62 lines
1.4 KiB
Nix
62 lines
1.4 KiB
Nix
{ depot, lib, ... }:
|
|
let
|
|
inherit (depot) pkgs;
|
|
inherit (depot.nix.pkgs) mercurial;
|
|
updateNixpkgs = pkgs.runCommand "update_nixpkgs" {
|
|
buildInputs = with pkgs; [ makeWrapper ];
|
|
} ''
|
|
mkdir -p $out/bin
|
|
cp ${./update_nixpkgs.sh} $out/bin/update_nixpkgs
|
|
chmod +x $out/bin/update_nixpkgs
|
|
patchShebangs --host $out/bin
|
|
wrapProgram $out/bin/update_nixpkgs \
|
|
--prefix PATH : ${pkgs.lib.makeBinPath (with pkgs; [ bashInteractive mercurial openssh coreutils copybara git gnused ])}
|
|
'';
|
|
in
|
|
pkgs.dockerTools.buildImage {
|
|
name = "update_nixpkgs";
|
|
config = {
|
|
Cmd = [ "${updateNixpkgs}/bin/update_nixpkgs" ];
|
|
Env = [
|
|
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
|
"USER=root"
|
|
];
|
|
};
|
|
|
|
copyToRoot = pkgs.buildEnv {
|
|
name = "update_nixpkgs-root";
|
|
paths = [
|
|
pkgs.cacert updateNixpkgs
|
|
(pkgs.runCommand "update_nixpkgs_content" {} ''
|
|
mkdir $out $out/root $out/root/.ssh $out/etc $out/tmp
|
|
chmod 700 $out/root $out/root/.ssh
|
|
chmod 1777 $out/tmp
|
|
|
|
cat <<EOF >$out/etc/passwd
|
|
root:x:0:0:System administrator:/root:/run/current-system/sw/bin/bash
|
|
EOF
|
|
|
|
cat <<EOF >$out/root/.ssh/config
|
|
Host hg
|
|
Hostname hg.lukegb.com
|
|
User hg
|
|
StrictHostKeyChecking no
|
|
IdentityFile /secrets/ssh_id
|
|
EOF
|
|
|
|
cat <<EOF >$out/root/.hgrc
|
|
[extensions]
|
|
histedit =
|
|
rebase =
|
|
strip =
|
|
remotenames =
|
|
amend =
|
|
evolve =
|
|
topic =
|
|
purge =
|
|
share =
|
|
EOF
|
|
'')
|
|
];
|
|
};
|
|
}
|