chore(nix/docker/aio): we're so back

2026-04-30 18:06:38 +00:00 · 2025-02-13 11:39:13 +05:30
parent 02b17c8a03
commit 11c9f7e6f0
28 changed files with 204 additions and 38 deletions
--- a/nix/docker/all_in_one/init/s6-linux-init/default.nix
+++ b/nix/docker/all_in_one/init/s6-linux-init/default.nix
@@ -0,0 +1,40 @@
+{
+  stdenv,
+  # The first thing s6-linux-init does is to mount /run and recursively copy its
+  # template into /run/s6-linux-init.  Unfortunately the "template" contains
+  # setgid directories and named pipes, which means it can't be kept in the nix
+  # store.  In order to put it there, we wrap it in a cpio archive;
+  # unfortunately this means that we must run our own /run-mounting and
+  # cpio-unpacking script ahead of s6-linux-init's `init`.  The mount options
+  # for /run are the same as those found in s6-linux-init.c.
+  cpio,
+  # needed because s6-linux-init-maker expects to be able to create setgid
+  # directories, which the Nix sandbox forbids
+  fakeroot,
+  s6-linux-init,
+  basedir ? "/run/init",
+}:
+
+stdenv.mkDerivation {
+  name = "s6-linux-init";
+
+  phases = [
+    "installPhase"
+    "fixupPhase"
+  ];
+
+  nativeBuildInputs = [
+    s6-linux-init
+    fakeroot
+    cpio
+  ];
+
+  installPhase = ''
+    # patchShebangs skel
+    fakeroot s6-linux-init-maker -N -1 -f ${./skel} -c ${basedir} compiled
+
+    cd compiled
+    find . | cpio -Hnewc --create > $out
+    cd -
+  '';
+}