sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add nvidia support to docker container

This commit is contained in:
Sam 2025-01-23 21:20:44 +00:00
parent 302ce2a84f
commit ab4d9e6f81
1 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
hosts/common/optional/nixos-containers/docker.nix
View File

@ -3,6 +3,8 @@
lib, lib,
inputs, inputs,
configVars, configVars,
config,
outputs,
... ...
}: let }: let
containerName = "docker"; containerName = "docker";
@ -43,6 +45,14 @@ in {
]; ];
extraFlags = ["--private-users-ownership=chown"]; extraFlags = ["--private-users-ownership=chown"];
allowedDevices = [ allowedDevices = [
{
node = "/dev/nvidia0";
modifier = "rwm";
}
{
node = "/dev/nvidiactl";
modifier = "rwm";
}
{ {
node = "/dev/fuse"; node = "/dev/fuse";
modifier = "rwm"; modifier = "rwm";
@ -79,6 +89,10 @@ in {
hostPath = "${homeshareDataLocation}/photos"; hostPath = "${homeshareDataLocation}/photos";
isReadOnly = false; isReadOnly = false;
}; };
"/run/opengl-driver/lib" = {
hostPath = "/run/opengl-driver/lib";
isReadOnly = false;
};
"/dev/dri" = { "/dev/dri" = {
hostPath = "/dev/dri"; hostPath = "/dev/dri";
isReadOnly = false; isReadOnly = false;
@ -105,6 +119,11 @@ in {
secretsDirectory = builtins.toString inputs.nix-secrets; secretsDirectory = builtins.toString inputs.nix-secrets;
secretsFile = "${secretsDirectory}/secrets.yaml"; secretsFile = "${secretsDirectory}/secrets.yaml";
in { in {
nixpkgs.overlays = [
outputs.overlays.unstable-packages
];
networking = { networking = {
enableIPv6 = false; enableIPv6 = false;
defaultGateway = "${gatewayIp}"; defaultGateway = "${gatewayIp}";
@ -122,6 +141,26 @@ in {
useHostResolvConf = lib.mkForce false; useHostResolvConf = lib.mkForce false;
}; };
hardware.graphics = {
enable = true;
};
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
"nvidia-x11"
"nvidia-settings"
"nvidia-persistenced"
];
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
modesetting.enable = true;
powerManagement.enable = false;
open = false;
nvidiaSettings = false;
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
services.resolved.enable = true; services.resolved.enable = true;
sops = { sops = {
@ -149,10 +188,13 @@ in {
pkgs.dive pkgs.dive
pkgs.podman-tui pkgs.podman-tui
pkgs.podman-compose pkgs.podman-compose
pkgs.unstable.nvidia-container-toolkit
]; ];
virtualisation = { virtualisation = {
containers.cdi.dynamic.nvidia.enable = true;
podman = { podman = {
enableNvidia = true;
enable = true; enable = true;
dockerSocket.enable = true; dockerSocket.enable = true;
defaultNetwork.settings.dns_enabled = true; defaultNetwork.settings.dns_enabled = true;