nixpkgs/pkgs/build-support/singularity-tools/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

111 lines
2.9 KiB
Nix
Raw Normal View History

2016-11-14 02:26:59 +01:00
{ runCommand
2021-01-24 01:40:18 +01:00
, lib
2016-11-14 02:26:59 +01:00
, stdenv
, storeDir ? builtins.storeDir
, writeScript
, singularity
, writeReferencesToFile
, bash
, vmTools
, gawk
2020-11-24 16:29:28 +01:00
, util-linux
, runtimeShell
, e2fsprogs }:
2016-11-14 02:26:59 +01:00
rec {
shellScript = name: text:
writeScript name ''
#!${runtimeShell}
2016-11-14 02:26:59 +01:00
set -e
${text}
'';
mkLayer = {
name,
contents ? [],
}:
runCommand "singularity-layer-${name}" {
inherit contents;
} ''
mkdir $out
for f in $contents ; do
cp -ra $f $out/
done
'';
buildImage = {
name,
contents ? [],
diskSize ? 1024,
runScript ? "#!${stdenv.shell}\nexec /bin/sh",
runAsRoot ? null,
memSize ? 512
2016-11-14 02:26:59 +01:00
}:
let layer = mkLayer {
inherit name;
contents = contents ++ [ bash runScriptFile ];
};
runAsRootFile = shellScript "run-as-root.sh" runAsRoot;
runScriptFile = shellScript "run-script.sh" runScript;
result = vmTools.runInLinuxVM (
runCommand "singularity-image-${name}.img" {
2020-11-24 16:29:28 +01:00
buildInputs = [ singularity e2fsprogs util-linux gawk ];
2016-11-14 02:26:59 +01:00
layerClosure = writeReferencesToFile layer;
preVM = vmTools.createEmptyImage {
size = diskSize;
fullName = "singularity-run-disk";
};
inherit memSize;
2016-11-14 02:26:59 +01:00
}
''
rm -rf $out
mkdir disk
mkfs -t ext3 -b 4096 /dev/${vmTools.hd}
mount /dev/${vmTools.hd} disk
2020-01-31 00:44:01 +01:00
mkdir -p disk/img
cd disk/img
2017-11-07 04:47:20 +01:00
mkdir proc sys dev
2016-11-14 02:26:59 +01:00
# Run root script
2021-01-24 01:40:18 +01:00
${lib.optionalString (runAsRoot != null) ''
2016-11-14 02:26:59 +01:00
mkdir -p ./${storeDir}
mount --rbind ${storeDir} ./${storeDir}
unshare -imnpuf --mount-proc chroot ./ ${runAsRootFile}
umount -R ./${storeDir}
''}
# Build /bin and copy across closure
mkdir -p bin ./${builtins.storeDir}
2016-11-14 02:26:59 +01:00
for f in $(cat $layerClosure) ; do
cp -ar $f ./$f
done
for c in ${toString contents} ; do
for f in $c/bin/* ; do
2016-11-14 02:26:59 +01:00
if [ ! -e bin/$(basename $f) ] ; then
ln -s $f bin/
fi
done
done
2020-01-31 00:44:01 +01:00
# Create runScript and link shell
if [ ! -e bin/sh ]; then
ln -s ${runtimeShell} bin/sh
fi
2020-01-31 00:44:01 +01:00
mkdir -p .singularity.d
ln -s ${runScriptFile} .singularity.d/runscript
2016-11-14 02:26:59 +01:00
2018-11-01 01:21:02 +01:00
# Fill out .singularity.d
mkdir -p .singularity.d/env
touch .singularity.d/env/94-appsbase.sh
2016-11-14 02:26:59 +01:00
2018-11-01 01:21:02 +01:00
cd ..
mkdir -p /var/singularity/mnt/{container,final,overlay,session,source}
2018-11-01 01:21:02 +01:00
echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd
2020-07-15 14:05:37 +02:00
echo > /etc/resolv.conf
2020-01-31 00:44:01 +01:00
TMPDIR=$(pwd -P) singularity build $out ./img
2016-11-14 02:26:59 +01:00
'');
in result;
}