| blob | eaa50d3c663d4e977ea7d61d5f8166668a7c2e2c |
1 # Declarative Container Specification {#sec-declarative-containers}
3 You can also specify containers and their configuration in the host's
4 `configuration.nix`. For example, the following specifies that there
5 shall be a container named `database` running PostgreSQL:
7 ```nix
8 containers.database =
9 { config =
10 { config, pkgs, ... }:
11 { services.postgresql.enable = true;
12 services.postgresql.package = pkgs.postgresql_14;
13 };
14 };
15 ```
17 If you run `nixos-rebuild switch`, the container will be built. If the
18 container was already running, it will be updated in place, without
19 rebooting. The container can be configured to start automatically by
20 setting `containers.database.autoStart = true` in its configuration.
22 By default, declarative containers share the network namespace of the
23 host, meaning that they can listen on (privileged) ports. However, they
24 cannot change the network configuration. You can give a container its
25 own network as follows:
27 ```nix
28 containers.database = {
29 privateNetwork = true;
30 hostAddress = "192.168.100.10";
31 localAddress = "192.168.100.11";
32 };
33 ```
35 This gives the container a private virtual Ethernet interface with IP
36 address `192.168.100.11`, which is hooked up to a virtual Ethernet
37 interface on the host with IP address `192.168.100.10`. (See the next
38 section for details on container networking.)
40 To disable the container, just remove it from `configuration.nix` and
41 run `nixos-rebuild
42 switch`. Note that this will not delete the root directory of the
43 container in `/var/lib/nixos-containers`. Containers can be destroyed using
44 the imperative method: `nixos-container destroy foo`.
46 Declarative containers can be started and stopped using the
47 corresponding systemd service, e.g.
48 `systemctl start container@database`.