From 75a30648fd02a4574b70c609e96ec4685945d6c6 Mon Sep 17 00:00:00 2001 From: SEIAROTg Date: Tue, 17 Dec 2024 15:59:55 +0000 Subject: [PATCH] feat: updates options from upstream. --- container.nix | 193 ++++++++++++++++++++++++++++++++++++++++++++------ network.nix | 24 +++++++ pod.nix | 25 ++++--- 3 files changed, 212 insertions(+), 30 deletions(-) diff --git a/container.nix b/container.nix index 2c31226..f64b2de 100644 --- a/container.nix +++ b/container.nix @@ -54,6 +54,14 @@ let property = "AutoUpdate"; }; + cgroupsMode = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "no-conmon"; + description = "--cgroups"; + property = "CgroupsMode"; + }; + name = quadletUtils.mkOption { type = types.nullOr types.str; default = null; @@ -62,6 +70,14 @@ let property = "ContainerName"; }; + modules = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "/etc/nvd.conf" ]; + description = "--module"; + property = "ContainersConfModule"; + }; + dns = quadletUtils.mkOption { type = types.listOf types.str; default = [ ]; @@ -94,6 +110,14 @@ let property = "DropCapability"; }; + entrypoint = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "/foo.sh"; + description = "--entrypoint"; + property = "Entrypoint"; + }; + environments = quadletUtils.mkOption { type = types.attrsOf types.str; default = { }; @@ -135,6 +159,22 @@ let property = "ExposeHostPort"; }; + gidMaps = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "0:10000:10" ]; + description = "--gidmap"; + property = "GIDMap"; + }; + + globalArgs = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "--log-level=debug" ]; + description = "global args"; + property = "GlobalArgs"; + }; + group = quadletUtils.mkOption { type = types.nullOr types.str; default = null; @@ -142,13 +182,13 @@ let description = "--user UID:..."; property = "Group"; }; - - gidMaps = quadletUtils.mkOption { + + addGroups = quadletUtils.mkOption { type = types.listOf types.str; - default = [ ]; - example = [ "0:10000:10" ]; - description = "--gidmap"; - property = "GIDMap"; + default = [ ]; + example = [ "keep-groups" ]; + description = "--group-add"; + property = "GroupAdd"; }; healthCmd = quadletUtils.mkOption { @@ -167,6 +207,30 @@ let property = "HealthInterval"; }; + healthLogDestination = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "/foo/log"; + description = "--health-log-destination"; + property = "HealthLogDestination"; + }; + + healthMaxLogCount = quadletUtils.mkOption { + type = types.nullOr types.int; + default = null; + example = 5; + description = "--health-max-log-count"; + property = "HealthMaxLogCount"; + }; + + healthMaxLogSize = quadletUtils.mkOption { + type = types.nullOr types.int; + default = null; + example = 500; + description = " --health-max-log-size"; + property = "HealthMaxLogSize"; + }; + healthOnFailure = quadletUtils.mkOption { type = types.nullOr types.str; default = null; @@ -286,6 +350,22 @@ let property = "LogDriver"; }; + logOptions = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "path=/var/log/mykube.json" ]; + description = "--log-opt"; + property = "LogOpt"; + }; + + mask = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "/proc/sys/foo:/proc/sys/bar"; + description = "--security-opt mask=..."; + property = "Mask"; + }; + mounts = quadletUtils.mkOption { type = types.listOf types.str; default = [ ]; @@ -302,6 +382,14 @@ let property = "Network"; }; + networkAliases = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "name" ]; + description = "--network-alias"; + property = "NetworkAlias"; + }; + noNewPrivileges = quadletUtils.mkOption { type = types.nullOr types.bool; default = null; @@ -309,14 +397,6 @@ let property = "NoNewPrivileges"; }; - rootfs = quadletUtils.mkOption { - type = types.nullOr types.str; - default = null; - example = "/var/lib/rootfs"; - description = "--rootfs"; - property = "Rootfs"; - }; - notify = quadletUtils.mkOption { type = types.enum [ null true false "healthy" ]; default = null; @@ -324,6 +404,14 @@ let property = "Notify"; }; + pidsLimit = quadletUtils.mkOption { + type = types.nullOr types.int; + default = null; + example = 10000; + description = "--pids-limit"; + property = "PidsLimit"; + }; + pod = quadletUtils.mkOption { type = types.nullOr types.str; default = null; @@ -362,6 +450,21 @@ let property = "ReadOnly"; }; + readOnlyTmpfs = quadletUtils.mkOption { + type = types.nullOr types.bool; + default = null; + description = "--read-only-tmpfs"; + property = "ReadOnlyTmpfs"; + }; + + rootfs = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "/var/lib/rootfs"; + description = "--rootfs"; + property = "Rootfs"; + }; + runInit = quadletUtils.mkOption { type = types.nullOr types.bool; default = null; @@ -431,6 +534,45 @@ let property = "ShmSize"; }; + startWithPod = quadletUtils.mkOption { + type = types.nullOr types.bool; + default = null; + description = "If pod is defined, container is started by pod"; + property = "StartWithPod"; + }; + + stopSignal = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "SIGINT"; + description = "--stop-signal"; + property = "StopSignal"; + }; + + stopTimeout = quadletUtils.mkOption { + type = types.nullOr types.int; + default = null; + example = 20; + description = "--stop-timeout"; + property = "StopTimeout"; + }; + + subGIDMap = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "gtest"; + description = "--subgidname"; + property = "SubGIDMap"; + }; + + subUIDMap = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "utest"; + description = "--subuidname"; + property = "SubUIDMap"; + }; + sysctl = quadletUtils.mkOption { type = types.attrsOf types.str; default = { }; @@ -465,6 +607,22 @@ let property = "UIDMap"; }; + ulimits = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "nofile=1000:10000" ]; + description = "--ulimit"; + property = "Ulimit"; + }; + + unmask = quadletUtils.mkOption { + type = types.nullOr types.str; + default = null; + example = "ALL"; + description = "--security-opt unmask=..."; + property = "Unmask"; + }; + user = quadletUtils.mkOption { type = types.nullOr types.str; default = null; @@ -481,13 +639,6 @@ let property = "UserNS"; }; - volatileTmp = quadletUtils.mkOption { - type = types.nullOr types.bool; - default = null; - description = "--tmpfs /tmp"; - property = "VolatileTmp"; - }; - volumes = quadletUtils.mkOption { type = types.listOf types.str; default = [ ]; diff --git a/network.nix b/network.nix index 2bb8cf0..5be7cfe 100644 --- a/network.nix +++ b/network.nix @@ -11,6 +11,14 @@ let inherit (lib) types mkOption getExe; networkOpts = { + modules = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "/etc/nvd.conf" ]; + description = "--module"; + property = "ContainersConfModule"; + }; + disableDns = quadletUtils.mkOption { type = types.nullOr types.bool; default = null; @@ -18,6 +26,14 @@ let property = "DisableDNS"; }; + dns = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "192.168.55.1" ]; + description = "--dns"; + property = "DNS"; + }; + driver = quadletUtils.mkOption { type = types.nullOr ( types.enum [ @@ -40,6 +56,14 @@ let property = "Gateway"; }; + globalArgs = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "--log-level=debug" ]; + description = "global args"; + property = "GlobalArgs"; + }; + internal = quadletUtils.mkOption { type = types.nullOr types.bool; default = null; diff --git a/pod.nix b/pod.nix index bba868c..4646653 100644 --- a/pod.nix +++ b/pod.nix @@ -25,6 +25,14 @@ let property = "AddHost"; }; + modules = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "/etc/nvd.conf" ]; + description = "--module"; + property = "ContainersConfModule"; + }; + dns = quadletUtils.mkOption { type = types.listOf types.str; default = [ ]; @@ -57,14 +65,13 @@ let property = "GIDMap"; }; - # Not recommended to use by upstream: - # globalArgs = quadletUtils.mkOption { - # type = types.listOf types.str; - # default = [ ]; - # example = [ "--log-level=debug" ]; - # description = ""; - # property = "GlobalArgs"; - # }; + globalArgs = quadletUtils.mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "--log-level=debug" ]; + description = "global args"; + property = "GlobalArgs"; + }; ip = quadletUtils.mkOption { type = types.nullOr types.str; @@ -157,7 +164,7 @@ let volumes = quadletUtils.mkOption { type = types.listOf types.str; default = [ ]; - example = [ ]; + example = [ "/source:/dest" ]; description = "--volume"; property = "Volume"; };