write-ups-challenges-2020-2021/fancy_text/generic.nix

{ pkgs ? import <nixpkgs> {}, ... }:

with (import ../deployment/utils.nix {});
calculator-app: docker-entrypoint: name:
let 
  protocols = pkgs.writeTextDir "etc/protocols" ''
tcp              6 TCP            # Transmission Control
  '';
  config = pkgs.writeTextDir "etc/xinetd.conf" 
  ''
    service ctf
{
    disable = no
    socket_type = stream
    protocol    = tcp
    wait        = no
    user        = ig
    type        = UNLISTED
    port        = 20000
    bind        = 0.0.0.0
    server      = /home/ig/docker-entrypoint.sh
    # banner_fail = /etc/banner_fail
    # safety options
    # the maximum instances of this service per source IP address
    per_source	= 10
    # the maximum number of CPU seconds that the service may use
    rlimit_cpu	= 20 
    # the Address Space resource limit for the service
    rlimit_as  = 512M 
    # kafel_rule = /etc/pwn.kafel
}
  '';
  add_files = [ 
    (copy docker-entrypoint "home/ig/docker-entrypoint.sh")
    (copy calculator-app "home/ig/serverside.py")
  ];
  image = pkgs.dockerTools.buildImage {
  name = name ;
  tag = "latest";

  runAsRoot = ''
  #!${pkgs.stdenv.shell}
  ${pkgs.dockerTools.shadowSetup}
    useradd -U -m ig && mkdir -p /home/ig
    chown -R ig:ig /home/ig
    mkdir -p /usr/local/bin
    chmod -R -w /home/ig
    chmod +x /home/ig/docker-entrypoint.sh
  '';

  contents = [ pkgs.xinetd pkgs.bash pkgs.python38Packages.pip pkgs.python3 config protocols ] ++ add_files;
  config = {
    ExposedPorts = {
      "20000/tcp" = {};
    };

    Cmd = [ ./run.sh ];
  };
}; in image
initial commit 2022-11-24 17:03:20 +00:00			`{ pkgs ? import <nixpkgs> {}, ... }:`

			`with (import ../deployment/utils.nix {});`
			`calculator-app: docker-entrypoint: name:`
			`let`
			`protocols = pkgs.writeTextDir "etc/protocols" ''`
			`tcp 6 TCP # Transmission Control`
			`'';`
			`config = pkgs.writeTextDir "etc/xinetd.conf"`
			`''`
			`service ctf`
			`{`
			`disable = no`
			`socket_type = stream`
			`protocol = tcp`
			`wait = no`
			`user = ig`
			`type = UNLISTED`
			`port = 20000`
			`bind = 0.0.0.0`
			`server = /home/ig/docker-entrypoint.sh`
			`# banner_fail = /etc/banner_fail`
			`# safety options`
			`# the maximum instances of this service per source IP address`
			`per_source = 10`
			`# the maximum number of CPU seconds that the service may use`
			`rlimit_cpu = 20`
			`# the Address Space resource limit for the service`
			`rlimit_as = 512M`
			`# kafel_rule = /etc/pwn.kafel`
			`}`
			`'';`
			`add_files = [`
			`(copy docker-entrypoint "home/ig/docker-entrypoint.sh")`
			`(copy calculator-app "home/ig/serverside.py")`
			`];`
			`image = pkgs.dockerTools.buildImage {`
			`name = name ;`
			`tag = "latest";`

			`runAsRoot = ''`
			`#!${pkgs.stdenv.shell}`
			`${pkgs.dockerTools.shadowSetup}`
			`useradd -U -m ig && mkdir -p /home/ig`
			`chown -R ig:ig /home/ig`
			`mkdir -p /usr/local/bin`
			`chmod -R -w /home/ig`
			`chmod +x /home/ig/docker-entrypoint.sh`
			`'';`

			`contents = [ pkgs.xinetd pkgs.bash pkgs.python38Packages.pip pkgs.python3 config protocols ] ++ add_files;`
			`config = {`
			`ExposedPorts = {`
			`"20000/tcp" = {};`
			`};`

			`Cmd = [ ./run.sh ];`
			`};`
			`}; in image`