Home Explore Blog Models CI



nixpkgs
nixos/doc/manual/administration/declarative-containers.section.md
265cb150c46f462b3ea4e791f58dd529f8a7101cb8f43fdb0000000300000714
# Declarative Container Specification {#sec-declarative-containers}

You can also specify containers and their configuration in the host's
`configuration.nix`. For example, the following specifies that there
shall be a container named `database` running PostgreSQL:

```nix
{
  containers.database = {
    config =
      { config, pkgs, ... }:
      {
        services.postgresql.enable = true;
        services.postgresql.package = pkgs.postgresql_14;
      };
  };
}
```

If you run `nixos-rebuild switch`, the container will be built. If the
container was already running, it will be updated in place, without
rebooting. The container can be configured to start automatically by
setting `containers.database.autoStart = true` in its configuration.

By default, declarative containers share the network namespace of the
host, meaning that they can listen on (privileged) ports. However, they
cannot change the network configuration. You can give a container its
own network as follows:

```nix
{
  containers.database = {
    privateNetwork = true;
    hostAddress = "192.168.100.10";
    localAddress = "192.168.100.11";
  };
}
```

This gives the container a private virtual Ethernet interface with IP
address `192.168.100.11`, which is hooked up to a virtual Ethernet
interface on the host with IP address `192.168.100.10`. (See the next
section for details on container networking.)

To disable the container, just remove it from `configuration.nix` and
run `nixos-rebuild
  switch`. Note that this will not delete the root directory of the
container in `/var/lib/nixos-containers`. Containers can be destroyed using
the imperative method: `nixos-container destroy foo`.

Declarative containers can be started and stopped using the
corresponding systemd service, e.g.
`systemctl start container@database`.
Chunks
e8bd3b61 (1st chunk of `nixos/doc/manual/administration/declarative-containers.section.md`)
Title: Declarative Container Specification in NixOS
Summary
This section explains how to define and manage containers declaratively within NixOS using `configuration.nix`. Containers, such as a PostgreSQL instance, can be configured with specific services and packages. Running `nixos-rebuild switch` builds or updates containers without a reboot, and they can be set to `autoStart`. By default, containers share the host's network namespace, but they can be given a private network with dedicated IP addresses. Removing a container from `configuration.nix` disables it, though its root directory persists and requires an imperative `nixos-container destroy` command to be fully removed. Containers can also be started and stopped via systemd services like `systemctl start container@database`.