hscloud/personal/vuko/shells/sftp.nix
vuko 6c678e391e personal/vuko/shells initial commit
Change-Id: Icba91e8d4ffe53fc8a7ab7946f3a1b45daf20290
2020-05-22 22:02:22 +02:00

75 lines
2.4 KiB
Nix

{ pkgs ? import <nixpkgs> {} }:
let
#dockertarpusher = pkgs.python37Packages.buildPythonPackage {
# pname = "dockertarpusher";
# version = "0.16";
# src = pkgs.fetchFromGitHub {
# owner = "Razikus";
# repo = "dockerregistrypusher";
# rev = "217894b79181a9a02ebc6744e0628777a0f89c36";
# sha256 = "09cqzd9gz42xw30x1jp9mx056k25i20kjzzdg3bk78a4bis29kd4";
# };
# propagatedBuildInputs = with pkgs; [
# python37Packages.requests
# ];
#};
#hsregistry_push = import ./registrypush {};
config = pkgs.runCommand "sshd_config" {} ''
mkdir -p $out/etc/ssh/
cp ${./sshd_config} $out/etc/ssh/sshd_config
#cp ${./test_keys/test_host_key} $out/etc/ssh/ssh_host_ed25519_key
#cp ${./test_keys/test_host_key.pub} $out/etc/ssh/ssh_host_ed25519_key.pub
#cp ${./test_keys/authorized_keys} $out/etc/ssh/authorized_keys
'';
name = "vuko/hs-shells-sftp";
base = pkgs.dockerTools.buildImage {
name = "vuko/ssh-base";
tag = "latest";
contents = [pkgs.openssh pkgs.busybox];
};
image = pkgs.dockerTools.buildImage {
inherit name;
tag = "latest";
fromImage = base;
contents = [config];
runAsRoot = ''
#!${pkgs.runtimeShell}
mkdir /data/
#echo "root:x:0:0::/root:/bin/nologin" > /etc/passwd
echo "shells:x:1:1::/data:/bin/sh" >> /etc/passwd
mkdir -p /etc/ssh/host/
mkdir -p /etc/ssh/auth/
mkdir -m 700 /tmp
chown 1:1 /tmp
cat <<EOF > /bin/start
#!/bin/sh
cp /etc/ssh/auth/authorized_keys /tmp/authorized_keys
/bin/sshd -D -e -f /etc/ssh/sshd_config
EOF
chmod +x /bin/start
'';
#https://serverfault.com/questions/344295/is-it-possible-to-run-sshd-as-a-normal-user
config = {
Cmd = [ "/bin/start" ];
WorkingDir = "/";
ExposedPorts = {
"2222/tcp" = {};
};
};
};
push = pkgs.writeShellScriptBin "push" ''
BASEDIR=$(realpath $(dirname ''${BASH_SOURCE}))
docker load < "''${BASEDIR}/../images/sftp.tar.gz"
docker tag ${name}:latest registry.k0.hswaw.net/${name}
docker push registry.k0.hswaw.net/${name}
#exec {hsregistry_push}/bin/hsregistry-push "$BASEDIR/../images/sftp.tar.gz" "$@"
'';
in pkgs.runCommand "hs-shells-sftp" {} ''
mkdir $out
mkdir -p $out/images $out/bin
ln -s ${image} $out/images/sftp.tar.gz
install ${push}/bin/push $out/bin/
''