From 45e4fecf2ebf1459a9dde12b784732b7d295f3ba Mon Sep 17 00:00:00 2001 From: Piotr Dobrowolski Date: Tue, 26 Apr 2022 23:09:43 +0200 Subject: [PATCH] shell: improve hermeticity * Add some missing tools and ssl cert bundles to fix builds when using nix-shell --pure * Replaced broken //tools:install with direct bazel build in shell.nix initialization to prevent cache thrashing * Added fontconfig file with roboto font for use in wkhtmltopdf Change-Id: I062380df5f1d83a0fb2df8ca172f362fff9ecf8e Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1301 Reviewed-by: q3k Reviewed-by: pl --- shell.nix | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/shell.nix b/shell.nix index e295a367..c55ee007 100644 --- a/shell.nix +++ b/shell.nix @@ -6,11 +6,28 @@ let in with hscloud.pkgs; let + fontconfig = pkgs.writeText "fc-00-nixos-cache.conf" '' + + + + /etc/fonts/fonts.conf + ${pkgs.roboto} + + ''; + wrapper = pkgs.writeScript "wrapper.sh" '' - source /etc/profile + export NIX_SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt" + export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt" + export FONTCONFIG_FILE="${fontconfig}" + source ${toString ./.}/env.sh - bazel run //tools:install + + # FIXME: //tools:install runs in a different PATH which thrashes our cache + # and causes massive rebuilds on every launch... This next line is the only + # important part off tools/install.sh + # bazel run //tools:install + bazel build //tools/... //cluster/tools/... # Fancy colorful PS1 to make people notice easily they're in hscloud. PS1='\[\033]0;\u/hscloud:\w\007\]' @@ -19,7 +36,7 @@ in with hscloud.pkgs; let fi export PS1 - exec bash "$@" + exec bash --noprofile --norc "$@" ''; in (pkgs.buildFHSUserEnv { @@ -38,6 +55,10 @@ in (pkgs.buildFHSUserEnv { which gnupg nettools + file + curl + netcat + nix ]; multiPkgs = pkgs: [ (pkgs.runCommand "protocols" {}