forked from infobyte/faraday
-
Notifications
You must be signed in to change notification settings - Fork 0
/
release.nix
75 lines (68 loc) · 2.32 KB
/
release.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
with import ./pynixify/nixpkgs.nix { };
let
version = builtins.head (builtins.match ".*'([0-9]+.[0-9]+(.[0-9]+)?)'.*"
(builtins.readFile ./faraday/__init__.py));
in { dockerName ? "registry.gitlab.com/faradaysec/faraday", dockerTag ? version
, systemUser ? "faraday", systemGroup ? "faraday", systemHome ? null
, port ? 5985, websocketPort ? 9000, bindAddress ? "localhost"
# If true, will ignore the contents of the last commit as source, ignoring
# uncommited changes. Recommended to improve reproducibility
, useLastCommit ? true }: rec {
faraday-server = python38.pkgs.faradaysec.overrideAttrs (old:
{
doCheck = true;
checkPhase = "true";
} // lib.optionalAttrs useLastCommit {
src = builtins.fetchGit {
url = ./.;
ref = "HEAD";
};
});
dockerImage = dockerTools.buildImage {
name = dockerName;
tag = dockerTag;
created = "now";
fromImage = null;
contents = [ faraday-server bash gnused coreutils ];
config = {
Cmd = [ ./scripts/docker-entrypoint.sh ];
ExposedPorts."5985/tcp" = { };
Volumes."/faraday-config" = { };
Volumes."/faraday-license" = { };
Volumes."/faraday-storage" = { };
Env = [ "FARADAY_HOME=/home/faraday" ];
};
extraCommands = ''
# Note: The current dir is the container's root file system
mkdir -p opt usr/bin
cp ${./scripts/docker-server.ini} server.ini
cp ${
./scripts/docker-entrypoint.sh
} . # Not required, but useful for debug
cp ${coreutils}/bin/env usr/bin/env
ln -s ${faraday-server} opt/faraday
ln -s /home/faraday/.faraday/storage faraday-storage
ln -s /home/faraday/.faraday/config faraday-config
'';
};
systemdUnit =
let home = if isNull systemHome then "/home/${systemUser}" else systemHome;
in writeText "faraday-server.service" ''
[Unit]
Description=Faraday Server
After=network.target
[Service]
Type=exec
UMask=2002
User=${systemUser}
Group=${systemGroup}
Environment=FARADAY_HOME=${home}
ExecStart=${faraday-server}/bin/faraday-server \
--port ${builtins.toString port} \
--websocket_port ${builtins.toString websocketPort} \
--bind_address ${bindAddress}
Restart=always
[Install]
WantedBy=multi-user.target
'';
}