Skip to content

minimalish docker image #512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
danbornside wants to merge 12 commits into
base: develop
Choose a base branch
from
Open

minimalish docker image #512

Changes from 2 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
fe233ff
minimalish docker image
danbornside Sep 6, 2019
945cfef
specify tag from version
danbornside Sep 6, 2019
4bc2397
remove cargo culted shadowSetup
danbornside Sep 12, 2019
8ffa20c
adjust PATH to contain contents and coreutils
danbornside Sep 13, 2019
d8f2e60
Merge branch 'develop' into db-docker-support
ali-abrar Oct 3, 2019
e1d86d5
Merge branch 'develop' into db-docker-support
ali-abrar Oct 8, 2019
cf43528
Merge branch 'develop' into db-docker-support
ali-abrar Oct 11, 2019
ce8274b
Merge branch 'develop' into db-docker-support
ali-abrar Nov 14, 2019
2c904b1
expose docker image configuration
JBetz Nov 22, 2019
fc79b1a
Merge remote-tracking branch 'origin/develop' into db-docker-support
JBetz Nov 25, 2019
7109624
add documentation and changelog entry for docker support
JBetz Nov 25, 2019
1d22093
simplify example config
JBetz Nov 25, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 39 additions & 0 deletions default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,43 @@ in rec {
};
};

dockerImage = args@{exe, name, version}: let
dockerImageSetupScript = nixpkgs.dockerTools.shellScript "dockersetup.sh" ''
set -ex

${nixpkgs.dockerTools.shadowSetup}
echo 'nobody:x:99:99:Nobody:/:/sbin/nologin' >> /etc/passwd
echo 'nobody:*:17416:0:99999:7:::' >> /etc/shadow
echo 'nobody:x:99:' >> /etc/group
echo 'nobody:::' >> /etc/gshadow

mkdir -p /var/run/backend
ln -sft /var/run/backend '${exe}'/*
${nixpkgs.findutils}/bin/find /var/run/backend

chown 99:99 /var/run/backend
'';

in nixpkgs.dockerTools.buildImage {
Comment thread
3noch marked this conversation as resolved.
Outdated
name = name;
tag = version;
contents = [ nixpkgs.iana-etc nixpkgs.cacert ];
runAsRoot = dockerImageSetupScript;
keepContentsDirlinks = true;
config = {

Env = [
("PATH=" + builtins.concatStringsSep(":")([
"/var/run/backend"
]))
];
Expose = 8000;
Entrypoint = ["/var/run/backend/backend"];
WorkingDir = "/var/run/backend";
User = "99:99";
};
};

serverExe = backend: frontend: assets: optimizationLevel: version:
pkgs.runCommand "serverExe" {} ''
mkdir $out
Expand Down Expand Up @@ -353,6 +390,8 @@ in rec {
exe = serverOn system dummyVersion;
server = args@{ hostName, adminEmail, routeHost, enableHttps, version }:
server (args // { exe = linuxExe version; });
dockerImage = args@{ name, version }:
dockerImage (args // { exe = linuxExe version; });
obelisk = import (base + "/.obelisk/impl") {};
};
haskellPackageSets = {
Expand Down