A tool to automatically generate a NixOS config from a Docker Compose project.
Running a Docker Compose stack/project on NixOS is not well supported. One approach is to define a systemd service that runs docker-compose up on start and docker compose down on stop.
But with this approach, changes to individual services are not visible to NixOS, which means that NixOS will need to restart the systemd service on any change to the Compose file. This can be mitigated by defining a systemd reload handler, but it still is finicky to work with and will always remain opaque to NixOS.
To top it all off, using Docker Compose on NixOS is fairly redundant as the features you get with Compose are available natively on NixOS.
compose2nix takes your existing Docker Compose file(s) and converts each YAML service definition into a oci-container config. The tool also sets up systemd services to create all networks and volumes that are part of the Compose project. Since compose2nix uses the same library that the Docker CLI relies on under the hood, you also get Compose file validation and syntax checking "for free".
- Supports both Docker and Podman out of the box.
- Each Compose service maps into a systemd service that is natively managed by NixOS.
- A change to one container service only impacts that container and any of its dependents.
- Generated systemd services can be extended from your NixOS config.
compose2nixsupports setting additional systemd service and unit options through Docker Compose labels (search for thecompose2nix.systemd.label in the samples).
Install the compose2nix CLI via one of the following methods:
- Install the command using
go:go install github.com/aksiksi/[email protected] - Clone this repo and run
make build. - Install the Flake and add the following to your NixOS config:
environment.systemPackages = with pkgs; [ compose2nix.packages.x86_64-linux.default ];
Run compose2nix. Note that project must either be passed in or set in the Compose file's top-level "name".
compose2nix -project=myprojectBy default, the tool looks for docker-compose.yml in the current directory and outputs the NixOS config to docker-compose.nix.
- Basic implementation
- Support for most common Docker Compose features
- Support for using secret environment files
- ???
- Input: https://github.com/aksiksi/compose2nix/blob/main/testdata/docker-compose.yml
- Output (Docker): https://github.com/aksiksi/compose2nix/blob/main/testdata/TestDocker_out.nix
- Output (Podman): https://github.com/aksiksi/compose2nix/blob/main/testdata/TestPodman_out.nix
In this case, the project is called myproject and the service name is myservice. Replace podman with docker if using the Docker runtime.
sudo systemctl list-units podman-*
sudo systemctl list-units *myservice*
Note: if the Compose service has a container_name set, then the systemd service will not include the project name.
sudo systemctl restart podman-myproject-myservice.service
By default, this will only remove networks.
sudo systemctl stop podman-compose-myservice-root.target
Either:
- Re-generate your NixOS config with:
-remove_volumes=true - Run
sudo podman volume prune
sudo systemctl start podman-compose-myservice-root.target
$ compose2nix -h
Usage of compose2nix:
-auto_start
auto-start setting for generated service(s). this applies to all services, not just containers. (default true)
-check_systemd_mounts
if set, volume paths will be checked against systemd mount paths on the current machine and marked as container dependencies.
-create_root_target
if set, a root systemd target will be created, which when stopped tears down all resources. (default true)
-env_files string
one or more comma-separated paths to .env file(s).
-env_files_only
only use env file(s) in the NixOS container definitions.
-generate_unused_resources
if set, unused resources (e.g., networks) will be generated even if no containers use them.
-inputs string
one or more comma-separated path(s) to Compose file(s). (default "docker-compose.yml")
-output string
path to output Nix file. (default "docker-compose.nix")
-project string
project name used as a prefix for generated resources. this overrides any top-level "name" set in the Compose file(s).
-remove_volumes
if set, volumes will be removed on systemd service stop.
-runtime string
one of: ["podman", "docker"]. (default "podman")
-service_include string
regex pattern for services to include.
-use_compose_log_driver
if set, always use the Docker Compose log driver.
-version
display version and exit
If a feature is missing, please feel free to create an issue. In theory, any Compose feature can be supported because compose2nix uses the same library as the Docker CLI under the hood.
image |
✅ |
container_name |
✅ |
environment |
✅ |
volumes |
✅ |
labels |
✅ |
ports |
✅ |
dns |
✅ |
cap_add/cap_drop |
✅ |
logging |
✅ |
restart |
✅ |
deploy.restart_policy |
✅ |
devices |
✅ |
networks.aliases |
✅ |
network_mode |
✅ |
privileged |
✅ |
extra_hosts |
✅ |
sysctls |
✅ |
labels |
✅ |
name |
❌ |
driver |
❌ |
driver_opts |
❌ |
external |
❌ |
internal |
❌ |
driver |
✅ |
driver_opts |
✅ |
labels |
✅ |
name |
❌ |
external |
❌ |
name- ✅