personal/vuko/shells/sftp.nix - hscloud - Gitiles

 { pkgs ? import <nixpkgs> {} }:
 let
   #dockertarpusher = pkgs.python37Packages.buildPythonPackage {
   #  pname = "dockertarpusher";
   #  version = "0.16";
   #  src = pkgs.fetchFromGitHub {
   #    owner = "Razikus";
   #    repo = "dockerregistrypusher";
   #    rev = "217894b79181a9a02ebc6744e0628777a0f89c36";
   #    sha256 = "09cqzd9gz42xw30x1jp9mx056k25i20kjzzdg3bk78a4bis29kd4";
   #  };
   #  propagatedBuildInputs = with pkgs; [
   #    python37Packages.requests
   #  ];
   #};
   #hsregistry_push = import ./registrypush {};
   config = pkgs.runCommand "sshd_config" {} ''
     mkdir -p $out/etc/ssh/
     cp ${./sshd_config} $out/etc/ssh/sshd_config
     #cp ${./test_keys/test_host_key} $out/etc/ssh/ssh_host_ed25519_key
     #cp ${./test_keys/test_host_key.pub} $out/etc/ssh/ssh_host_ed25519_key.pub
     #cp ${./test_keys/authorized_keys} $out/etc/ssh/authorized_keys
   '';
   name = "vuko/hs-shells-sftp";
   base = pkgs.dockerTools.buildImage {
     name = "vuko/ssh-base";
     tag = "latest";
     contents = [pkgs.openssh pkgs.busybox];
   };
   image = pkgs.dockerTools.buildImage {
     inherit name;
     tag = "latest";
     fromImage = base;
     contents = [config];

     runAsRoot = ''
       #!${pkgs.runtimeShell}
       mkdir /data/
       #echo "root:x:0:0::/root:/bin/nologin" > /etc/passwd
       echo "shells:x:1:1::/data:/bin/sh" >> /etc/passwd
       mkdir -p /etc/ssh/host/
       mkdir -p /etc/ssh/auth/
       mkdir -m 700 /tmp
       chown 1:1 /tmp

       cat <<EOF > /bin/start
       #!/bin/sh
       cp /etc/ssh/auth/authorized_keys /tmp/authorized_keys
       /bin/sshd -D -e -f /etc/ssh/sshd_config
       EOF
       chmod +x /bin/start
     '';

     #https://serverfault.com/questions/344295/is-it-possible-to-run-sshd-as-a-normal-user
     config = {
       Cmd = [ "/bin/start" ];
       WorkingDir = "/";
       ExposedPorts =  {
         "2222/tcp" = {};
       };
     };
   };
   push = pkgs.writeShellScriptBin "push" ''
     BASEDIR=$(realpath $(dirname ''${BASH_SOURCE}))
     docker load < "''${BASEDIR}/../images/sftp.tar.gz"
     docker tag ${name}:latest registry.k0.hswaw.net/${name}
     docker push registry.k0.hswaw.net/${name}
     #exec {hsregistry_push}/bin/hsregistry-push "$BASEDIR/../images/sftp.tar.gz" "$@"
   '';
 in pkgs.runCommand "hs-shells-sftp" {} ''
   mkdir $out
   mkdir -p $out/images $out/bin
   ln -s ${image} $out/images/sftp.tar.gz
   install ${push}/bin/push $out/bin/
 ''
	{ pkgs ? import <nixpkgs> {} }:
	let
	#dockertarpusher = pkgs.python37Packages.buildPythonPackage {
	# pname = "dockertarpusher";
	# version = "0.16";
	# src = pkgs.fetchFromGitHub {
	# owner = "Razikus";
	# repo = "dockerregistrypusher";
	# rev = "217894b79181a9a02ebc6744e0628777a0f89c36";
	# sha256 = "09cqzd9gz42xw30x1jp9mx056k25i20kjzzdg3bk78a4bis29kd4";
	# };
	# propagatedBuildInputs = with pkgs; [
	# python37Packages.requests
	# ];
	#};
	#hsregistry_push = import ./registrypush {};
	config = pkgs.runCommand "sshd_config" {} ''
	mkdir -p $out/etc/ssh/
	cp ${./sshd_config} $out/etc/ssh/sshd_config
	#cp ${./test_keys/test_host_key} $out/etc/ssh/ssh_host_ed25519_key
	#cp ${./test_keys/test_host_key.pub} $out/etc/ssh/ssh_host_ed25519_key.pub
	#cp ${./test_keys/authorized_keys} $out/etc/ssh/authorized_keys
	'';
	name = "vuko/hs-shells-sftp";
	base = pkgs.dockerTools.buildImage {
	name = "vuko/ssh-base";
	tag = "latest";
	contents = [pkgs.openssh pkgs.busybox];
	};
	image = pkgs.dockerTools.buildImage {
	inherit name;
	tag = "latest";
	fromImage = base;
	contents = [config];

	runAsRoot = ''
	#!${pkgs.runtimeShell}
	mkdir /data/
	#echo "root:x:0:0::/root:/bin/nologin" > /etc/passwd
	echo "shells:x:1:1::/data:/bin/sh" >> /etc/passwd
	mkdir -p /etc/ssh/host/
	mkdir -p /etc/ssh/auth/
	mkdir -m 700 /tmp
	chown 1:1 /tmp

	cat <<EOF > /bin/start
	#!/bin/sh
	cp /etc/ssh/auth/authorized_keys /tmp/authorized_keys
	/bin/sshd -D -e -f /etc/ssh/sshd_config
	EOF
	chmod +x /bin/start
	'';

	#https://serverfault.com/questions/344295/is-it-possible-to-run-sshd-as-a-normal-user
	config = {
	Cmd = [ "/bin/start" ];
	WorkingDir = "/";
	ExposedPorts = {
	"2222/tcp" = {};
	};
	};
	};
	push = pkgs.writeShellScriptBin "push" ''
	BASEDIR=$(realpath $(dirname ''${BASH_SOURCE}))
	docker load < "''${BASEDIR}/../images/sftp.tar.gz"
	docker tag ${name}:latest registry.k0.hswaw.net/${name}
	docker push registry.k0.hswaw.net/${name}
	#exec {hsregistry_push}/bin/hsregistry-push "$BASEDIR/../images/sftp.tar.gz" "$@"
	'';
	in pkgs.runCommand "hs-shells-sftp" {} ''
	mkdir $out
	mkdir -p $out/images $out/bin
	ln -s ${image} $out/images/sftp.tar.gz
	install ${push}/bin/push $out/bin/
	''