shrub/nix/pkgs/docker-image/default.nix

{ urbit, libcap, coreutils, bashInteractive, dockerTools, writeScriptBin, amesPort ? 34343 }:
let
  startUrbit = writeScriptBin "start-urbit" ''
    #!${bashInteractive}/bin/bash

    set -eu

    # Check if there is a keyfile, if so boot a ship with its name, and then remove the key
    if [ -e *.key ]; then
      # Get the name of the key
      keynames="*.key"
      keys=( $keynames )
      keyname=''${keys[0]}
      mv $keyname /tmp

      # Boot urbit with the key, exit when done booting
      urbit -w $(basename $keyname .key) -k /tmp/$keyname -c $(basename $keyname .key) -p ${toString amesPort} -x

      # Remove the keyfile for security
      rm /tmp/$keyname
      rm *.key || true
    elif [ -e *.comet ]; then
      cometnames="*.comet"
      comets=( $cometnames )
      cometname=''${comets[0]}
      rm *.comet

      urbit -c $(basename $cometname .comet) -p ${toString amesPort} -x
    fi

    # Find the first directory and start urbit with the ship therein
    dirnames="*/"
    dirs=( $dirnames )
    dirname=''${dirnames[0]}

    urbit -p ${toString amesPort} $dirname
    '';
    
    
in dockerTools.buildImage {
  name = "urbit";
  tag = "v${urbit.version}";
  contents = [ bashInteractive urbit startUrbit coreutils ];
  runAsRoot = ''
    #!${bashInteractive}
    mkdir -p /urbit
    mkdir -p /tmp
    ${libcap}/bin/setcap 'cap_net_bind_service=+ep' /bin/urbit
    '';
  config = {
    Cmd = [ "/bin/start-urbit" ];
    Env = [ "PATH=/bin" ];
    WorkingDir = "/urbit";
    Volumes = {
      "/urbit" = {};
    };
    Expose = [ "80/tcp" "${toString amesPort}/udp" ];
  };
}
build: A 'smart' docker image This commit adds the `docker-image` attribute to the main Nix entrypoint, invoking `nix/pkgs/docker-image` which will build a 'smart' docker image that can load keyfiles or a pier and boot a ship It includes a README for the official docker image, suitable for posting as the README to a Docker Hub or similar docker image repository. 2021-01-09 19:04:45 +03:00			`{ urbit, libcap, coreutils, bashInteractive, dockerTools, writeScriptBin, amesPort ? 34343 }:`
			`let`
			`startUrbit = writeScriptBin "start-urbit" ''`
			`#!${bashInteractive}/bin/bash`

			`set -eu`

			`# Check if there is a keyfile, if so boot a ship with its name, and then remove the key`
			`if [ -e *.key ]; then`
			`# Get the name of the key`
			`keynames="*.key"`
			`keys=( $keynames )`
			`keyname=''${keys[0]}`
			`mv $keyname /tmp`

			`# Boot urbit with the key, exit when done booting`
			`urbit -w $(basename $keyname .key) -k /tmp/$keyname -c $(basename $keyname .key) -p ${toString amesPort} -x`

			`# Remove the keyfile for security`
			`rm /tmp/$keyname`
			`rm *.key \|\| true`
			`elif [ -e *.comet ]; then`
			`cometnames="*.comet"`
			`comets=( $cometnames )`
			`cometname=''${comets[0]}`
			`rm *.comet`

			`urbit -c $(basename $cometname .comet) -p ${toString amesPort} -x`
			`fi`

			`# Find the first directory and start urbit with the ship therein`
			`dirnames="*/"`
			`dirs=( $dirnames )`
			`dirname=''${dirnames[0]}`

			`urbit -p ${toString amesPort} $dirname`
			`'';`


			`in dockerTools.buildImage {`
			`name = "urbit";`
			`tag = "v${urbit.version}";`
			`contents = [ bashInteractive urbit startUrbit coreutils ];`
			`runAsRoot = ''`
			`#!${bashInteractive}`
			`mkdir -p /urbit`
			`mkdir -p /tmp`
			`${libcap}/bin/setcap 'cap_net_bind_service=+ep' /bin/urbit`
			`'';`
			`config = {`
			`Cmd = [ "/bin/start-urbit" ];`
			`Env = [ "PATH=/bin" ];`
			`WorkingDir = "/urbit";`
			`Volumes = {`
			`"/urbit" = {};`
			`};`
			`Expose = [ "80/tcp" "${toString amesPort}/udp" ];`
			`};`
			`}`