nix-helpers: baca61a0da69109332c25c93d023714bc23fb903
1: # Run a command in a Debian chroot which has the given packages installed
2: { bash, cacert, die, fetchurl, getType, lib, nix-helpers-sources, proot
3: , runCommand, wrap, writeScript }:
4:
5: with builtins;
6: with lib;
7: with rec {
8: rootfs = nix-helpers-sources.debian-image;
9:
10: # See https://github.com/proot-me/PRoot/issues/106
11: PROOT_NO_SECCOMP = "1";
12:
13: env = { debs, pkgs, post, pre, rootfs }:
14: runCommand "debian-chroot" {
15: inherit rootfs PROOT_NO_SECCOMP;
16: buildInputs = [ proot ];
17: __noChroot = true;
18: SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
19: script = writeScript "setup.sh" ''
20: #!${bash}/bin/bash
21: set -e
22:
23: # Preprocessing
24: ${pre}
25: # End preprocessing
26:
27: # Install packages
28: apt-get update
29: ${concatStringsSep "\n" (map (p: "apt-get install -y ${p}") pkgs)}
30: while read -r P
31: do
32: dpkg -i "$P"
33: done < <(find /root -maxdepth 1 -type f -name '*.deb' | sort -n)
34:
35: # Postprocessing
36: ${post}
37: # End postprocessing
38: '';
39: } ''
40: echo "Unpacking Debian" 1>&2
41: mkdir "$out"
42: pushd "$out"
43: tar xf "$rootfs"
44: popd
45:
46: echo "Installing setup script" 1>&2
47: cp "$script" "$out/setup.sh"
48:
49: echo "Pointing PATH to binary locations" 1>&2
50: export PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH"
51:
52: echo "Resetting /tmp variables" 1>&2
53: export TMPDIR=/tmp
54: export TEMPDIR=/tmp
55: export TMP=/tmp
56: export TEMP=/tmp
57:
58: if [[ ${toString (length debs)} -gt 0 ]]
59: then
60: echo "Copying across .debs" 1>&2
61: COUNT=0
62: ${
63: concatStringsSep "\n" (map (f: ''
64: cp "${f}" "$out/root/$COUNT.deb"
65: COUNT=$(( COUNT + 1 ))
66: '') debs)
67: }
68: fi
69:
70: echo "Setting up" 1>&2
71: proot -r "$out" -b /proc -b /dev -0 /setup.sh
72: '';
73: };
74: { binds ? [ "/dev" "/home" "/nix" "/proc" "/run" "/tmp" ], debs ? [ ]
75: , pkgs ? [ ], post ? "", pre ? "", rootfs }:
76: assert isList pkgs || die {
77: error = "Expected 'pkgs' to be a list of package names";
78: type = typeOf pkgs;
79: };
80: assert all isString pkgs || die {
81: error = "Expected package names in 'pkgs' to be strings";
82: types = map typeOf pkgs;
83: };
84: assert isList debs || die {
85: error = "Expected 'debs' to be a list of .deb files";
86: type = typeOf debs;
87: };
88: assert all (f: elem (getType f) [ "derivation" "path" ]) debs || die {
89: error = "Expected each of 'debs' to be a derivation or path to a .deb file";
90: types = map getType debs;
91: };
92: wrap {
93: name = "in-debian-chroot";
94: paths = [ bash proot ];
95: vars = {
96: inherit PROOT_NO_SECCOMP;
97: env = env { inherit debs rootfs pkgs post pre; };
98: };
99: script = ''
100: #!${bash}/bin/bash
101: export PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH"
102: export TMPDIR=/tmp
103: export TEMPDIR=/tmp
104: export TMP=/tmp
105: export TEMP=/tmp
106:
107: # shellcheck disable=SC2154
108: proot -r "$env" ${concatStringsSep " " (map (b: "-b " + b) binds)} "$@"
109: '';
110: }
Generated by git2html.