update20181126

2018-11-26 00:35:07 +01:00
parent ae0700ab2d
commit 970c447a39
8 changed files with 124 additions and 6 deletions
--- a/module/dockerHelper/loadAndRunContainer.nix
+++ b/module/dockerHelper/loadAndRunContainer.nix
@@ -1,15 +1,29 @@
-{dockerPgks, name, image, tag, extraRunConfig}:
+{pkgs, imageName, image, tag, extraRunConfig, containerName? "${imageName}-${tag}"}:

+let
+    imageId= "${imageName}:${tag}";
+    dockerBin = "${pkgs.docker}/bin/docker";
+    loggerBin = "${pkgs.logger}/bin/logger";
+in
 {
-    systemd.services."docker-load-run-${name}-${tag}-container" = {
-        description = "Docker load and run ${name}-${tag}-container";
+    systemd.services."docker-load-run-${containerName}-container" = {
+        description = "Docker load and run ${containerName}-container";
        wantedBy    = [ "multi-user.target" ];
        wants       = [ "docker.service" "local-fs.target" ];
        after       = [ "docker.service" "local-fs.target" ];

        script = ''
-            ${dockerPgks}/bin/docker load < ${image}
-            ${dockerPgks}/bin/docker run -d --name ${name}-${tag} ${extraRunConfig} ${name}:${tag}
+        if [[ "$(${dockerBin} images -aq ${imageId} 2> /dev/null)" == "" ]]; then
+            ${dockerBin}  load < ${image}
+        else
+            ${loggerBin} -pdaemon.warning "an image with name ${imageId} already exists. Please use an other name or rename/remove the existing image, if you want use the new one."
+        fi
+
+        if [[ "$(${dockerBin} ps -qaf "name=${containerName}" 2> /dev/null)" == "" ]]; then
+            ${dockerBin} run -d --name ${containerName} ${extraRunConfig} ${imageId}
+        else
+            ${loggerBin} -pdaemon.warning "a container with name ${containerName} already exists. Please use an other name or rename/remove the existing containerName, if you want use the new one."
+        fi
        '';

        serviceConfig = {
--- a/module/dockerHelper/privatePullImage.nix
+++ b/module/dockerHelper/privatePullImage.nix
@@ -0,0 +1,28 @@
+{pkgs, lib, imageName, imageDigest, sha256,
+    registry ? "",
+    os ? "linux",
+    arch ? "amd64",
+    finalImageTag ? "latest",
+    name ? builtins.replaceStrings ["/" ":"] ["-" "-"] "docker-image-${imageName}-${finalImageTag}.tar",
+    copyFlags ? []}:
+
+let
+    fixRegistry  = lib.removePrefix "https://" (lib.removePrefix "http://" registry);
+in
+pkgs.runCommand name {
+     inherit imageName imageDigest;
+     imageTag = finalImageTag;
+     impureEnvVars = pkgs.stdenv.lib.fetchers.proxyImpureEnvVars;
+     outputHashMode = "flat";
+     outputHashAlgo = "sha256";
+     outputHash = sha256;
+
+     nativeBuildInputs = lib.singleton (pkgs.skopeo);
+     SSL_CERT_FILE = "${pkgs.cacert.out}/etc/ssl/certs/ca-bundle.crt";
+
+     sourceURL = "docker://${fixRegistry}${lib.optionalString (registry!="") "/"}${imageName}@${imageDigest}";
+     destNameTag = "${imageName}:${finalImageTag}";
+     cpFlags = copyFlags;
+    } ''
+     skopeo --override-os ${os} --override-arch ${arch} copy $cpFlags "$sourceURL" "docker-archive://$out:$destNameTag"
+    ''
--- a/services/dockerregistry.nix
+++ b/services/dockerregistry.nix
@@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+let
+    dockerRegistryImg = pkgs.dockerTools.pullImage {
+        imageName = "library/registry";
+        imageDigest = "sha256:5a156ff125e5a12ac7fdec2b90b7e2ae5120fa249cf62248337b6d04abc574c8";
+        sha256 = "1rz308i0ba5224nys2z48idpfwpw131wg3nzbyl26a6vdqbrx3lq";
+        finalImageTag = "2.6.2";
+    };
+in
+import ./../module/dockerHelper/loadAndRunContainer.nix { pkgs = pkgs; imageName = "registry"; image = dockerRegistryImg; tag = "2.6.2"; extraRunConfig = "--restart always -p 5000:5000";}
--- a/services/dockerregistryui.nix
+++ b/services/dockerregistryui.nix
@@ -0,0 +1,19 @@
+{ config, pkgs, ... }:
+
+let
+    dockerRegistryUiImg = pkgs.dockerTools.pullImage {
+        imageName = "joxit/docker-registry-ui";
+        imageDigest = "sha256:b146b0ce32f467b94799556f9efaa177603daf12e59c0754f91db87c6eaa60d6";
+        sha256 = "0bn4r102rg0bk9j6f8b841hmqwagvlz24njjj68nx8w91qmqzz2w";
+        finalImageTag = "0.5-static";
+    };
+
+in
+import ./../module/dockerHelper/loadAndRunContainer.nix {
+    pkgs = pkgs;
+    imageName = "joxit/docker-registry-ui";
+    containerName = "docker-registry-ui-0.5-static";
+    image = dockerRegistryUiImg;
+    tag = "0.5-static";
+    extraRunConfig = ''--restart always -p 9000:80 --link registry-2.6.2 -e REGISTRY_URL=http://registry-2.6.2:5000 -e DELETE_IMAGES=false -e REGISTRY_TITLE="My registry"'';
+}
--- a/services/enabled.nix
+++ b/services/enabled.nix
@@ -5,6 +5,8 @@
    [
        ./sshd.nix
        ./sonarqubedocker.nix
+        ./dockerregistry.nix
+        ./dockerregistryui.nix
 #	./sqq.nix
    ];
 }
--- a/services/sonarqubedocker.nix
+++ b/services/sonarqubedocker.nix
@@ -9,4 +9,4 @@ let
    };

