next #1
184
Dockerfile
184
Dockerfile
@ -1,4 +1,5 @@
|
||||
FROM ubuntu@sha256:8e1c1ee12a539d652c371ee2f4ee66909f4f5fd8002936d8011d958f05faf989
|
||||
# focal as of 2020-04-23
|
||||
FROM ubuntu@sha256:5747316366b8cc9e3021cd7286f42b2d6d81e3d743e2ab571f55bcd5df788cc8
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
|
||||
@ -6,7 +7,7 @@ ARG UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu
|
||||
|
||||
ARG UID_TO_ADD=1000
|
||||
ARG GID_TO_ADD=1000
|
||||
ARG USERNAME_TO_ADD=sneak
|
||||
ARG USERNAME_TO_ADD=user
|
||||
|
||||
RUN \
|
||||
echo "deb $UBUNTU_MIRROR focal main universe restricted multiverse" > /etc/apt/sources.list.new && \
|
||||
@ -15,29 +16,190 @@ RUN \
|
||||
echo "deb $UBUNTU_MIRROR focal-backports main universe restricted multiverse" >> /etc/apt/sources.list.new && \
|
||||
mv /etc/apt/sources.list.new /etc/apt/sources.list
|
||||
|
||||
RUN \
|
||||
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \
|
||||
groupadd nixbld && \
|
||||
useradd -u $UID_TO_ADD -g $GID_TO_ADD --home-dir /home/user -m -s /bin/bash $USERNAME_TO_ADD && \
|
||||
usermod -p '*' $USERNAME_TO_ADD
|
||||
|
||||
|
||||
ADD https://sneak.cloud/authorized_keys /root/.ssh/authorized_keys
|
||||
ADD https://sneak.cloud/authorized_keys /home/user/.ssh/authorized_keys
|
||||
|
||||
# we only install essential system packages here
|
||||
ARG SYSTEM_PACKAGES="build-essential ca-certificates openssh-server git golang rsync runit locales"
|
||||
ARG SYSTEM_PACKAGES="\
|
||||
anacron \
|
||||
apt-transport-https \
|
||||
build-essential \
|
||||
byobu \
|
||||
ca-certificates \
|
||||
cron \
|
||||
cronic \
|
||||
curl \
|
||||
git \
|
||||
golang \
|
||||
locales \
|
||||
openssh-server \
|
||||
rsync \
|
||||
runit \
|
||||
sudo \
|
||||
tmux \
|
||||
"
|
||||
|
||||
RUN \
|
||||
apt update && \
|
||||
apt -y upgrade && \
|
||||
apt -y install $SYSTEM_PACKAGES && \
|
||||
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \
|
||||
useradd -u $UID_TO_ADD -g $GID_TO_ADD --home-dir /home/user -s /bin/bash $USERNAME_TO_ADD && \
|
||||
usermod -p '*' $USERNAME_TO_ADD && \
|
||||
echo $USERNAME_TO_ADD > /etc/workuser && \
|
||||
go get -v -u github.com/peterbourgon/runsvinit && \
|
||||
cp /root/go/bin/runsvinit /usr/local/sbin/runsvinit && \
|
||||
rm -rf /root/go && \
|
||||
rm /etc/ssh/*host*key*
|
||||
rm /etc/ssh/*host*key* && \
|
||||
apt -y purge golang && \
|
||||
apt -y autoremove
|
||||
|
||||
# nix for pkgs pls
|
||||
RUN mkdir /nix && chown user:user /nix
|
||||
|
||||
ARG OTHER_PACKAGES=" \
|
||||
apt-utils \
|
||||
aspell \
|
||||
aspell-en \
|
||||
automake \
|
||||
avahi-daemon \
|
||||
avahi-utils \
|
||||
bash-completion \
|
||||
bc \
|
||||
bind9-host \
|
||||
bonnie++ \
|
||||
build-essential \
|
||||
byobu \
|
||||
ca-certificates \
|
||||
cmake \
|
||||
curl \
|
||||
daemontools \
|
||||
debmirror \
|
||||
default-jdk \
|
||||
default-jre \
|
||||
diffstat \
|
||||
dnsutils \
|
||||
docker.io \
|
||||
dos2unix \
|
||||
editorconfig \
|
||||
ffmpeg \
|
||||
fonts-indic \
|
||||
fonts-ipafont-gothic \
|
||||
fonts-ipafont-mincho \
|
||||
fortune \
|
||||
git \
|
||||
gnupg2 \
|
||||
gnupg-agent \
|
||||
golang-go \
|
||||
host \
|
||||
imagemagick \
|
||||
iputils-ping \
|
||||
irssi \
|
||||
jq \
|
||||
lcov \
|
||||
ldap-auth-client \
|
||||
ldap-utils \
