{ lib, dockerTools, php, bash, nginx, blackfire, coreutils, getent, shadow, buildEnv, runCommand, cacert, callPackage, cronie, redis, gnused, samba, wget, curl, git, sqlite-interactive, procps, gnugrep, minio-client, sudo, su, which, clamav, jq, oracle-instantclient, debug ? false, writeShellApplication, vim, helix, python3Packages, dnsmasq, }: let inherit (builtins) toString; inherit (lib) readFile getExe concatStringsSep splitString take; version = (fromTOML (readFile ../../Cargo.toml)).package.version; phpVersion = concatStringsSep "." (take 2 (splitString "." php.version)); phpEnv = callPackage ./php.nix {inherit debug php;}; bootstrap = writeShellApplication { name = "bootstrap"; runtimeInputs = [getent]; text = readFile ./bootstrap.sh; }; shadowSetupScript = writeShellApplication { name = "shadow-setup"; text = dockerTools.shadowSetup; }; tmpDir = runCommand "tmp-dir" {} '' mkdir -p $out/tmp mkdir -p $out/var/cache/nginx mkdir -p $out/var/log/nginx mkdir -p $out/var/log/cron mkdir -p $out/var/www/html mkdir -p $out/var/run mkdir -p $out/var/tmp mkdir -p $out/run mkdir -p $out/conf mkdir -p $out/var/spool ''; configs = callPackage ./configs.nix {}; scripts = callPackage ./scripts.nix {}; phpunitUnwrapped = majorVersion: callPackage ./phpunit.nix { inherit majorVersion; php = phpEnv; }; phpunitWrapped = majorVersion: writeShellApplication { name = "phpunit${toString majorVersion}"; text = '' ${phpunitUnwrapped (toString majorVersion)}/bin/phpunit "$@" ''; }; phpunit = writeShellApplication { name = "phpunit"; runtimeInputs = [jq]; text = '' MAJOR=$(jq -r 'first(.require."phpunit/phpunit" | scan("[[:digit:]]+"))' vendor-bin/phpunit/composer.json) case "$MAJOR" in 9) PKG=${phpunitUnwrapped "9"} ;; 10) PKG=${phpunitUnwrapped "10"} ;; 11) PKG=${phpunitUnwrapped "11"} ;; 12) PKG=${phpunitUnwrapped "12"} ;; *) PKG=${phpunitUnwrapped "10"} ;; esac "$PKG"/bin/phpunit "$@" ''; }; certificates = runCommand "scripts" {} '' mkdir -p $out cp -r ${../../certificates} $out/certificates ''; clamav-data = runCommand "scripts" {} '' mkdir -p $out/etc mkdir -p $out/var/lib/clamav cp ${data/clamav/daily.cvd} $out/var/lib/clamav/daily.cvd cp -r ${configs/clamav} $out/etc/clamav ''; baseImage = dockerTools.buildImage { name = "icewind1991/haze-base"; tag = phpVersion; copyToRoot = [ dockerTools.caCertificates dockerTools.usrBinEnv bash blackfire nginx coreutils shadow cronie redis gnused procps gnugrep minio-client sudo su which git sqlite-interactive clamav samba wget curl oracle-instantclient vim helix python3Packages.supervisor dnsmasq ]; }; phpImage = dockerTools.buildImage { name = "icewind1991/haze-php"; tag = phpVersion; fromImage = baseImage; copyToRoot = [ phpEnv phpEnv.packages.composer phpunit ]; }; in dockerTools.buildLayeredImage { name = "icewind1991/haze"; tag = phpVersion; maxLayers = 5; fromImage = phpImage; contents = [ tmpDir bootstrap configs scripts certificates clamav-data shadowSetupScript ]; fakeRootCommands = '' chmod 1777 tmp chmod 1777 var/tmp chmod 1777 var/run chmod 1777 var/log/nginx chmod 1777 var/cache/nginx chmod 1777 var/spool chmod -R 0755 etc/nc ''; config = { Cmd = [(getExe bootstrap)]; Env = [ "EDITOR=hx" "WEBROOT=/var/www/html" "HAZE_IMAGE_VERSION=${toString version}" ]; WorkingDir = "/var/www/html"; Labels = { "nl.icewind.haze.version" = toString version; }; }; }