Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

try sysbox

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-12-03 15:37:34 +01:00
parent 6ebd768107
commit e72cf1585a
1 changed files with 49 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
utils/pkgs/sysbox.nix
View File

@@ -1,82 +1,73 @@
{ lib { stdenv
, stdenv , lib
, buildGoModule
, fetchurl , fetchurl
, dpkg
, libredirect
, makeWrapper , makeWrapper
, git
, bash
, coreutils
, gitea
, gzip , gzip
, openssh , fuse
, pam , lsb-release
, sqliteSupport ? true , rsync
, pamSupport ? true , iptables
, runCommand , jq
, brotli
, xorg
, nixosTests
}: }:
buildGoModule rec { stdenv.mkDerivation rec {
pname = "sysbox"; pname = "sysbox";
version = "0.6.2"; version = "0.6.2-0";
# not fetching directly from the git repo, because that lacks several vendor files for the web UI
src = fetchurl { src = fetchurl {
url = "https://github.com/nestybox/sysbox/archive/refs/tags/v${version}.tar.gz"; url = "https://downloads.nestybox.com/sysbox/releases/v0.6.2/sysbox-ce_${version}.linux_amd64.deb";
hash = "sha256-v1nfAZbh9vCAvi07c5oAPKcR7J7b1+Tn4odHK68nCyU="; sha256 = "sha256-TMftm1fz8c8ndSyA3HUd7JWT0DINxvbdUSDrmVMwmws=";
}; };
vendorHash = null; nativeBuildInputs = [ dpkg makeWrapper ];
# subPackages = [ "." ]; # buildInputs = [ openssl ];
nativeBuildInputs = [ makeWrapper ]; unpackPhase = ''
runHook preUnpack
# buildInputs = lib.optional pamSupport pam; dpkg -x $src ./src
# tags = lib.optional pamSupport "pam" runHook postUnpack
# ++ lib.optionals sqliteSupport [ "sqlite" "sqlite_unlock_notify" ];
# ldflags = [
# "-s"
# "-w"
# "-X main.Version=${version}"
# "-X 'main.Tags=${lib.concatStringsSep " " tags}'"
# ];
outputs = [ "out" ];
postInstall = ''
mkdir -p $out
# cp -R ./options/locale $out/locale
wrapProgram $out/bin/gitea \
--prefix PATH : ${lib.makeBinPath [ ]}
''; '';
# passthru = { installPhase = ''
# data-compressed = runCommand "gitea-data-compressed" { runHook preInstall
# nativeBuildInputs = [ brotli xorg.lndir ];
# } '' mkdir -p "$out"
# mkdir $out cp -r src/* "$out"
# lndir ${gitea.data}/ $out/
# # Flatten /usr and manually merge lib/ and usr/lib/, since mv refuses to.
# # Create static gzip and brotli files # mv "$out/lib" "$out/orig_lib"
# find -L $out -type f -regextype posix-extended -iregex '.*\.(css|html|js|svg|ttf|txt)' \ # mv "$out/usr/"* "$out/"
# -exec gzip --best --keep --force {} ';' \ # mkdir -p "$out/lib/systemd/system/"
# -exec brotli --best --keep --no-copy-stat {} ';' # mv "$out/orig_lib/systemd/system/"* "$out/lib/systemd/system/"
# ''; # rmdir "$out/orig_lib/systemd/system"
# # rmdir "$out/orig_lib/systemd"
# tests = nixosTests.gitea; # rmdir "$out/orig_lib"
# }; # rmdir "$out/usr"
for f in "$out/lib/systemd/system/"*.service; do
substituteInPlace "$f" \
--replace "/usr/" "$out/"
done
for p in "$out/bin"; do
wrapProgram "$p" \
--set NIX_REDIRECTS "/usr/share=$out/share:/usr/bin=$out/bin" \
--prefix PATH : "${lib.makeBinPath [ fuse rsync iptables lsb-release jq ]}"
done
runHook postInstall
'';
meta = with lib; { meta = with lib; {
description = "Improves container isolation"; description = "Improves container isolation";
homepage = "https://github.com/nestybox/sysbox"; homepage = "https://github.com/nestybox/sysbox";
license = licenses.asl20; license = licenses.asl20;
broken = stdenv.isDarwin; platforms = with platforms; [ "x86_64-linux" ];
mainProgram = "sysbox-runc"; mainProgram = "sysbox-runc";
}; };
} }