From ec6a328fe8d4070669a6e5116cbc36e1909c4612 Mon Sep 17 00:00:00 2001 From: Ben Challenor Date: Fri, 16 Mar 2018 03:17:49 +0000 Subject: [PATCH 1/2] Dockerfile: 1.11.14 -> 2.0 --- misc/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misc/docker/Dockerfile b/misc/docker/Dockerfile index d6b88c7e9..0646d30e5 100644 --- a/misc/docker/Dockerfile +++ b/misc/docker/Dockerfile @@ -4,7 +4,7 @@ FROM alpine RUN apk add --update openssl # Download Nix and install it into the system. -RUN wget -O- https://nixos.org/releases/nix/nix-1.11.14/nix-1.11.14-x86_64-linux.tar.bz2 | bzcat - | tar xf - \ +RUN wget -O- https://nixos.org/releases/nix/nix-2.0/nix-2.0-x86_64-linux.tar.bz2 | bzcat - | tar xf - \ && addgroup -g 30000 -S nixbld \ && for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \ && mkdir -m 0755 /nix && USER=root sh nix-*-x86_64-linux/install \ From a74288b9439153d17df8486230185c7e6b2b588b Mon Sep 17 00:00:00 2001 From: Ben Challenor Date: Mon, 19 Mar 2018 04:56:13 +0000 Subject: [PATCH 2/2] Dockerfile: verify tar file with sha256sum --- misc/docker/Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/misc/docker/Dockerfile b/misc/docker/Dockerfile index 0646d30e5..2f8e3dd7a 100644 --- a/misc/docker/Dockerfile +++ b/misc/docker/Dockerfile @@ -4,7 +4,9 @@ FROM alpine RUN apk add --update openssl # Download Nix and install it into the system. -RUN wget -O- https://nixos.org/releases/nix/nix-2.0/nix-2.0-x86_64-linux.tar.bz2 | bzcat - | tar xf - \ +RUN wget https://nixos.org/releases/nix/nix-2.0/nix-2.0-x86_64-linux.tar.bz2 \ + && echo "6312837aee33306cdbb351b75ba1638b89d21b30f0caf0346f9a742425f197ee nix-2.0-x86_64-linux.tar.bz2" | sha256sum -c \ + && tar xjf nix-*-x86_64-linux.tar.bz2 \ && addgroup -g 30000 -S nixbld \ && for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \ && mkdir -m 0755 /nix && USER=root sh nix-*-x86_64-linux/install \