta = with lib; {
148    homepage = "https://podman.io/";
149    description = "A program for managing pods, containers and container images";
150    longDescription = ''
151      Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of containers. Podman runs containers on Linux, but can also be used on Mac and Windows systems using a Podman-managed virtual machine. Podman is based on libpod, a library for container lifecycle management that is also contained in this repository. The libpod library provides APIs for managing containers, pods, container images, and volumes.
152
153      To install on NixOS, please use the option `virtualisation.podman.enable = true`.
154    '';
155    changelog = "https://github.com/containers/podman/blob/v${version}/RELEASE_NOTES.md";
156    license = licenses.asl20;
157    maintainers = with maintainers; [ marsam ] ++ teams.podman.members;
158  };
159}