nixos/lxd: Add service

1 files changed, 64 insertions, 0 deletions

diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix
new file mode 100644
index 0000000000000..488153334bc1b
--- /dev/null
+++ b/nixos/modules/virtualisation/lxd.nix
@@ -0,0 +1,64 @@
+# Systemd services for lxd.
+
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+  cfg = config.virtualisation.lxd;
+
+in
+
+{
+  ###### interface
+
+  options = {
+
+    virtualisation.lxd.enable =
+      mkOption {
+        type = types.bool;
+        default = false;
+        description =
+          ''
+            This option enables lxd, a daemon that manages
+            containers. Users in the "lxd" group can interact with
+            the daemon (e.g. to start or stop containers) using the
+            <command>lxc</command> command line tool, among others.
+          '';
+      };
+
+  };
+
+
+  ###### implementation
+
+  config = mkIf cfg.enable {
+
+    environment.systemPackages =
+      [ pkgs.lxd ];
+
+    systemd.services.lxd =
+      { description = "LXD Container Management Daemon";
+
+        wantedBy = [ "multi-user.target" ];
+        after = [ "systemd-udev-settle.service" ];
+
+        # TODO(wkennington): Add lvm2 and thin-provisioning-tools
+        path = with pkgs; [ acl rsync gnutar xz btrfsProgs ];
+
+        serviceConfig.ExecStart = "@${pkgs.lxd}/bin/lxd lxd --syslog --group lxd";
+        serviceConfig.Type = "simple";
+        serviceConfig.KillMode = "process"; # when stopping, leave the containers alone
+      };
+
+    users.extraGroups.lxd.gid = config.ids.gids.lxd;
+
+    users.extraUsers.root = {
+      subUidRanges = [ { startUid = 1000000; count = 65536; } ];
+      subGidRanges = [ { startGid = 1000000; count = 65536; } ];
+    };
+
+  };
+
+}