|
|
|
@ -26,6 +26,26 @@
|
|
|
|
|
buildPhase = '''';
|
|
|
|
|
installPhase = ''cp -r src $out'';
|
|
|
|
|
};
|
|
|
|
|
vyosBuildScript = pkgs.writeShellScript "build-vyos" ''
|
|
|
|
|
cleanup() {
|
|
|
|
|
rmdir "$root"
|
|
|
|
|
}
|
|
|
|
|
root="$(mktemp -d)"
|
|
|
|
|
trap cleanup EXIT
|
|
|
|
|
iso_name="vyos-${cfg.buildFlags.version}-${cfg.buildFlags.architecture}.iso"
|
|
|
|
|
bld_dir="$root/vyos-build"
|
|
|
|
|
docker_cmd="${pkgs.docker}/bin/docker run --rm -it --privileged -v $bld_dir:/vyos -w /vyos vyos/vyos-build:current"
|
|
|
|
|
|
|
|
|
|
git clone -b current --single-branch https://github.com/vyos/vyos-build $root
|
|
|
|
|
$docker_cmd sudo ./build-vyos-image ${flavor} ${builtins.concatStringsSep " " bldFlags}
|
|
|
|
|
$docker_cmd sudo chown -R ${config.users.users.vyos-bld.uid}:${config.users.groups.vyos-bld.gid} /vyos
|
|
|
|
|
|
|
|
|
|
cp $bld_dir/build/$iso_name ${cfg.output}
|
|
|
|
|
mapfile -t old_isos < <(ls ${cfg.output} | head -n -${builtins.toString cfg.keep})
|
|
|
|
|
for i in ''${old_isos[@]}; do
|
|
|
|
|
rm -r ${cfg.output}/''${old_iso[$i]}
|
|
|
|
|
done
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
nixosModules.default =
|
|
|
|
|
{ config, options, pkgs, lib, ... }: with lib;
|
|
|
|
@ -92,33 +112,13 @@
|
|
|
|
|
};
|
|
|
|
|
networking.firewall.extraCommands = ''ip6tables -t nat -A POSTROUTING -s fd00::/80 ! -o docker0 -j MASQUERADE'';
|
|
|
|
|
|
|
|
|
|
bldScript = pkgs.writeShellScript "build-vyos" ''
|
|
|
|
|
cleanup() {
|
|
|
|
|
rmdir "$root"
|
|
|
|
|
}
|
|
|
|
|
root="$(mktemp -d)"
|
|
|
|
|
trap cleanup EXIT
|
|
|
|
|
iso_name="vyos-${cfg.buildFlags.version}-${cfg.buildFlags.architecture}.iso"
|
|
|
|
|
bld_dir="$root/vyos-build"
|
|
|
|
|
docker_cmd="${pkgs.docker}/bin/docker run --rm -it --privileged -v $bld_dir:/vyos -w /vyos vyos/vyos-build:current"
|
|
|
|
|
|
|
|
|
|
git clone -b current --single-branch https://github.com/vyos/vyos-build $root
|
|
|
|
|
$docker_cmd sudo ./build-vyos-image ${flavor} ${builtins.concatStringsSep " " bldFlags}
|
|
|
|
|
$docker_cmd sudo chown -R ${config.users.users.vyos-bld.uid}:${config.users.groups.vyos-bld.gid} /vyos
|
|
|
|
|
|
|
|
|
|
cp $bld_dir/build/$iso_name ${cfg.output}
|
|
|
|
|
mapfile -t old_isos < <(ls ${cfg.output} | head -n -${builtins.toString cfg.keep})
|
|
|
|
|
for i in ''${old_isos[@]}; do
|
|
|
|
|
rm -r ${cfg.output}/''${old_iso[$i]}
|
|
|
|
|
done
|
|
|
|
|
'';
|
|
|
|
|
systemd = {
|
|
|
|
|
services.docker.after = [ "firewall.service" ];
|
|
|
|
|
services.vyosBld = {
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
User = "vyos-bld";
|
|
|
|
|
Group = "vyos-bld";
|
|
|
|
|
ExecStart = bldScript;
|
|
|
|
|
ExecStart = pkgs.vyosBuildScript;
|
|
|
|
|
|
|
|
|
|
PrivateTmp = true;
|
|
|
|
|
ProtectHome = true;
|
|
|
|
@ -127,7 +127,7 @@
|
|
|
|
|
timers.vyosBld = {
|
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
|
timerConfig = {
|
|
|
|
|
OnCalendar = buildFreq;
|
|
|
|
|
OnCalendar = cfg.buildFreq;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
@ -141,7 +141,7 @@
|
|
|
|
|
};
|
|
|
|
|
in rec {
|
|
|
|
|
packages = {
|
|
|
|
|
inherit (pkgs) vid kyouma-www;
|
|
|
|
|
inherit (pkgs) vid kyouma-www vyosBuildScript;
|
|
|
|
|
default = packages.kyouma-www;
|
|
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|