write-ups-challenges-2020-2021/fancy_text/generic.nix
2022-11-24 18:03:20 +01:00

61 lines
1.5 KiB
Nix

{ pkgs ? import <nixpkgs> {}, ... }:
with (import ../deployment/utils.nix {});
calculator-app: docker-entrypoint: name:
let
protocols = pkgs.writeTextDir "etc/protocols" ''
tcp 6 TCP # Transmission Control
'';
config = pkgs.writeTextDir "etc/xinetd.conf"
''
service ctf
{
disable = no
socket_type = stream
protocol = tcp
wait = no
user = ig
type = UNLISTED
port = 20000
bind = 0.0.0.0
server = /home/ig/docker-entrypoint.sh
# banner_fail = /etc/banner_fail
# safety options
# the maximum instances of this service per source IP address
per_source = 10
# the maximum number of CPU seconds that the service may use
rlimit_cpu = 20
# the Address Space resource limit for the service
rlimit_as = 512M
# kafel_rule = /etc/pwn.kafel
}
'';
add_files = [
(copy docker-entrypoint "home/ig/docker-entrypoint.sh")
(copy calculator-app "home/ig/serverside.py")
];
image = pkgs.dockerTools.buildImage {
name = name ;
tag = "latest";
runAsRoot = ''
#!${pkgs.stdenv.shell}
${pkgs.dockerTools.shadowSetup}
useradd -U -m ig && mkdir -p /home/ig
chown -R ig:ig /home/ig
mkdir -p /usr/local/bin
chmod -R -w /home/ig
chmod +x /home/ig/docker-entrypoint.sh
'';
contents = [ pkgs.xinetd pkgs.bash pkgs.python38Packages.pip pkgs.python3 config protocols ] ++ add_files;
config = {
ExposedPorts = {
"20000/tcp" = {};
};
Cmd = [ ./run.sh ];
};
}; in image