2018-03-12 04:13:31 +00:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.programs.singularity;
|
2018-11-23 04:59:02 +00:00
|
|
|
singularity = pkgs.singularity.overrideAttrs (attrs : {
|
|
|
|
installPhase = attrs.installPhase + ''
|
2020-04-28 02:50:34 +01:00
|
|
|
mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig
|
|
|
|
ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid
|
2018-11-23 04:59:02 +00:00
|
|
|
'';
|
|
|
|
});
|
2018-03-12 04:13:31 +00:00
|
|
|
in {
|
|
|
|
options.programs.singularity = {
|
2022-08-28 20:18:44 +01:00
|
|
|
enable = mkEnableOption (lib.mdDoc "Singularity");
|
2018-03-12 04:13:31 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
2018-11-23 04:59:02 +00:00
|
|
|
environment.systemPackages = [ singularity ];
|
2021-09-12 17:53:48 +01:00
|
|
|
security.wrappers.singularity-suid =
|
|
|
|
{ setuid = true;
|
|
|
|
owner = "root";
|
|
|
|
group = "root";
|
|
|
|
source = "${singularity}/libexec/singularity/bin/starter-suid.orig";
|
|
|
|
};
|
2019-01-31 10:58:01 +00:00
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
"d /var/singularity/mnt/session 0770 root root -"
|
|
|
|
"d /var/singularity/mnt/final 0770 root root -"
|
|
|
|
"d /var/singularity/mnt/overlay 0770 root root -"
|
|
|
|
"d /var/singularity/mnt/container 0770 root root -"
|
|
|
|
"d /var/singularity/mnt/source 0770 root root -"
|
|
|
|
];
|
2018-03-12 04:13:31 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
}
|