infra/localhost
1
0
Fork 0
Code Releases Activity

Mount /nix inside docker

Browse Source
This commit is contained in:
dump_stack() 2019-07-17 17:30:19 +00:00
parent 42d7f249d4
commit 4a6b8fc482
Signed by: dump_stack
GPG Key ID: BE44DA8C062D87DC
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security.nix
View File

@ -2,7 +2,7 @@
let let
fhs = pkgs.writeShellScriptBin "fhs" fhs = pkgs.writeShellScriptBin "fhs"
("${pkgs.docker}/bin/docker run -v /home/user:/home/user "+ ("${pkgs.docker}/bin/docker run -v /home/user:/home/user -v /nix:/nix "+
"-e \"HOST_PWD=$PWD\" -it fhs"); "-e \"HOST_PWD=$PWD\" -it fhs");
in { in {
security.allowUserNamespaces = true; security.allowUserNamespaces = true;
@ -55,7 +55,7 @@ in {
(writeShellScriptBin "fhs-ptrace" (writeShellScriptBin "fhs-ptrace"
("sudo ${pkgs.docker}/bin/docker run -v /home/user:/home/user " + ("sudo ${pkgs.docker}/bin/docker run -v /home/user:/home/user " +
"--cap-add=SYS_PTRACE --security-opt seccomp=unconfined" + "--cap-add=SYS_PTRACE --security-opt seccomp=unconfined" +
" -e \"HOST_PWD=$PWD\" -it fhs")) " -e \"HOST_PWD=$PWD\" -v /nix=/nix -it fhs"))
]; ];
security.wrappers = { security.wrappers = {