diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md index 31d1777d30142..dd43c38daf7e9 100644 --- a/nixos/doc/manual/release-notes/rl-2505.section.md +++ b/nixos/doc/manual/release-notes/rl-2505.section.md @@ -24,6 +24,12 @@ - `buildGoPackage` has been removed. Use `buildGoModule` instead. See the [Go section in the nixpkgs manual](https://nixos.org/manual/nixpkgs/unstable/#sec-language-go) for details. +- `virtualisation.registries.block` / `insecure` / `search` were deprecated, + because they mapped to the deprecated V1 `registries.conf` format. + Please examine the new option {option}`virtualisation.registries.settings` + and [containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md) + to migrate to the new configuration format. + - `timescaledb` requires manual upgrade steps. After you run ALTER EXTENSION, you must run [this SQL script](https://github.com/timescale/timescaledb-extras/blob/master/utils/2.15.X-fix_hypertable_foreign_keys.sql). For more details, see the following pull requests [#6797](https://github.com/timescale/timescaledb/pull/6797). PostgreSQL 13 is no longer supported in TimescaleDB v2.16. diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index c3639f660dfe3..df4fdabe52ab7 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -4,6 +4,15 @@ let inherit (lib) literalExpression mkOption types; + oldRegistriesOptionsUsed = lib.any (x: x != [ ]) ( + with cfg.registries; + [ + search + insecure + block + ] + ); + toml = pkgs.formats.toml { }; in { @@ -57,27 +66,54 @@ in }; registries = { + # TODO: remove those options in 25.11 search = mkOption { + visible = false; type = types.listOf types.str; - default = [ "docker.io" "quay.io" ]; + default = [ ]; description = '' List of repositories to search. + + Deprecated, examine {option}`virtualisation.registries.settings` instead. ''; }; insecure = mkOption { default = [ ]; + visible = false; type = types.listOf types.str; description = '' List of insecure repositories. + + Deprecated, examine {option}`virtualisation.registries.settings` instead. ''; }; block = mkOption { default = [ ]; + visible = false; type = types.listOf types.str; description = '' List of blocked repositories. + + Deprecated, examine {option}`virtualisation.registries.settings` instead. + ''; + }; + + settings = mkOption { + type = toml.type; + default = { + registry = [ + { location = "docker.io"; } + { location = "quay.io"; } + ]; + }; + description = '' + repositories.conf configuration. + + Examine [containers-registries.conf(5)] for more information about the format. + + [containers-registries.conf(5)]: https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md ''; }; }; @@ -105,6 +141,15 @@ in }; config = lib.mkIf cfg.enable { + warnings = lib.optional oldRegistriesOptionsUsed "the options virtualisation.registries.search / insecure / block are deprecated. See virtualisation.registries.settings instead."; + + virtualisation.containers.registries.settings = lib.mkIf oldRegistriesOptionsUsed { + registries = { + block.registries = cfg.registries.block; + insecure.registries = cfg.registries.insecure; + search.registries = cfg.registries.search; + }; + }; virtualisation.containers.containersConf.cniPlugins = [ pkgs.cni-plugins ]; @@ -130,9 +175,8 @@ in "containers/storage.conf".source = toml.generate "storage.conf" cfg.storage.settings; - "containers/registries.conf".source = toml.generate "registries.conf" { - registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries; - }; + "containers/registries.conf".source = + toml.generate "registries.conf" cfg.registries.settings; "containers/policy.json".source = if cfg.policy != { } then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)