Update Nomads docker forcefully to avoid runc CVE

Signed-off-by: magic_rb <magic_rb@redalder.org>
This commit is contained in:
magic_rb 2024-03-02 21:48:07 +01:00
parent 5d814ae00d
commit 1401b7e042
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E

View file

@ -159,6 +159,25 @@ in
};
virtualisation.docker.enable = true;
virtualisation.docker.package = pkgs.docker.override rec {
version = "24.0.5";
cliRev = "v${version}";
cliHash = "sha256-u1quVGTx/p8BDyRn33vYyyuE5BOhWMnGQ5uVX0PZ5mg=";
mobyRev = "v${version}";
mobyHash = "sha256-JQjRz1fHZlQRkNw/R8WWLV8caN3/U3mrKKQXbZt2crU=";
# version = "25.0.3";
# cliRev = "v${version}";
# cliHash = "sha256-Jvb0plV1O/UzrcpzN4zH5OulmTVF+p9UQQQ9xqkiObQ=";
# mobyRev = "v${version}";
# mobyHash = "sha256-cDlRVdQNzH/X2SJUYHK1QLUHlKQtSyRYCVbz3wPx1ZM=";
runcRev = "v1.1.12";
runcHash = "sha256-N77CU5XiGYIdwQNPFyluXjseTeaYuNJ//OsEUS0g/v0=";
containerdRev = "v1.7.13";
containerdHash = "sha256-y3CYDZbA2QjIn1vyq/p1F1pAVxQHi/0a6hGWZCRWzyk=";
tiniRev = "v0.19.0";
tiniHash = "sha256-ZDKu/8yE5G0RYFJdhgmCdN3obJNyRWv6K/Gd17zc1sI=";
};
virtualisation.docker.daemon.settings.dns = [
(secret.network.ips.blowhole.ip or "")
];