diff options
author | Efraim Flashner <efraim@flashner.co.il> | 2020-09-05 21:56:34 +0300 |
---|---|---|
committer | Efraim Flashner <efraim@flashner.co.il> | 2020-09-05 22:30:04 +0300 |
commit | de3c03a47160dec355d9b19ad5ca210d90c15fd7 (patch) | |
tree | 4ca6dc05b5fc9530d812bbb269f1c61ab9efccf3 /gnu/services/docker.scm | |
parent | ab6fe9d362046231ad6f46eccfd1ea2c9c80b401 (diff) | |
parent | b8477cab7bccc4191ed3dfa3f149aec7917834d8 (diff) | |
download | guix-patches-de3c03a47160dec355d9b19ad5ca210d90c15fd7.tar guix-patches-de3c03a47160dec355d9b19ad5ca210d90c15fd7.tar.gz |
Merge remote-tracking branch 'origin/master' into staging
Diffstat (limited to 'gnu/services/docker.scm')
-rw-r--r-- | gnu/services/docker.scm | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index 937dff7bdb..380a942ed2 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -56,7 +56,10 @@ loop-back communications.") "Enable or disable the user-land proxy (enabled by default).") (debug? (boolean #f) - "Enable or disable debug output.")) + "Enable or disable debug output.") + (enable-iptables? + (boolean #t) + "Enable addition of iptables rules (enabled by default).")) (define %docker-accounts (list (user-group (name "docker") (system? #t)))) @@ -91,6 +94,7 @@ loop-back communications.") (define (docker-shepherd-service config) (let* ((docker (docker-configuration-docker config)) (enable-proxy? (docker-configuration-enable-proxy? config)) + (enable-iptables? (docker-configuration-enable-iptables? config)) (proxy (docker-configuration-proxy config)) (debug? (docker-configuration-debug? config))) (shepherd-service @@ -115,7 +119,10 @@ loop-back communications.") '()) (if #$enable-proxy? "--userland-proxy" "") "--userland-proxy-path" (string-append #$proxy - "/bin/proxy")) + "/bin/proxy") + (if #$enable-iptables? + "--iptables" + "--iptables=false")) #:pid-file "/var/run/docker.pid" #:log-file "/var/log/docker.log")) (stop #~(make-kill-destructor))))) |