about summary refs log tree commit diff
diff options
context:
space:
mode:
authorNikolay Amiantov <ab@fmap.me>2022-02-05 14:37:11 +0300
committerNikolay Amiantov <ab@fmap.me>2022-02-05 14:59:28 +0300
commitcb18e6cd01166834d8b731fbe76d6ed4fd2e08c0 (patch)
tree365942b1206274d81acb1a7350824f5946767ea7
parent1ce6ed1917edf1a31264e480f6bedebcfa9b5972 (diff)
nixos/docker-rootless: disable for root
Diffstat
-rw-r--r--nixos/modules/virtualisation/docker-rootless.nix6


1 files changed, 5 insertions, 1 deletions
diff --git a/nixos/modules/virtualisation/docker-rootless.nix b/nixos/modules/virtualisation/docker-rootless.nix
index 0e7f050314208..d371f67ecdc84 100644
--- a/nixos/modules/virtualisation/docker-rootless.nix
+++ b/nixos/modules/virtualisation/docker-rootless.nix
@@ -76,7 +76,11 @@ in
       # needs newuidmap from pkgs.shadow
       path = [ "/run/wrappers" ];
       environment = proxy_env;
-      unitConfig.StartLimitInterval = "60s";
+      unitConfig = {
+        # docker-rootless doesn't support running as root.
+        ConditionUser = "!root";
+        StartLimitInterval = "60s";
+      };
       serviceConfig = {
         Type = "notify";
         ExecStart = "${cfg.package}/bin/dockerd-rootless --config-file=${daemonSettingsFile}";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-22 00:05:49 +0000