federatedcloud/NixTemplates:nix_alpine_base_e51467b4ad06617b8b104f6c9066df915fb4dfbd

$ singularity pull shub://federatedcloud/NixTemplates:nix_alpine_base_e51467b4ad06617b8b104f6c9066df915fb4dfbd

Singularity Recipe

Bootstrap: docker
From: alpine:3.7

%environment
export BASEIMG=alpine:3.7
export ENVSDIR=/nixenv/nixuser
export PATH=/nixenv/nixuser/.nix-profile/bin:/nixenv/nixuser/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin
export GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt
export NIX_SSL_CERT_FILE=$GIT_SSL_CAINFO
export NIX_PATH=/nix/var/nix/profiles/per-user/$USER/channels/
export nixenv=". /nixenv/nixuser/.nix-profile/etc/profile.d/nix.sh"

%setup
mkdir -p $SINGULARITY_ROOTFS/template/hometmp/.config/nixpkgs
mkdir -p $SINGULARITY_ROOTFS//nixenv/nixuser

# TODO: make this safer, or wait for Singularity to support better inheritance:
# For posterity; use sed to remove last line that starts an interactive shell:
cat $SINGULARITY_ROOTFS/.singularity.d/runscript | sed '$d' > $SINGULARITY_ROOTFS/.singularity.d/runscript-nixbase

%files
./Base/alpine_install_cmds.sh /template/
./Base/config.nix /template/hometmp/.config/nixpkgs/

%labels
MAINTAINER Brandon Barker <brandon.barker@cornell.edu>

%post

ENVSDIR=/nixenv/nixuser

mkdir -p /run/user
mkdir -m 0755 /nix

cd /nixenv/nixuser

/template/alpine_install_cmds.sh

#
# This only matters if nix is run as root:
#
echo "nixbld:x:30000:nixbld1,nixbld2,nixbld3,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld30" >> /etc/group \
&& for i in $(seq 1 30); do echo "nixbld$i:x:$((30000 + $i)):30000:::" >> /etc/passwd; done

wget -O- http://nixos.org/releases/nix/nix-2.0.4/nix-2.0.4-x86_64-linux.tar.bz2 | bzcat - | tar xf - \
&& USER=nobody HOME=/nixenv/nixuser sh nix-*-x86_64-linux/install 

chmod -R a+rw /nixenv/nixuser

#
# This broke at some point, so trying system certs for now:
# GIT_SSL_CAINFO=/nixenv/nixuser/.nix-profile/etc/ssl/certs/ca-bundle.crt \
# 
PATH=/nixenv/nixuser/.nix-profile/bin:/nixenv/nixuser/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin
GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt
NIX_SSL_CERT_FILE=$GIT_SSL_CAINFO
  
nixenv=". /nixenv/nixuser/.nix-profile/etc/profile.d/nix.sh"

chmod -R a+rw /nix
chmod a+rwx /run/user

%runscript

USER=$(whoami)
echo "runscript user is $USER"

if [ ! -f ${HOME}/.config/nixpkgs ]; then
  mkdir -p $HOME/.config/nixpkgs
  cp -R /template/hometmp/.config/nixpkgs/* $HOME/.config/nixpkgs/
fi


if [ ! -f /run/user/$(id -u $USER) ]; then
  #  chown $USER:$USER /run/user/$(id -u $USER) &&
  mkdir -p /run/user/$(id -u $USER) && \
  ln -s /nix/var/nix/profiles/per-user/$USER/profile $HOME/.nix-profile
fi

if [ ! -f "/nix/var/nix/profiles/per-user/$USER/channels" ]; then
  $nixenv && nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs && \
  nix-channel --add https://nixos.org/channels/nixos-unstable nixos
  $nixenv && nix-channel --update
fi

export NIX_PATH="/nix/var/nix/profiles/per-user/$USER/channels/"

exec /bin/sh "$@"

Collection


View on Datalad

Metrics

key value
id /containers/federatedcloud-NixTemplates-nix_alpine_base_e51467b4ad06617b8b104f6c9066df915fb4dfbd
collection name federatedcloud/NixTemplates
branch master
tag nix_alpine_base_e51467b4ad06617b8b104f6c9066df915fb4dfbd
commit 71c77dd3eb1bc508d6d5c003a35badacd6ebed17
version (container hash) 095de2a1fa5a3f93de2623059bedf72d
build date 2018-07-30T21:57:55.290Z
size (MB) 302
size (bytes) 53542943
SIF Download URL (please use pull with shub://)
Datalad URL View on Datalad
Singularity Recipe Singularity Recipe on Datalad
We cannot guarantee that all containers will still exist on GitHub.