MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-15 14:26:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
nixpkgs/nixos/modules/programs/singularity.nix
pennae ef176dcf7e nixos/*: automatically convert option descriptions 
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running

    nix-doc-munge nixos/**/*.nix
    nix-doc-munge --import nixos/**/*.nix

the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
2022-08-31 16:32:53 +02:00

34 lines
1.1 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.programs.singularity;
singularity = pkgs.singularity.overrideAttrs (attrs : {
installPhase = attrs.installPhase + ''
mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig
ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid
'';
});
in {
options.programs.singularity = {
enable = mkEnableOption (lib.mdDoc "Singularity");
};
config = mkIf cfg.enable {
environment.systemPackages = [ singularity ];
security.wrappers.singularity-suid =
{ setuid = true;
owner = "root";
group = "root";
source = "${singularity}/libexec/singularity/bin/starter-suid.orig";
};
systemd.tmpfiles.rules = [
"d /var/singularity/mnt/session 0770 root root -"
"d /var/singularity/mnt/final 0770 root root -"
"d /var/singularity/mnt/overlay 0770 root root -"
"d /var/singularity/mnt/container 0770 root root -"
"d /var/singularity/mnt/source 0770 root root -"
];
};
}
Reference in a new issue View git blame Copy permalink