urbit/nix/pkgs/docker-image/default.nix

{ urbit, libcap, coreutils, bashInteractive, dockerTools, writeScriptBin, amesPort ? 34343 }:
let
  startUrbit = writeScriptBin "start-urbit" ''
    #!${bashInteractive}/bin/bash

    set -eu

    # If the container is not started with the `-i` flag
    # then STDIN will be closed and we need to start
    # Urbit/vere with the `-t` flag.
    ttyflag=""
    if [ ! -t 0 ]; then
      echo "Running with no STDIN"
      ttyflag="-t"
    fi

    # Check if there is a keyfile, if so boot a ship with its name, and then remove the key
    if [ -e *.key ]; then
      # Get the name of the key
      keynames="*.key"
      keys=( $keynames )
      keyname=''${keys[0]}
      mv $keyname /tmp

      # Boot urbit with the key, exit when done booting
      urbit $ttyflag -w $(basename $keyname .key) -k /tmp/$keyname -c $(basename $keyname .key) -p ${toString amesPort} -x

      # Remove the keyfile for security
      rm /tmp/$keyname
      rm *.key || true
    elif [ -e *.comet ]; then
      cometnames="*.comet"
      comets=( $cometnames )
      cometname=''${comets[0]}
      rm *.comet

      urbit $ttyflag -c $(basename $cometname .comet) -p ${toString amesPort} -x
    fi

    # Find the first directory and start urbit with the ship therein
    dirnames="*/"
    dirs=( $dirnames )
    dirname=''${dirnames[0]}

    exec urbit $ttyflag -p ${toString amesPort} $dirname
    '';
    
    
in dockerTools.buildImage {
  name = "urbit";
  tag = "v${urbit.version}";
  contents = [ bashInteractive urbit startUrbit coreutils ];
  runAsRoot = ''
    #!${bashInteractive}
    mkdir -p /urbit
    mkdir -p /tmp
    ${libcap}/bin/setcap 'cap_net_bind_service=+ep' /bin/urbit
    '';
  config = {
    Cmd = [ "/bin/start-urbit" ];
    Env = [ "PATH=/bin" ];
    WorkingDir = "/urbit";
    Volumes = {
      "/urbit" = {};
    };
    Expose = [ "80/tcp" "${toString amesPort}/udp" ];
  };
}
build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00			`{ urbit, libcap, coreutils, bashInteractive, dockerTools, writeScriptBin, amesPort ? 34343 }:`
			`let`
			`startUrbit = writeScriptBin "start-urbit" ''`
			`#!${bashInteractive}/bin/bash`

			`set -eu`

docker-image: Pass `-t` flag to vere if not in an interactive container Vere will not run a ship if STDIN is closed, unless passed the `-t` flag. Hosted docker containers will not be interactive, but we would like the docker image to be usable locally and interactively as well. Thus, we check for STDIN being closed in the shell prior to launching Vere, and if it is closed, pass the `-t` flag. 2021-01-17 03:44:04 +03:00			# If the container is not started with the `-i` flag
			`# then STDIN will be closed and we need to start`
			# Urbit/vere with the `-t` flag.
			`ttyflag=""`
			`if [ ! -t 0 ]; then`
			`echo "Running with no STDIN"`
			`ttyflag="-t"`
			`fi`

build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00			`# Check if there is a keyfile, if so boot a ship with its name, and then remove the key`
			`if [ -e *.key ]; then`
			`# Get the name of the key`
			`keynames="*.key"`
			`keys=( $keynames )`
			`keyname=''${keys[0]}`
			`mv $keyname /tmp`

			`# Boot urbit with the key, exit when done booting`
docker-image: Pass `-t` flag to vere if not in an interactive container Vere will not run a ship if STDIN is closed, unless passed the `-t` flag. Hosted docker containers will not be interactive, but we would like the docker image to be usable locally and interactively as well. Thus, we check for STDIN being closed in the shell prior to launching Vere, and if it is closed, pass the `-t` flag. 2021-01-17 03:44:04 +03:00			`urbit $ttyflag -w $(basename $keyname .key) -k /tmp/$keyname -c $(basename $keyname .key) -p ${toString amesPort} -x`
build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00
			`# Remove the keyfile for security`
			`rm /tmp/$keyname`
			`rm *.key \|\| true`
			`elif [ -e *.comet ]; then`
			`cometnames="*.comet"`
			`comets=( $cometnames )`
			`cometname=''${comets[0]}`
			`rm *.comet`

docker-image: Pass `-t` flag to vere if not in an interactive container Vere will not run a ship if STDIN is closed, unless passed the `-t` flag. Hosted docker containers will not be interactive, but we would like the docker image to be usable locally and interactively as well. Thus, we check for STDIN being closed in the shell prior to launching Vere, and if it is closed, pass the `-t` flag. 2021-01-17 03:44:04 +03:00			`urbit $ttyflag -c $(basename $cometname .comet) -p ${toString amesPort} -x`
build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00			`fi`

			`# Find the first directory and start urbit with the ship therein`
			`dirnames="*/"`
			`dirs=( $dirnames )`
			`dirname=''${dirnames[0]}`

docker: add exec to final urbit invocation 2021-04-14 22:19:31 +03:00			`exec urbit $ttyflag -p ${toString amesPort} $dirname`
build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00			`'';`


			`in dockerTools.buildImage {`
			`name = "urbit";`
			`tag = "v${urbit.version}";`
			`contents = [ bashInteractive urbit startUrbit coreutils ];`
			`runAsRoot = ''`
			`#!${bashInteractive}`
			`mkdir -p /urbit`
			`mkdir -p /tmp`
			`${libcap}/bin/setcap 'cap_net_bind_service=+ep' /bin/urbit`
			`'';`
			`config = {`
			`Cmd = [ "/bin/start-urbit" ];`
			`Env = [ "PATH=/bin" ];`
			`WorkingDir = "/urbit";`
			`Volumes = {`
			`"/urbit" = {};`
			`};`
			`Expose = [ "80/tcp" "${toString amesPort}/udp" ];`
			`};`
			`}`