|
||||
libasound2 \
|
||||
libatk1.0-0 \
|
||||
libboost-all-dev \
|
||||
libbz2-dev \
|
||||
libdb++-dev \
|
||||
libffi-dev \
|
||||
libgconf-2-4 \
|
||||
libgtk-3-0 \
|
||||
libjpeg-dev \
|
||||
liblzma-dev \
|
||||
libncurses5-dev \
|
||||
libnss3 \
|
||||
libnss-mdns \
|
||||
libpng-dev \
|
||||
libreadline-dev \
|
||||
libsqlite3-dev \
|
||||
libssl-dev \
|
||||
libtool \
|
||||
libxcursor1 \
|
||||
libxml2 \
|
||||
libxml2-dev \
|
||||
libxmlsec1-dev \
|
||||
libxslt1-dev \
|
||||
llvm \
|
||||
locales \
|
||||
lsof \
|
||||
mailutils \
|
||||
make \
|
||||
man \
|
||||
man-db \
|
||||
mercurial \
|
||||
mosh \
|
||||
mutt \
|
||||
netcat-openbsd \
|
||||
nmap \
|
||||
nscd \
|
||||
openssh-server \
|
||||
pandoc \
|
||||
pass \
|
||||
pbzip2 \
|
||||
pinentry-curses \
|
||||
pkg-config \
|
||||
psmisc \
|
||||
pv \
|
||||
pwgen \
|
||||
python3 \
|
||||
python3-dev \
|
||||
python3-pip \
|
||||
rbenv \
|
||||
rsync \
|
||||
rsyslog \
|
||||
rsyslog-gnutls \
|
||||
rsyslog-relp \
|
||||
screen \
|
||||
snmp \
|
||||
snmpd \
|
||||
socat \
|
||||
software-properties-common \
|
||||
strace \
|
||||
sudo \
|
||||
tcpdump \
|
||||
telnet \
|
||||
texlive-latex-base \
|
||||
tk-dev \
|
||||
tmux \
|
||||
tree \
|
||||
ttf-wqy-microhei \
|
||||
ttf-wqy-zenhei \
|
||||
vagrant \
|
||||
vim \
|
||||
vim-gtk \
|
||||
wamerican-insane \
|
||||
wget \
|
||||
xterm \
|
||||
xz-utils \
|
||||
zfsutils-linux \
|
||||
zip \
|
||||
zlib1g-dev \
|
||||
"
|
||||
#RUN apt -y install $OTHER_PACKAGES
|
||||
|
||||
USER root
|
||||
ENV HOME /root
|
||||
|
||||
COPY ./root /
|
||||
|
||||
COPY ./build /tmp/build
|
||||
RUN bash /tmp/build/run.sh && rm -rf /tmp/build
|
||||
|
||||
RUN bash /tmp/build/root.sh
|
||||
|
||||
USER user
|
||||
ENV HOME /home/user
|
||||
RUN bash /tmp/build/user.sh
|
||||
|
||||
USER root
|
||||
ENV HOME /root
|
||||
RUN rm -rf /tmp/build
|
||||
|
||||
RUN chsh --shell /home/user/.nix-profile/bin/zsh user
|
||||
|
||||
RUN chmod +rx /etc/service/*/run
|
||||
|
||||
CMD ["/usr/local/sbin/runsvinit"]
|
||||
|
11
Makefile
11
Makefile
@ -1,4 +1,13 @@
|
||||
#export DOCKER_HOST := ssh://las1.eeqj.de
|
||||
|
||||
.PHONY: build
|
||||
|
||||
build:
|
||||
sudo docker build --build-arg UBUNTU_MIRROR=http://ubuntumirror.app.las1.eeqj.de/ubuntu . 2>&1 | tee -a build.log
|
||||
docker build \
|
||||
--build-arg UBUNTU_MIRROR=http://us.archive.ubuntu.com/ubuntu \
|
||||
-t sneak/work \
|
||||
. \
|
||||
2>&1 | tee -a build.log
|
||||
|
||||
enter:
|
||||
docker run -ti --rm=true -e HOME=/home/user -e USER=user --user=user -v /home/sneak:/home/user/.home sneak/work /home/user/.nix-profile/bin/zsh
|
||||
|
@ -1,122 +0,0 @@
|
||||
apt-transport-https
|
||||
apt-utils
|
||||
aspell
|
||||
aspell-en
|
||||
automake
|
||||
avahi-daemon
|
||||
avahi-utils
|
||||
bash-completion
|
||||
bc
|
||||
bind9-host
|
||||
bonnie++
|
||||
build-essential
|
||||
byobu
|
||||
ca-certificates
|
||||
cmake
|
||||
curl
|
||||
daemontools
|
||||
debmirror
|
||||
default-jdk
|
||||
default-jre
|
||||
diffstat
|
||||
dnsutils
|
||||
docker.io
|
||||
dos2unix
|
||||
editorconfig
|
||||
ffmpeg
|
||||
fonts-indic
|
||||
fonts-ipafont-gothic
|
||||
fonts-ipafont-mincho
|
||||
fortune
|
||||
git
|
||||
gnupg2
|
||||
gnupg-agent
|
||||
golang-go
|
||||
host
|
||||
imagemagick
|
||||
iputils-ping
