33 lines
936 B
Nix
33 lines
936 B
Nix
{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
|
|
let
|
|
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
|
|
in
|
|
# For simplicity we only support sha256.
|
|
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
|
|
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
|
|
let
|
|
pullImage = vmTools.runInLinuxVM (
|
|
stdenv.mkDerivation {
|
|
inherit name imageId;
|
|
|
|
certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";
|
|
|
|
builder = ./pull.sh;
|
|
|
|
nativeBuildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];
|
|
|
|
outputHashAlgo = "sha256";
|
|
outputHash = sha256;
|
|
|
|
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
|
|
|
|
preVM = vmTools.createEmptyImage {
|
|
size = 2048;
|
|
fullName = "${name}-disk";
|
|
};
|
|
|
|
QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
|
|
});
|
|
in
|
|
pullImage
|