mirror of
https://codeberg.org/icewind/haze.git
synced 2026-06-03 17:14:08 +02:00
191 lines
3.8 KiB
Nix
191 lines
3.8 KiB
Nix
{
|
|
lib,
|
|
dockerTools,
|
|
php,
|
|
bash,
|
|
nginx,
|
|
blackfire,
|
|
coreutils,
|
|
getent,
|
|
shadow,
|
|
buildEnv,
|
|
runCommand,
|
|
cacert,
|
|
callPackage,
|
|
cronie,
|
|
redis,
|
|
gnused,
|
|
samba,
|
|
wget,
|
|
curl,
|
|
git,
|
|
sqlite-interactive,
|
|
procps,
|
|
gnugrep,
|
|
minio-client,
|
|
sudo,
|
|
su,
|
|
which,
|
|
clamav,
|
|
jq,
|
|
oracle-instantclient,
|
|
debug ? false,
|
|
writeShellApplication,
|
|
vim,
|
|
helix,
|
|
}: let
|
|
inherit (builtins) toString;
|
|
inherit (lib) readFile getExe concatStringsSep splitString take;
|
|
|
|
phpVersion = concatStringsSep "." (take 2 (splitString "." php.version));
|
|
phpEnv = callPackage ./php.nix {inherit debug php;};
|
|
|
|
bootstrap = writeShellApplication {
|
|
name = "bootstrap";
|
|
runtimeInputs = [getent];
|
|
text = readFile ./bootstrap.sh;
|
|
};
|
|
shadowSetupScript = writeShellApplication {
|
|
name = "shadow-setup";
|
|
text = dockerTools.shadowSetup;
|
|
};
|
|
|
|
tmpDir = runCommand "tmp-dir" {} ''
|
|
mkdir -p $out/tmp
|
|
mkdir -p $out/var/cache/nginx
|
|
mkdir -p $out/var/log/nginx
|
|
mkdir -p $out/var/log/cron
|
|
mkdir -p $out/var/www/html
|
|
mkdir -p $out/var/run
|
|
mkdir -p $out/var/tmp
|
|
mkdir -p $out/run
|
|
mkdir -p $out/conf
|
|
mkdir -p $out/var/spool
|
|
'';
|
|
configs = callPackage ./configs.nix {};
|
|
scripts = callPackage ./scripts.nix {};
|
|
phpunitUnwrapped = majorVersion:
|
|
callPackage ./phpunit.nix {
|
|
inherit majorVersion;
|
|
php = phpEnv;
|
|
};
|
|
|
|
phpunitWrapped = majorVersion:
|
|
writeShellApplication {
|
|
name = "phpunit${toString majorVersion}";
|
|
text = ''
|
|
${phpunitUnwrapped (toString majorVersion)}/bin/phpunit "$@"
|
|
'';
|
|
};
|
|
|
|
phpunit = writeShellApplication {
|
|
name = "phpunit";
|
|
runtimeInputs = [jq];
|
|
text = ''
|
|
MAJOR=$(jq -r 'first(.require."phpunit/phpunit" | scan("[[:digit:]]+"))' vendor-bin/phpunit/composer.json)
|
|
case "$MAJOR" in
|
|
9)
|
|
PKG=${phpunitUnwrapped "9"}
|
|
;;
|
|
10)
|
|
PKG=${phpunitUnwrapped "10"}
|
|
;;
|
|
11)
|
|
PKG=${phpunitUnwrapped "11"}
|
|
;;
|
|
12)
|
|
PKG=${phpunitUnwrapped "12"}
|
|
;;
|
|
*)
|
|
PKG=${phpunitUnwrapped "10"}
|
|
;;
|
|
esac
|
|
"$PKG"/bin/phpunit "$@"
|
|
'';
|
|
};
|
|
|
|
redis-certificates = runCommand "scripts" {} ''
|
|
mkdir -p $out
|
|
cp -r ${../../redis-certificates} $out/redis-certificates
|
|
'';
|
|
clamav-data = runCommand "scripts" {} ''
|
|
mkdir -p $out/etc
|
|
mkdir -p $out/var/lib/clamav
|
|
cp ${data/clamav/daily.cvd} $out/var/lib/clamav/daily.cvd
|
|
cp -r ${configs/clamav} $out/etc/clamav
|
|
'';
|
|
|
|
baseImage = dockerTools.buildImage {
|
|
name = "icewind1991/haze-base";
|
|
tag = phpVersion;
|
|
|
|
copyToRoot = [
|
|
dockerTools.caCertificates
|
|
dockerTools.usrBinEnv
|
|
bash
|
|
blackfire
|
|
nginx
|
|
coreutils
|
|
shadow
|
|
cronie
|
|
redis
|
|
gnused
|
|
procps
|
|
gnugrep
|
|
minio-client
|
|
sudo
|
|
su
|
|
which
|
|
git
|
|
sqlite-interactive
|
|
clamav
|
|
samba
|
|
wget
|
|
curl
|
|
oracle-instantclient
|
|
vim
|
|
helix
|
|
];
|
|
};
|
|
|
|
phpImage = dockerTools.buildImage {
|
|
name = "icewind1991/haze-php";
|
|
tag = phpVersion;
|
|
fromImage = baseImage;
|
|
|
|
copyToRoot = [
|
|
phpEnv
|
|
phpEnv.packages.composer
|
|
phpunit
|
|
];
|
|
};
|
|
in
|
|
dockerTools.buildLayeredImage {
|
|
name = "icewind1991/haze";
|
|
tag = phpVersion;
|
|
maxLayers = 5;
|
|
fromImage = phpImage;
|
|
contents = [
|
|
tmpDir
|
|
bootstrap
|
|
configs
|
|
scripts
|
|
redis-certificates
|
|
clamav-data
|
|
shadowSetupScript
|
|
];
|
|
fakeRootCommands = ''
|
|
chmod 1777 tmp
|
|
chmod 1777 var/tmp
|
|
chmod 1777 var/run
|
|
chmod 1777 var/log/nginx
|
|
chmod 1777 var/cache/nginx
|
|
chmod 1777 var/spool
|
|
chmod -R 0755 etc/nc
|
|
'';
|
|
config = {
|
|
Cmd = [(getExe bootstrap)];
|
|
Env = ["EDITOR=hx" "WEBROOT=/var/www/html"];
|
|
WorkingDir = "/var/www/html";
|
|
};
|
|
}
|