 in
-import ./../module/dockerHelper/loadAndRunContainer.nix { dockerPgks = pkgs.docker; name = "sonarqube"; image = sonarqubeImg; tag = "7.1"; extraRunConfig = "--restart always -p 9000:9000 -p 9092:9092";}
+import ./../module/dockerHelper/loadAndRunContainer.nix { pkgs = pkgs; imageName = "sonarqube"; image = sonarqubeImg; tag = "7.1"; extraRunConfig = "--restart always -p 9000:9000 -p 9092:9092";}
--- a/services/sqb.nix
+++ b/services/sqb.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+
+let
+    sonarqubeImg = import ./../module/dockerHelper/privatePullImage.nix {
+        pkgs = pkgs;
+        lib= lib;
+        registry = "http://localhost:5000";
+        imageName = "sqqb";
+        imageDigest = "sha256:acd85db6e4b18aafa7fcde5480872909bd8e6d5fbd4e5e790ecc09acc06a8b78";
+        sha256 = "0md9mx7p21hyk7inqi0k44z2qi1p9ng0iv46g9qghf4v4jl77pri";
+        finalImageTag = "1";
+        copyFlags = ["--src-tls-verify=false" "--dest-tls-verify=false"];
+    };
+in
+import ./../module/dockerHelper/loadAndRunContainer.nix { pkgs = pkgs; imageName = "registry"; image = sonarqubeImg; tag = "1"; extraRunConfig = "--restart always -p 4200:4200";}
--- a/sonarqubeDocker.nix
+++ b/sonarqubeDocker.nix
@@ -0,0 +1,29 @@
+with import <nixpkgs> {};
+
+let
+    sonarqubeImg = dockerTools.pullImage {
+        imageName = "library/sonarqube";
+        imageDigest = "sha256:cc57b262ee9e7145456dee8c7ae24622c82b22cabeaac4651e7dd642da806f2e";
+        sha256 = "1cmx5p66c0639vkxp0hlfgfr4nyac4lcx0mcl25mkcwhcnlj1mrw";
+        finalImageTag = "7.1";
+    };
+
+in
+
+{
+    systemd.services.docker-load-sonarqube-image = {
+        description = "Docker load sonarqube-container";
+        wantedBy    = [ "multi-user.target" ];
+        wants       = [ "docker.service" "local-fs.target" ];
+        after       = [ "docker.service" "local-fs.target" ];
+
+        script = ''
+            ${docker}/bin/docker load < ${sonarqubeImg}
+            ${docker}/bin/docker run -d  --restart always --name sonarqube-7.1 -p 9000:9000 -p 9092:9092 sonarqube:7.1
+        '';
+
+        serviceConfig = {
+          Type = "oneshot";
+        };
+    };
+}