diff --git a/nix/docker/default.nix b/nix/docker/default.nix index d452f8849..ad93c3a23 100644 --- a/nix/docker/default.nix +++ b/nix/docker/default.nix @@ -1,4 +1,4 @@ -# SPDX-FileCopyrightText: 2022 Gregor Kleen ,Sarah Vaupel ,Steffen Jost ,Steffen Jost +# SPDX-FileCopyrightText: 2022-2023 Gregor Kleen , Sarah Vaupel , Steffen Jost # # SPDX-License-Identifier: AGPL-3.0-or-later @@ -13,38 +13,47 @@ let printf '%s' $(date -Is -d '@${toString self.lastModified}') > $out ''); in if self ? lastModified then fromDate else "1970-01-01T00:00:01Z"; - + mkUniworxDocker = { isDemo }: prev.dockerTools.buildImage { name = "uniworx${optionalString isDemo "-demo"}"; tag = let versionFile = if isDemo then ./demo-version.json else ./version.json; in (builtins.fromJSON (prev.lib.readFile versionFile)).version; - inherit created; + inherit created; - contents = with final; [ - uniworx.uniworx.components.exes.uniworx - prev.dockerTools.binSh findutils coreutils - iana-etc - # for PDF creation with Pandoc and LuaTeX - #cups # needed for interface with print center -- did not work as intended, requires lpd running - busybox # should provide a working lpr -- to be tested - htop - pdftk # for encrypting pdfs - #texlive.combined.scheme-medium # too large for container in LMU build environment. - (texlive.combine { - inherit (texlive) scheme-basic - babel-german babel-english booktabs textpos - enumitem eurosym koma-script parskip xcolor dejavu - # required fro LuaTeX - luatexbase lualatex-math unicode-math selnolig - ; - }) - # just for manual testing within the pod, may be removef for production? - curl wget netcat openldap - unixtools.netstat htop gnugrep - locale - ] ++ optionals isDemo [ postgresql_12 memcached uniworx.uniworx.components.exes.uniworxdb ]; + copyToRoot = prev.buildEnv { + name = "uniworx${optionalString isDemo "-demo"}-root"; + paths = with final; [ + uniworx.uniworx.components.exes.uniworx + prev.dockerTools.binSh findutils coreutils + iana-etc + # just for manual testing within the pod, may be removed for production? + curl wget netcat openldap + unixtools.netstat htop gnugrep + locale + ] ++ optionals isDemo [ postgresql_12 memcached uniworx.uniworx.components.exes.uniworxdb ]; + + nativeBuildInputs = with prev; [ makeWrapper ]; + postBuild = '' + wrapProgram $out/bin/uniworx \ + --set-default LOCALE_ARCHIVE ${final.glibcLocalesUtf8}/lib/locale/locale-archive \ + --set-default LOCALE_ARCHIVE_2_27 ${final.glibcLocalesUtf8}/lib/locale/locale-archive \ + --set-default LANG en_DK.UTF-8 \ + --suffix PATH : ${makeBinPath (with final; [ + busybox + pdftk + (texlive.combine { + inherit (texlive) scheme-basic + babel-german babel-english booktabs textpos + enumitem eurosym koma-script parskip xcolor dejavu + # required fro LuaTeX + luatexbase lualatex-math unicode-math selnolig + ; + }) + ])} + ''; + }; runAsRoot = '' #!${final.stdenv.shell} @@ -61,7 +70,7 @@ let install -d -g uniworx -o uniworx -m 0755 /var/log/uniworx # just to see how to create directories here - mkdir -p /testdir + mkdir -p /testdir ${optionalString isDemo '' install -d -g uniworx -o uniworx -m 0750 /var/lib/postgres @@ -134,7 +143,7 @@ let approot: "_env:APPROOT:http://localhost:8080" ''; in { - Cmd = [ "${entrypoint}/bin/uniworx-entrypoint" ]; + Cmd = [ "${final.tini}/bin/tini" "${entrypoint}/bin/uniworx-entrypoint" ]; User = "uniworx:uniworx"; ExposedPorts = { "8080/tcp" = {}; @@ -145,6 +154,10 @@ let } // optionalAttrs isDemo { "/var/lib/postgres" = {}; }; + Env = [ + "TINI_SUBREAPER=yes" + "TINI_VERBOSITY=2" + ]; }; }; in @@ -160,7 +173,7 @@ in minio-client xz ]; - + runAsRoot = '' #!${final.stdenv.shell}