-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile-Base
59 lines (45 loc) · 2.1 KB
/
Dockerfile-Base
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
ARG BASEIMG
FROM ${BASEIMG}
ARG nixuser
ARG ADDUSER
ARG DISTRO_INSTALL_CMDS
ARG ENVSDIR
ENV ENVSDIR ${ENVSDIR}
ENV nixuser ${nixuser}
ENV HOME /home/$nixuser
WORKDIR $ENVSDIR
MAINTAINER Brandon Barker <[email protected]>
RUN $ADDUSER $nixuser && \
mkdir -m 0755 /nix && \
mkdir -p /run/user/$(id -u $nixuser) && chown $nixuser:$nixuser /run/user/$(id -u $nixuser) && \
chown -R $nixuser:$nixuser /nix $ENVSDIR $HOME
COPY "./Base/${DISTRO_INSTALL_CMDS}" /tmp/
RUN "/tmp/${DISTRO_INSTALL_CMDS}"
RUN echo "nixbld:x:30000:nixbld1,nixbld2,nixbld3,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld30" >> /etc/group \
&& for i in $(seq 1 30); do echo "nixbld$i:x:$((30000 + $i)):30000:::" >> /etc/passwd; done
COPY ./Base/config.nix $HOME/.config/nixpkgs/
RUN chown -R $nixuser:$nixuser $ENVSDIR $HOME
#
# Install a few additional Ubuntu packages that are tedious to do from Nix
# (This is commented out; x11-apps shouldn't be in base image)
#
# RUN apt install -y --no-install-recommends x11-apps && \
# apt clean
USER $nixuser
RUN wget -O- http://nixos.org/releases/nix/nix-2.3.6/nix-2.3.6-x86_64-linux.tar.xz | tar xvfJ - \
&& USER=$nixuser HOME=$ENVSDIR sh nix-*-x86_64-linux/install \
&& ln -s /nix/var/nix/profiles/per-user/$nixuser/profile $HOME/.nix-profile
#
# This broke at some point, so trying system certs for now:
# GIT_SSL_CAINFO=$ENVSDIR/.nix-profile/etc/ssl/certs/ca-bundle.crt \
#
ENV \
PATH=$ENVSDIR/.nix-profile/bin:$ENVSDIR/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin \
GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt \
NIX_SSL_CERT_FILE=$GIT_SSL_CAINFO \
NIX_PATH=/nix/var/nix/profiles/per-user/$nixuser/channels/
ENV nixenv ". $ENVSDIR/.nix-profile/etc/profile.d/nix.sh"
RUN $nixenv && nix-channel --add https://nixos.org/channels/nixpkgs-20.03-darwin nixpkgs && \
nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
RUN $nixenv && nix-channel --update
CMD ["/bin/sh"]