Skip to content

Commit

Permalink
nixos/containers: new registries.settings option, deprecate others
Browse files Browse the repository at this point in the history
Those options mapped to the deprecated V1 format,
and didn't allow using the newer format.

If any of the older options are used,
a warning is displayed,
and the generated registries.conf file follows the old V1 format.

For more information about the new format,
see https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md
  • Loading branch information
minijackson committed Nov 22, 2024
1 parent 1f81506 commit 4c7d10d
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 4 deletions.
6 changes: 6 additions & 0 deletions nixos/doc/manual/release-notes/rl-2505.section.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@

- `buildGoPackage` has been removed. Use `buildGoModule` instead. See the [Go section in the nixpkgs manual](https://nixos.org/manual/nixpkgs/unstable/#sec-language-go) for details.

- `virtualisation.registries.block` / `insecure` / `search` were deprecated,
because they mapped to the deprecated V1 `registries.conf` format.
Please examine the new option {option}`virtualisation.registries.settings`
and [containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)
to migrate to the new configuration format.

- `timescaledb` requires manual upgrade steps.
After you run ALTER EXTENSION, you must run [this SQL script](https://github.com/timescale/timescaledb-extras/blob/master/utils/2.15.X-fix_hypertable_foreign_keys.sql). For more details, see the following pull requests [#6797](https://github.com/timescale/timescaledb/pull/6797).
PostgreSQL 13 is no longer supported in TimescaleDB v2.16.
Expand Down
52 changes: 48 additions & 4 deletions nixos/modules/virtualisation/containers.nix
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,15 @@ let

inherit (lib) literalExpression mkOption types;

oldRegistriesOptionsUsed = lib.any (x: x != [ ]) (
with cfg.registries;
[
search
insecure
block
]
);

toml = pkgs.formats.toml { };
in
{
Expand Down Expand Up @@ -57,27 +66,54 @@ in
};

registries = {
# TODO: remove those options in 25.11
search = mkOption {
visible = false;
type = types.listOf types.str;
default = [ "docker.io" "quay.io" ];
default = [ ];
description = ''
List of repositories to search.
Deprecated, examine {option}`virtualisation.registries.settings` instead.
'';
};

insecure = mkOption {
default = [ ];
visible = false;
type = types.listOf types.str;
description = ''
List of insecure repositories.
Deprecated, examine {option}`virtualisation.registries.settings` instead.
'';
};

block = mkOption {
default = [ ];
visible = false;
type = types.listOf types.str;
description = ''
List of blocked repositories.
Deprecated, examine {option}`virtualisation.registries.settings` instead.
'';
};

settings = mkOption {
type = toml.type;
default = {
registry = [
{ location = "docker.io"; }
{ location = "quay.io"; }
];
};
description = ''
repositories.conf configuration.
Examine [containers-registries.conf(5)] for more information about the format.
[containers-registries.conf(5)]: https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md
'';
};
};
Expand Down Expand Up @@ -105,6 +141,15 @@ in
};

config = lib.mkIf cfg.enable {
warnings = lib.optional oldRegistriesOptionsUsed "the options virtualisation.registries.search / insecure / block are deprecated. See virtualisation.registries.settings instead.";

virtualisation.containers.registries.settings = lib.mkIf oldRegistriesOptionsUsed {
registries = {
block.registries = cfg.registries.block;
insecure.registries = cfg.registries.insecure;
search.registries = cfg.registries.search;
};
};

virtualisation.containers.containersConf.cniPlugins = [ pkgs.cni-plugins ];

Expand All @@ -130,9 +175,8 @@ in
"containers/storage.conf".source =
toml.generate "storage.conf" cfg.storage.settings;

"containers/registries.conf".source = toml.generate "registries.conf" {
registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
};
"containers/registries.conf".source =
toml.generate "registries.conf" cfg.registries.settings;

"containers/policy.json".source =
if cfg.policy != { } then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)
Expand Down

0 comments on commit 4c7d10d

Please sign in to comment.