guix system: 'docker-image' honors '--network'.

* gnu/system/vm.scm (system-docker-image): Add #:shared-network? and
pass it to 'containerized-operating-system'.
(qemu-image):
* guix/scripts/system.scm (system-derivation-for-action): Pass
 #:shared-network? to 'system-docker-image'.
* doc/guix.texi (Invoking guix system): Document it.

3 files changed, 18 insertions, 8 deletions

diff --git a/doc/guix.texi b/doc/guix.texi
index 6893a914dc..f8e137817c 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27066,6 +27066,10 @@ example, if you intend to build software using Guix inside of the Docker
 container, you may need to pass the @option{--privileged} option to
 @code{docker create}.
 
+Last, the @code{--network} option applies to @command{guix system
+docker-image}: it produces an image where network is supposedly shared
+with the host, and thus without services like nscd or NetworkManager.
+
 @item container
 Return a script to run the operating system declared in @var{file}
 within a container.  Containers are a set of lightweight isolation
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 1cab8997b4..2e82e12be2 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -419,13 +419,17 @@ system."
 (define* (system-docker-image os
                               #:key
                               (name "guix-docker-image")
-                              (register-closures? (has-guix-service-type? os)))
+                              (register-closures? (has-guix-service-type? os))
+                              shared-network?)
   "Build a docker image.  OS is the desired <operating-system>.  NAME is the
-base name to use for the output file.  When REGISTER-CLOSURES? is true,
-register the closure of OS with Guix in the resulting Docker image.  By
-default, REGISTER-CLOSURES? is set to true only if a service of type
-GUIX-SERVICE-TYPE is present in the services definition of the operating
-system."
+base name to use for the output file.  When SHARED-NETWORK? is true, assume
+that the container will share network with the host and thus doesn't need a
+DHCP client, nscd, and so on.
+
+When REGISTER-CLOSURES? is true, register the closure of OS with Guix in the
+resulting Docker image.  By default, REGISTER-CLOSURES? is set to true only if
+a service of type GUIX-SERVICE-TYPE is present in the services definition of
+the operating system."
   (define schema
     (and register-closures?
          (local-file (search-path %load-path
@@ -442,7 +446,9 @@ system."
 
 
   (let ((os    (operating-system-with-gc-roots
-                (containerized-operating-system os '())
+                (containerized-operating-system os '()
+                                                #:shared-network?
+                                                shared-network?)
                 (list boot-program)))
         (name  (string-append name ".tar.gz"))
         (graph "system-graph"))
diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm
index 3c8691a08c..3efd113ac8 100644
--- a/guix/scripts/system.scm
+++ b/guix/scripts/system.scm
@@ -700,7 +700,7 @@ checking this by themselves in their 'check' procedure."
        (size image-size)
        (operating-system os))))
     ((docker-image)
-     (system-docker-image os))))
+     (system-docker-image os #:shared-network? container-shared-network?))))
 
 (define (maybe-suggest-running-guix-pull)
   "Suggest running 'guix pull' if this has never been done before."