| vuko | 6c678e3 | 2020-05-22 22:02:22 +0200 | [diff] [blame^] | 1 | { pkgs ? import <nixpkgs> {} }: |
| 2 | let |
| 3 | #dockertarpusher = pkgs.python37Packages.buildPythonPackage { |
| 4 | # pname = "dockertarpusher"; |
| 5 | # version = "0.16"; |
| 6 | # src = pkgs.fetchFromGitHub { |
| 7 | # owner = "Razikus"; |
| 8 | # repo = "dockerregistrypusher"; |
| 9 | # rev = "217894b79181a9a02ebc6744e0628777a0f89c36"; |
| 10 | # sha256 = "09cqzd9gz42xw30x1jp9mx056k25i20kjzzdg3bk78a4bis29kd4"; |
| 11 | # }; |
| 12 | # propagatedBuildInputs = with pkgs; [ |
| 13 | # python37Packages.requests |
| 14 | # ]; |
| 15 | #}; |
| 16 | #hsregistry_push = import ./registrypush {}; |
| 17 | config = pkgs.runCommand "sshd_config" {} '' |
| 18 | mkdir -p $out/etc/ssh/ |
| 19 | cp ${./sshd_config} $out/etc/ssh/sshd_config |
| 20 | #cp ${./test_keys/test_host_key} $out/etc/ssh/ssh_host_ed25519_key |
| 21 | #cp ${./test_keys/test_host_key.pub} $out/etc/ssh/ssh_host_ed25519_key.pub |
| 22 | #cp ${./test_keys/authorized_keys} $out/etc/ssh/authorized_keys |
| 23 | ''; |
| 24 | name = "vuko/hs-shells-sftp"; |
| 25 | base = pkgs.dockerTools.buildImage { |
| 26 | name = "vuko/ssh-base"; |
| 27 | tag = "latest"; |
| 28 | contents = [pkgs.openssh pkgs.busybox]; |
| 29 | }; |
| 30 | image = pkgs.dockerTools.buildImage { |
| 31 | inherit name; |
| 32 | tag = "latest"; |
| 33 | fromImage = base; |
| 34 | contents = [config]; |
| 35 | |
| 36 | runAsRoot = '' |
| 37 | #!${pkgs.runtimeShell} |
| 38 | mkdir /data/ |
| 39 | #echo "root:x:0:0::/root:/bin/nologin" > /etc/passwd |
| 40 | echo "shells:x:1:1::/data:/bin/sh" >> /etc/passwd |
| 41 | mkdir -p /etc/ssh/host/ |
| 42 | mkdir -p /etc/ssh/auth/ |
| 43 | mkdir -m 700 /tmp |
| 44 | chown 1:1 /tmp |
| 45 | |
| 46 | cat <<EOF > /bin/start |
| 47 | #!/bin/sh |
| 48 | cp /etc/ssh/auth/authorized_keys /tmp/authorized_keys |
| 49 | /bin/sshd -D -e -f /etc/ssh/sshd_config |
| 50 | EOF |
| 51 | chmod +x /bin/start |
| 52 | ''; |
| 53 | |
| 54 | #https://serverfault.com/questions/344295/is-it-possible-to-run-sshd-as-a-normal-user |
| 55 | config = { |
| 56 | Cmd = [ "/bin/start" ]; |
| 57 | WorkingDir = "/"; |
| 58 | ExposedPorts = { |
| 59 | "2222/tcp" = {}; |
| 60 | }; |
| 61 | }; |
| 62 | }; |
| 63 | push = pkgs.writeShellScriptBin "push" '' |
| 64 | BASEDIR=$(realpath $(dirname ''${BASH_SOURCE})) |
| 65 | docker load < "''${BASEDIR}/../images/sftp.tar.gz" |
| 66 | docker tag ${name}:latest registry.k0.hswaw.net/${name} |
| 67 | docker push registry.k0.hswaw.net/${name} |
| 68 | #exec {hsregistry_push}/bin/hsregistry-push "$BASEDIR/../images/sftp.tar.gz" "$@" |
| 69 | ''; |
| 70 | in pkgs.runCommand "hs-shells-sftp" {} '' |
| 71 | mkdir $out |
| 72 | mkdir -p $out/images $out/bin |
| 73 | ln -s ${image} $out/images/sftp.tar.gz |
| 74 | install ${push}/bin/push $out/bin/ |
| 75 | '' |