fix(build): Ensure root user is known inside of container

This is required by git in cases where Nixery is configured with a
custom git repository.

I've also added a shell back into the image to make debugging a
running Nixery easier. It turns out some of the dependencies already
pull in bash anyways, so this is just surfacing it to $PATH.
This commit is contained in:
Vincent Ambo 2019-08-17 09:29:56 +00:00 committed by Vincent Ambo
parent 9a95c4124f
commit 745b7ce0b8

View file

@ -61,6 +61,8 @@ rec {
# Create the build user/group required by Nix # Create the build user/group required by Nix
echo 'nixbld:x:30000:nixbld' >> /etc/group echo 'nixbld:x:30000:nixbld' >> /etc/group
echo 'nixbld:x:30000:30000:nixbld:/tmp:/bin/bash' >> /etc/passwd echo 'nixbld:x:30000:30000:nixbld:/tmp:/bin/bash' >> /etc/passwd
echo 'root:x:0:0:root:/root:/bin/bash' >> /etc/passwd
echo 'root:x:0:' >> /etc/group
# Disable sandboxing to avoid running into privilege issues # Disable sandboxing to avoid running into privilege issues
mkdir -p /etc/nix mkdir -p /etc/nix
@ -80,6 +82,7 @@ rec {
config.Cmd = [ "${nixery-launch-script}/bin/nixery" ]; config.Cmd = [ "${nixery-launch-script}/bin/nixery" ];
maxLayers = 96; maxLayers = 96;
contents = [ contents = [
bashInteractive
cacert cacert
coreutils coreutils
git git
@ -89,6 +92,7 @@ rec {
nixery-build-image nixery-build-image
nixery-launch-script nixery-launch-script
openssh openssh
zlib
]; ];
}; };
} }