57 lines
1.7 KiB
Nix
57 lines
1.7 KiB
Nix
{ stdenv, squashfsTools, perl, pathsFromGraph
|
|
|
|
, # The root directory of the squashfs filesystem is filled with the
|
|
# closures of the Nix store paths listed here.
|
|
storeContents ? []
|
|
}:
|
|
|
|
stdenv.mkDerivation {
|
|
name = "squashfs.img";
|
|
|
|
buildInputs = [perl squashfsTools];
|
|
|
|
# For obtaining the closure of `storeContents'.
|
|
exportReferencesGraph =
|
|
map (x: [("closure-" + baseNameOf x) x]) storeContents;
|
|
|
|
buildCommand =
|
|
''
|
|
# Add the closures of the top-level store objects.
|
|
storePaths=$(perl ${pathsFromGraph} closure-*)
|
|
|
|
# If a Hydra slave happens to have store paths with bad permissions/mtime,
|
|
# abort now so that they don't end up in ISO images in the channel.
|
|
# https://github.com/NixOS/nixpkgs/issues/32242
|
|
hasBadPaths=""
|
|
for path in $storePaths; do
|
|
if [ -h "$path" ]; then
|
|
continue
|
|
fi
|
|
|
|
mtime=$(stat -c %Y "$path")
|
|
mode=$(stat -c %a "$path")
|
|
|
|
if [ "$mtime" != 1 ]; then
|
|
echo "Store path '$path' has an invalid mtime."
|
|
hasBadPaths=1
|
|
fi
|
|
if [ "$mode" != 444 ] && [ "$mode" != 555 ]; then
|
|
echo "Store path '$path' has invalid permissions."
|
|
hasBadPaths=1
|
|
fi
|
|
done
|
|
|
|
if [ -n "$hasBadPaths" ]; then
|
|
echo "You have bad paths in your store, please fix them."
|
|
exit 1
|
|
fi
|
|
|
|
# Also include a manifest of the closures in a format suitable
|
|
# for nix-store --load-db.
|
|
printRegistration=1 perl ${pathsFromGraph} closure-* > nix-path-registration
|
|
|
|
# Generate the squashfs image.
|
|
mksquashfs nix-path-registration $storePaths $out \
|
|
-keep-as-directory -all-root -b 1048576 -comp xz -Xdict-size 100%
|
|
'';
|
|
}
|