;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2021 Timmy Douglas ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (gnu packages containers) #:use-module ((guix licenses) #:prefix license:) #:use-module (gnu packages) #:use-module (guix packages) #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system gnu) #:use-module (guix build-system go) #:use-module (guix build-system meson) #:use-module (guix utils) #:use-module (gnu packages autotools) #:use-module (gnu packages base) #:use-module (gnu packages check) #:use-module (gnu packages compression) #:use-module (gnu packages glib) #:use-module (gnu packages gnupg) #:use-module (gnu packages golang) #:use-module (gnu packages linux) #:use-module (gnu packages python) #:use-module (gnu packages networking) #:use-module (gnu packages pkg-config) #:use-module (gnu packages selinux) #:use-module (gnu packages version-control) #:use-module (gnu packages virtualization) #:use-module (gnu packages web)) ;; For podman to work, the user needs to run ;; `sudo mount -t cgroup2 none /sys/fs/cgroup` (define-public crun (package (name "crun") (version "1.3") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/containers/crun") (commit "8e5757a4e68590326dafe8a8b1b4a584b10a1370") ; 1.3 (recursive? #t))) (sha256 (base32 "01yiss2d57kwlxb7zlqzjwlg9fyaf19yjngd1mw9n4hxls3dfj3k")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments '(#:tests? #f #:configure-flags '("--disable-systemd") #:phases (modify-phases %standard-phases (add-after 'unpack 'do-not-depend-on-git (lambda _ (substitute* "autogen.sh" (("^git submodule update.*") "")) (with-output-to-file "git-version.h" (lambda () (display (string-append "/* autogenerated. */\n#ifndef GIT_VERSION\n# define GIT_VERSION \"" "8e5757a4e68590326dafe8a8b1b4a584b10a1370" ; refactor this "\"\n#endif\n")))) #t ))))) (inputs `(("libcap" ,libcap) ("libseccomp" ,libseccomp) ("libyajl" ,libyajl))) (native-inputs `(("automake" ,automake) ("autoreconf" ,autoconf) ("git" ,git) ("libtool" ,libtool) ("pkg-config" ,pkg-config) ("python-3" ,python-3))) (home-page "https://github.com/containers/crun") (synopsis "OCI Container runtime") (description "crun is a fast and low-memory footprint OCI Container Runtime fully written in C.") (license license:gpl2+))) (define-public conmon (package (name "conmon") (version "v2.0.30") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/containers/conmon") (commit version))) (sha256 (base32 "1sxpbm01g4xak4kqwvk45gmzr6n9bjzlfp1j85wyz8rj2hg2x4rm")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments `(#:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "PREFIX=" %output)) #:tests? #f ; currently broken as go tries to use network #:phases (modify-phases %standard-phases (delete 'configure) (add-after 'unpack 'set-env (lambda* (#:key inputs #:allow-other-keys) ;; when running go, things fail because ;; HOME=/homeless-shelter. (setenv "HOME" "/tmp"))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (when tests? (invoke "make" "test"))))))) (inputs `(("glib" ,glib) ("glibc" ,glibc) ("libseccomp" ,libseccomp) ("crun" ,crun))) (native-inputs `(("git" ,git) ("go" ,go) ("pkg-config" ,pkg-config))) (home-page "https://github.com/containers/conmon") (synopsis "Monitoring and communication tool between container manager and OCI runtime") (description "Conmon is a monitoring program and communication tool between a container manager (like Podman or CRI-O) and an OCI runtime (like runc or crun) for a single container.") (license license:asl2.0))) (define-public libslirp (package (name "libslirp") (version "v4.6.1") (source (origin (method git-fetch) (uri (git-reference (url "https://gitlab.freedesktop.org/slirp/libslirp") (commit version))) (sha256 (base32 "1b4cn51xvzbrxd63g6w1033prvbxfxsnsn1l0fa5i311xv28vkh0")) (file-name (git-file-name name version)))) (build-system meson-build-system) (arguments '(#:tests? #f)) (inputs `(("glib" ,glib))) (native-inputs `(("pkg-config" ,pkg-config))) (home-page "https://gitlab.freedesktop.org/slirp/libslirp") (synopsis "User-mode networking library") (description "libslirp is a user-mode networking library used by virtual machines, containers or various tools.") (license license:non-copyleft))) ;fixme what is this? (define-public slirp4netns (package (name "slirp4netns") (version "v1.1.12") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/rootless-containers/slirp4netns") (commit version))) (sha256 (base32 "03llv4dlf7qqxwz4zdyk926g4bigfj2gb50glm70ciflpvzs8081")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments '(#:tests? #f)) (inputs `(("glib" ,glib) ("libcap" ,libcap) ("libseccomp" ,libseccomp) ("libslirp" ,libslirp))) (native-inputs `(("automake" ,automake) ("autoreconf" ,autoconf) ("pkg-config" ,pkg-config))) (home-page "https://github.com/rootless-containers/slirp4netns") (synopsis "User-mode networking for unprivileged network namespaces") (description "slirp4netns provides user-mode networking (\"slirp\") for unprivileged network namespaces.") (license license:gpl2+))) (define-public cni-plugins (package (name "cni-plugins") (version "v1.0.1") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/containernetworking/plugins") (commit version))) (sha256 (base32 "1j91in0mg4nblpdccyq63ncbnn2pc2zzjp1fh3jy0bsndllgv0nc")) (file-name (git-file-name name version)))) (build-system go-build-system) (arguments `(#:unpack-path "github.com/containernetworking/plugins" #:tests? #f #:phases (modify-phases %standard-phases (replace 'build (lambda _ (with-directory-excursion "src/github.com/containernetworking/plugins" (invoke "./build_linux.sh")))) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (copy-recursively "src/github.com/containernetworking/plugins/bin" (string-append (assoc-ref outputs "out") "/bin")) #t))))) (home-page "https://github.com/containernetworking/plugins") (synopsis "CNI network plugins") (description "Some CNI network plugins, maintained by the containernetworking team.") (license license:asl2.0))) (define-public podman (package (name "podman") (version "v3.4.2") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/containers/podman") (commit version))) (sha256 (base32 "0v1xpd1q6ym9ibaj6242v4mp0wwdmj4dd9l7zfyydbxrx6a8ahjn")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments `(#:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "PREFIX=" %output)) #:tests? #f ; need to setup ginkgo #:phases (modify-phases %standard-phases (delete 'configure) (add-after 'unpack 'set-env (lambda* (#:key inputs #:allow-other-keys) ;; when running go, things fail because ;; HOME=/homeless-shelter. (setenv "HOME" "/tmp"))) (add-after 'unpack 'fix-hardcoded-paths (lambda _ (substitute* (find-files "libpod" "\\.go") (("exec.LookPath[(][\"]slirp4netns[\"][)]") (string-append "exec.LookPath(\"" (which "slirp4netns") "\")"))) (substitute* "vendor/github.com/containers/common/pkg/config/config_linux.go" (("/usr/local/libexec/podman") (string-append (assoc-ref %outputs "out") "/bin"))) (substitute* "vendor/github.com/containers/common/pkg/config/default.go" (("/usr/libexec/podman/conmon") (which "conmon")) (("/usr/local/libexec/cni") (string-append (assoc-ref %build-inputs "cni-plugins") "/bin")) (("/usr/bin/crun") (which "crun"))) #true)) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (when tests? (invoke "make" "test"))))))) (inputs `(("btrfs-progs" ,btrfs-progs) ("cni-plugins" ,cni-plugins) ("conmon" ,conmon) ("gpgme" ,gpgme) ("go-md2man" ,go-github-com-go-md2man) ("iptables" ,iptables) ; fixme not sure if podman will call this using $PATH ("libassuan" ,libassuan) ("libseccomp" ,libseccomp) ("libselinux" ,libselinux) ("slirp4netns" ,slirp4netns) ("crun" ,crun))) (native-inputs `(("git" ,git) ("go" ,go) ("pkg-config" ,pkg-config))) (home-page "https://podman.io") (synopsis "Manage containers, images, pods, and their volumes") (description "Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of containers.") (license license:asl2.0)))