|
||||
irssi
|
||||
jq
|
||||
lcov
|
||||
ldap-auth-client
|
||||
ldap-utils
|
||||
libasound2
|
||||
libatk1.0-0
|
||||
libboost-all-dev
|
||||
libbz2-dev
|
||||
libdb++-dev
|
||||
libffi-dev
|
||||
libgconf-2-4
|
||||
libgtk-3-0
|
||||
libjpeg-dev
|
||||
liblzma-dev
|
||||
libncurses5-dev
|
||||
libnss3
|
||||
libnss-mdns
|
||||
libpng-dev
|
||||
libreadline-dev
|
||||
libsqlite3-dev
|
||||
libssl-dev
|
||||
libtool
|
||||
libxcursor1
|
||||
libxml2
|
||||
libxml2-dev
|
||||
libxmlsec1-dev
|
||||
libxslt1-dev
|
||||
llvm
|
||||
locales
|
||||
lsof
|
||||
mailutils
|
||||
make
|
||||
man
|
||||
man-db
|
||||
mercurial
|
||||
mosh
|
||||
mutt
|
||||
netcat-openbsd
|
||||
nmap
|
||||
nscd
|
||||
openssh-server
|
||||
pandoc
|
||||
pass
|
||||
pbzip2
|
||||
pinentry-curses
|
||||
pkg-config
|
||||
psmisc
|
||||
pv
|
||||
pwgen
|
||||
python3
|
||||
python3-dev
|
||||
python3-pip
|
||||
rbenv
|
||||
rsync
|
||||
rsyslog
|
||||
rsyslog-gnutls
|
||||
rsyslog-relp
|
||||
runit
|
||||
screen
|
||||
snmp
|
||||
snmpd
|
||||
socat
|
||||
software-properties-common
|
||||
strace
|
||||
sudo
|
||||
tcpdump
|
||||
telnet
|
||||
texlive-latex-base
|
||||
tk-dev
|
||||
tmux
|
||||
tree
|
||||
ttf-wqy-microhei
|
||||
ttf-wqy-zenhei
|
||||
vagrant
|
||||
vim
|
||||
vim-gtk
|
||||
wamerican-insane
|
||||
wget
|
||||
xterm
|
||||
xz-utils
|
||||
zfsutils-linux
|
||||
zip
|
||||
zlib1g-dev
|
||||
zsh
|
@ -1,6 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
echo "##### build/run.sh"
|
||||
echo "##### build/root.sh"
|
||||
|
||||
export LANG="en_US.UTF-8"
|
||||
export LANGUAGE="en_US:en"
|
||||
@ -12,8 +12,6 @@ TD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)"
|
||||
|
||||
cd "$TD"
|
||||
|
||||
apt install -y $(cat packages.txt)
|
||||
|
||||
SSH_HOST_KEY_FILES="
|
||||
ssh_host_ecdsa_key
|
||||
ssh_host_ecdsa_key.pub
|
||||
@ -35,8 +33,10 @@ ln -s /hostroot/root /root/.home
|
||||
|
||||
# install other stuff here
|
||||
|
||||
pip3 install -U pip
|
||||
pip3 install black
|
||||
# FIXME do these with nix:
|
||||
#pip3 install -U pip
|
||||
#pip3 install black
|
||||
|
||||
# install python packages
|
||||
# install yarn
|
||||
# install prettier
|
||||
@ -46,12 +46,5 @@ mkdir -p /home/user/.ssh
|
||||
cp /root/.ssh/authorized_keys /home/user/.ssh/authorized_keys
|
||||
echo chown -Rv $UID_TO_ADD:$GID_TO_ADD /home/user
|
||||
chown -Rv $UID_TO_ADD:$GID_TO_ADD /home/user
|
||||
chsh --shell $(which zsh) $USERNAME_TO_ADD
|
||||
|
||||
echo "$USERNAME_TO_ADD ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/user
|
||||
|
||||
sudo \
|
||||
--set-home \
|
||||
--non-interactive \
|
||||
-u $USERNAME_TO_ADD \
|
||||
bash ./user.sh
|
@ -4,8 +4,10 @@ set -x
|
||||
|
||||
TD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)"
|
||||
|
||||
U="$USERNAME_TO_ADD"
|
||||
U="user"
|
||||
|
||||
export HOME=/home/user
|
||||
export USER=user
|
||||
export LC_ALL=en_US
|
||||
export LANG=en_US.UTF-8
|
||||
|
||||
@ -14,43 +16,26 @@ OH="/hosthome"
|
||||
# link ~/.home to original home
|
||||
ln -s "/hosthome" $HOME/.home
|
||||
|
||||
# oh-my-zsh
|
||||
curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh > /tmp/installomz.sh
|
||||
export ZSH="$HOME/.zsh"
|
||||
bash /tmp/installomz.sh --unattended --keep-zshrc
|
||||
|
||||
zsh -c 'vim &'
|
||||
#vim -s ~/.vimrc -c 'q!'
