1  { config, lib, pkgs, ... }:
  2  let
  3    cfg = config.virtualisation.buildkitd;
  4    inherit (lib) mkOption mkIf;
  5    inherit (lib.types) attrsOf str nullOr path bool package listOf;
  6  
  7    configFile =
  8      if cfg.configFile == null then
  9        settingsFormat.generate "buildkitd.toml" cfg.settings
 10      else
 11        cfg.configFile;
 12  
 13    settingsFormat = pkgs.formats.toml { };
 14  in
 15  {
 16    options.virtualisation.buildkitd = {
 17      enable = mkOption {
 18        type = bool;
 19        default = false;
 20        description = ''This option enables buildkitd'';
 21      };
 22  
 23      package = mkOption {
 24        default = pkgs.buildkit;
 25        type = package;
 26        example = pkgs.buildkit;
 27        description = ''
 28          Buildkitd package to be used in the module
 29        '';
 30      };
 31  
 32      packages = mkOption {
 33        type = listOf package;
 34        default = [ pkgs.runc pkgs.git ];
 35        description = "List of packages to be added to buildkitd service path";
 36      };
 37  
 38      configFile = lib.mkOption {
 39        default = null;
 40        description = ''
 41          Path to containerd config file.
 42          Setting this option will override any configuration applied by the settings option.
 43        '';
 44        type = nullOr path;
 45      };
 46  
 47      args = lib.mkOption {
 48        default = { };
 49        description = "extra args to append to the containerd cmdline";
 50        type = attrsOf str;
 51      };
 52  
 53      settings = lib.mkOption {
 54        type = settingsFormat.type;
 55        default = {
 56          grpc.address = [ "unix:///run/buildkit/buildkitd.sock" ];
 57        };
 58        description = ''
 59          Verbatim lines to add to containerd.toml
 60        '';
 61      };
 62    };
 63  
 64    config = mkIf cfg.enable {
 65      users.groups.buildkit.gid = 350;
 66      environment.systemPackages = [ cfg.package ];
 67      systemd.packages = [ cfg.package ];
 68  
 69      virtualisation.buildkitd = {
 70        args = {
 71          group = "buildkit";
 72          config = toString configFile;
 73        };
 74        settings = {
 75          debug = false;
 76        };
 77      };
 78  
 79      systemd.services.buildkitd = {
 80        after = [ "network.target" "containerd.service" ];
 81        wantedBy = [ "multi-user.target" ];
 82        serviceConfig = {
 83          ExecStart = ''${cfg.package}/bin/buildkitd ${lib.concatStringsSep " " (lib.cli.toGNUCommandLine {} cfg.args)}'';
 84          Delegate = "yes";
 85          KillMode = "process";
 86          Type = "notify";
 87          Restart = "always";
 88          RestartSec = "10";
 89  
 90          # "limits" defined below are adopted from upstream: https://github.com/containerd/containerd/blob/master/containerd.service
 91          LimitNPROC = "infinity";
 92          LimitCORE = "infinity";
 93          LimitNOFILE = "infinity";
 94          TasksMax = "infinity";
 95          OOMScoreAdjust = "-999";
 96        };
 97        path = [ cfg.package ] ++ cfg.packages;
 98      };
 99  
100    };
101  
102  
103  }