Hello,
I am new to nixos and so far I use it as a home daily driver. But I was thinking about taking nixos to work, but my issue is that we use docker-compose on every project I work on.
I read about arion and also how to create docker containers separately. I just dont see a way how to simply run all the “company written docker-compose” files under nix. I simply need that docker-compose binary.
So basically my question is, even if I understand that docker-compose can be replaced by “nix way of doing things” but what if I still wanna use docker-compose on nixos machine? Is it possible? Or do I have to rewrite all of those in nix syntax?
wow …i m not sure what happened, I would swear that package wasnt found on my package search results yesterday. Thanks for quick response! Nixos is little overwhelming, 3rd day on it
Worth pointing out that adding that group to your user is equivalent to giving it permanent root permissions.
Commonly done, for sure, and some applications that depend on docker give you no choice, but bad practice nonetheless - it’s worth using sudo to invoke docker instead when possible.
If you’ve connected via SSH key authentication, which is preferred, and you’ve given the user wheel, you’ve probably also set passwordless sudo up (because your user doesn’t even have a password). I think in that setting giving docker access is no worse.
I presume the most secure setup would be to use SSH key authentication to get into the system, then have a password-prompted sudo be required for escalation.
You likely still need to add ForwardAgent to your client config, e.g. in ~/.ssh/config:
Host <hostname>
ForwardAgent yes
User clete2
No need to add your user’s public key to root’s authorized keys.
I wouldn’t recommend doing that for untrusted hosts, as it will allow the remote to sign with your ssh key (though not copy it, so only while you’re logged in). You probably want host-specific keys, realistically.