|
||||
# vim-plug
|
||||
# this should happen from vimrc
|
||||
#curl -fLo ~/.vim/autoload/plug.vim --create-dirs \
|
||||
# https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
|
||||
|
||||
# link in ssh key from original home
|
||||
mkdir -p ~/.ssh
|
||||
ln -s ~/.home/Documents/sync/secrets/ssh/pixel16/id_rsa ~/.ssh/id_rsa
|
||||
ln -s ~/.home/Documents/sync/secrets/ssh/pixel16/id_rsa.pub ~/.ssh/id_rsa.pub
|
||||
# /nix is already created for us and chowned to us by now:
|
||||
curl -L https://nixos.org/nix/install | sh
|
||||
|
||||
# install pyenv
|
||||
git clone -n https://github.com/pyenv/pyenv.git ~/.pyenv
|
||||
pushd ~/.pyenv
|
||||
git checkout 3e0f5e798ca16cd9389c4c8805038ac2c0d45cae
|
||||
popd
|
||||
source /home/user/.nix-profile/etc/profile.d/nix.sh
|
||||
|
||||
export PYENV_ROOT="$HOME/.pyenv"
|
||||
export PATH="$PYENV_ROOT/bin:$PATH"
|
||||
eval "$(pyenv init -)"
|
||||
pyenv install 3.8.2
|
||||
pyenv global 3.8.2
|
||||
# this should install all the packages from the config.nix:
|
||||
nix-env -i workEnv
|
||||
|
||||
git clone -n https://github.com/nvm-sh/nvm.git ~/.nvm
|
||||
pushd ~/.nvm
|
||||
git checkout 73438e339e242fce0cba443e5c4322ac996e9197
|
||||
popd
|
||||
# FIXME have this pull from synced dir instead
|
||||
# oh-my-zsh
|
||||
curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh > /tmp/installomz.sh
|
||||
export ZSH="$HOME/.zsh"
|
||||
zsh /tmp/installomz.sh && rm /tmp/installomz.sh
|
||||
|
||||
export NVM_DIR="$HOME/.nvm"
|
||||
source "$NVM_DIR/nvm.sh"
