From 333950d3ba2d7baa8b1ad6dd7c966382abec17cf Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Thu, 19 Feb 2026 13:47:23 -0800 Subject: [PATCH] Replace /nix/store mount with targeted nvidia driver lib path Create a stable symlink at /etc/nvidia-driver/lib pointing to the nvidia driver package's lib directory. The device plugin now mounts only the driver libs it needs instead of the entire nix store. Co-Authored-By: Claude Opus 4.6 --- argocd/manifests/nvidia-device-plugin/daemonset.yaml | 8 +------- nixos/ringtail/configuration.nix | 4 ++++ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/argocd/manifests/nvidia-device-plugin/daemonset.yaml b/argocd/manifests/nvidia-device-plugin/daemonset.yaml index 0bdb66c..479d6e9 100644 --- a/argocd/manifests/nvidia-device-plugin/daemonset.yaml +++ b/argocd/manifests/nvidia-device-plugin/daemonset.yaml @@ -39,9 +39,6 @@ spec: - name: nvidia-libs mountPath: /run/nvidia/lib readOnly: true - - name: nix-store - mountPath: /nix/store - readOnly: true volumes: - name: device-plugins hostPath: @@ -51,7 +48,4 @@ spec: path: /var/run/cdi - name: nvidia-libs hostPath: - path: /run/opengl-driver/lib - - name: nix-store - hostPath: - path: /nix/store + path: /etc/nvidia-driver/lib diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 185dc75..5a0035b 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -38,6 +38,10 @@ in # NVIDIA container toolkit (CDI specs + runtime for containerd/k3s GPU pods) hardware.nvidia-container-toolkit.enable = true; + # Stable path to NVIDIA driver libraries for k3s device plugin pod mounts. + # Avoids mounting all of /nix/store — only the driver derivation is needed. + environment.etc."nvidia-driver/lib".source = "${config.hardware.nvidia.package}/lib"; + # Stable-path wrapper for nvidia-container-runtime.cdi (the CDI-based OCI # runtime that injects GPU devices/libs from NixOS-generated CDI specs). # The wrapper adds runc to PATH since k3s doesn't ship a standalone runc binary.