noe/pihole-flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

modules(pihole-container): add warning about /tmp issues

Browse source
This commit is contained in:
Christopher Bacher 2022-10-29 23:59:09 +02:00
parent c536fb7293
commit ebe48a0c6e
1 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
modules/pihole-container.factory.nix
View file

@ -4,6 +4,7 @@
cfg = config.services.pihole; cfg = config.services.pihole;
hostUserCfg = config.users.users.${cfg.hostConfig.user}; hostUserCfg = config.users.users.${cfg.hostConfig.user};
tmpDirIsResetAtBoot = config.boot.cleanTmpDir || config.boot.tmpOnTmpfs;
systemTimeZone = config.time.timeZone; systemTimeZone = config.time.timeZone;
defaultPiholeVolumesDir = "${config.users.users.${cfg.hostConfig.user}.home}/pihole-volumes"; defaultPiholeVolumesDir = "${config.users.users.${cfg.hostConfig.user}.home}/pihole-volumes";
@ -72,6 +73,17 @@ in rec {
service = "Web"; service = "Web";
publicDefaultPort = 80; publicDefaultPort = 80;
}; };
suppressTmpDirWarning = mkOption {
type = types.bool;
description = ''
Set to `true` if you have taken precautions s.t. rootless podman does not leave traces in `/tmp`.
Failing to do so can cause rootless podman to fail to start at reboot (see https://github.com/containers/podman/issues/4057).
If `boot.cleanTmpDir` or `boot.tmpOnTmpfs` is set then you do not have to set this option.
'';
default = false;
};
}; };
@ -278,8 +290,16 @@ in rec {
warnings = (optional (cfg.hostConfig.enableLingeringForUser == false) '' warnings = (optional (cfg.hostConfig.enableLingeringForUser == false) ''
If lingering is not enabled for the host user which is running the pihole container then he service might be stopped when no user session is active. If lingering is not enabled for the host user which is running the pihole container then he service might be stopped when no user session is active.
Set `hostConfig.enableLingeringForUser` to `true` to manage systemd's linger setting through the `linger-flake` dependency. Set `services.pihole.hostConfig.enableLingeringForUser` to `true` to manage systemd's linger setting through the `linger-flake` dependency.
Set it to "suppressWarning" if you manage lingering in a different way. Set it to "suppressWarning" if you manage lingering in a different way.
'') ++ (optional (!tmpDirIsResetAtBoot && !cfg.hostConfig.suppressTmpDirWarning) ''
Rootless podman can leave traces in `/tmp` after shutdown which can break the startup of new containers at the next boot.
See https://github.com/containers/podman/issues/4057 for details.
To avoid problems consider to clean `/tmp` of any left-overs from podman before the next startup.
The NixOS config options `boot.cleanTmpDir` or `boot.tmpOnTmpfs` can be helpful.
Enabling either of these disables this warning.
Otherwise you can also set `services.pihole.hostConfig.suppressTmpDirWarning` to `true` to disable the warning.
''); '');
services.linger = mkIf (cfg.hostConfig.enableLingeringForUser == true) { services.linger = mkIf (cfg.hostConfig.enableLingeringForUser == true) {