|
||||
|
||||
nvm install node
|
||||
|
||||
###############################################################################
|
||||
##### Personal Config
|
||||
@ -59,3 +44,18 @@ nvm install node
|
||||
# to abandon that hope and hardcode my own values in here.
|
||||
git config --global user.email sneak@sneak.berlin
|
||||
git config --global user.name sneak
|
||||
|
||||
mkdir -p ~/.paths
|
||||
# TODO FIXME change the syncthing paths on las1 when convenient sometime
|
||||
ln -s ~/.home/Documents/syncthing/folders/sync ~/.paths/sneak-sync
|
||||
ln -s ~/.home/Documents/syncthing/folders/scratch ~/.paths/sneak-scratch
|
||||
ln -s ~/.home/Documents/syncthing/folders/sneak-docs ~/.paths/sneak-docs
|
||||
ln -s ~/.paths/sneak-docs ~/Documents
|
||||
ln -s ~/.paths/sneak-scratch/dev ~/dev
|
||||
ln -s ~/.paths/sneak-sync/dotfiles/weechat ~/.weechat
|
||||
ln -s ~/.paths/sneak-sync/ssh/config ~/.ssh/config
|
||||
|
||||
# link in ssh key from original home
|
||||
mkdir -p ~/.ssh
|
||||
ln -s ~/.paths/sneak-sync/secrets/ssh/pixel16/id_rsa ~/.ssh/id_rsa
|
||||
ln -s ~/.paths/sneak-sync/secrets/ssh/pixel16/id_rsa.pub ~/.ssh/id_rsa.pub
|
||||
|
@ -1,21 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
UN="$(cat /etc/workuser)"
|
||||
HD="/home/$UN"
|
||||
|
||||
if [[ -e "$HD/.setupdone" ]]; then
|
||||
sleep 86400;
|
||||
exit
|
||||
fi
|
||||
|
||||
sudo \
|
||||
--set-home \
|
||||
--non-interactive \
|
||||
-u $UN \
|
||||
bash ./usersetup.sh && \
|
||||
sudo \
|
||||
--set-home \
|
||||
--non-interactive \
|
||||
-u $UN \
|
||||
touch $HD/.setupdone
|
||||
|
@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ -e ~/.home/Documents/scratch/dev ]]; then
|
||||
ln -s ~/.home/Documents/scratch/dev ~/dev
|
||||
else
|
||||
ln -s ~/.home/dev ~/dev
|
||||
fi
|
50
root/home/user/.config/nixpkgs/config.nix
Normal file
50
root/home/user/.config/nixpkgs/config.nix
Normal file
@ -0,0 +1,50 @@
|
||||
{ pkgs }:
|
||||
let
|
||||
# Inherit utilities
|
||||
inherit (pkgs) lib buildEnv;
|
||||
|
||||
homeDir = builtins.getEnv "HOME";
|
||||
|
||||
in {
|
||||
allowUnfree = true;
|
||||
#jre = pkgs.oraclejre8;
|
||||
#jdk = pkgs.oraclejdk8;
|
||||
|
||||
packageOverrides = pkgs: {
|
||||
|
||||
workEnv = lib.lowPrio (buildEnv {
|
||||
name = "work-env";
|
||||
ignoreCollisions = true;
|
||||
paths = with pkgs; [
|
||||
sneakDefaultPkgs
|
||||
weechat
|
||||
];
|
||||
});
|
||||
|
||||
sneakDefaultPkgs = lib.lowPrio (buildEnv {
|
||||
name = "sneakDefaultPkgs";
|
||||
ignoreCollisions = true;
|
||||
paths = with pkgs; [
|
||||
clang
|
||||
ctags
|
||||
curl
|
||||
gitAndTools.git-annex
|
||||
gitAndTools.git-extras
|
||||
gitAndTools.git2cl
|
||||
gitAndTools.gitFull
|
||||
gitAndTools.tig
|
||||
gnupg
|
||||
go
|
||||
nix-prefetch-scripts
|
||||
nix-repl
|
||||
openssh
|
||||
pwgen
|
||||
qemu
|
||||
tmux
|
||||
tree
|
||||
vim
|
||||
wget
|
||||
];
|
||||
});
|
||||
};
|
||||
}
|
@ -27,7 +27,7 @@ Plug 'zchee/deoplete-jedi', { 'for': 'python' }
|
||||
Plug 'vim-syntastic/syntastic'
|
||||
|
||||
set statusline+=%#warningmsg#
|
||||
set statusline+=%{SyntasticStatuslineFlag()}
|
||||
"set statusline+=%{SyntasticStatuslineFlag()}
|
||||
set statusline+=%*
|
||||
let g:syntastic_always_populate_loc_list = 1
|
||||
let g:syntastic_auto_loc_list = 1
|
||||
|
@ -68,10 +68,20 @@ HIST_STAMPS="yyyy-mm-dd"
|
||||
# Custom plugins may be added to ~/.oh-my-zsh/custom/plugins/
|
||||
# Example format: plugins=(rails git textmate ruby lighthouse)
|
||||
# Add wisely, as too many plugins slow down shell startup.
|
||||
plugins=(git git-prompt)
|
||||
plugins=(git git-prompt zsh-autosuggestions)
|
||||
|
||||
source $ZSH/oh-my-zsh.sh
|
||||
|
||||
if [[ -e ~/.nix-profile/etc/profile.d/nix.sh ]]; then
|
||||
source ~/.nix-profile/etc/profile.d/nix.sh
|
||||
fi
|
||||
|
||||
for FN in ~/.local/profile.d/*.sh ; do
|
||||
source "$FN"
|
||||
done
|
||||
|
||||
if [[ -d ~/.paths/sneak-sync/bashrc.d ]]; then
|
||||
for FN in ~/.paths/sneak-sync/bashrc.d/*.sh ; do
|
||||
source "$FN"
|
||||
done
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user