Skip to content

Commit

Permalink
New Trezor Version
Browse files Browse the repository at this point in the history
  • Loading branch information
Thomas Bereczky committed May 7, 2024
1 parent 169a330 commit fb59356
Show file tree
Hide file tree
Showing 19 changed files with 18,109 additions and 940 deletions.
64 changes: 46 additions & 18 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,46 @@
FROM nixos/nix:2.12.0
# install the latest Alpine linux from scratch

# "fake" dbus address to prevent errors
# https://github.com/SeleniumHQ/docker-selenium/issues/87
#ENV DBUS_SESSION_BUS_ADDRESS=/dev/null
FROM scratch
ARG ALPINE_VERSION=3.15.0
ARG ALPINE_ARCH=x86_64
ADD docker/alpine-minirootfs-${ALPINE_VERSION}-${ALPINE_ARCH}.tar.gz /
# http://dl-cdn.alpinelinux.org/alpine/edge/releases/x86_64/alpine-minirootfs-3.15.0-x86_64.tar.gz

# the following is adapted from https://github.com/NixOS/docker/blob/master/Dockerfile

# Enable HTTPS support in wget and set nsswitch.conf to make resolution work within containers
RUN apk add --no-cache --update openssl \
&& echo hosts: files dns > /etc/nsswitch.conf
# Add basic packages
RUN apk update && apk add bash git python3

# Download Nix and install it into the system.
# https://nixos.org/releases/nix/nix-2.4/nix-2.4-x86_64-linux.tar.xz
ARG NIX_VERSION=2.4
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
&& tar xf nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
&& addgroup -g 30000 -S nixbld \
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
&& mkdir -m 0755 /etc/nix \
&& echo 'sandbox = false' > /etc/nix/nix.conf \
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-${ALPINE_ARCH}-linux/install \
&& ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d/ \
&& rm -r /nix-${NIX_VERSION}-${ALPINE_ARCH}-linux* \
&& rm -rf /var/cache/apk/* \
&& /nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-old \
&& /nix/var/nix/profiles/default/bin/nix-store --optimise \
&& /nix/var/nix/profiles/default/bin/nix-store --verify --check-contents

ENV \
USER=root \
PATH=/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin \
GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt \
NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \
NIX_PATH=/nix/var/nix/profiles/per-user/root/channels

# ####################################
# Trezor specific stuff starts here
# ####################################

# good colors for most applications
ENV TERM xterm
Expand All @@ -19,19 +57,9 @@ COPY ./ ./trezor-user-env

WORKDIR ./trezor-user-env

RUN ls /
RUN ls /trezor-user-env

RUN nix-shell --run "./src/binaries/firmware/bin/download.sh"
RUN nix-shell --run "./patch_emulators.sh src/binaries/firmware/bin"
RUN nix-shell --run "./src/binaries/trezord-go/bin/download.sh"

RUN nix-shell --run "./docker/create_version_file.sh"

RUN rm -rf /var/tmp/trezor.flash

RUN nix-shell --run "echo deps pre-installed"

RUN nix-shell --run "poetry install"
RUN nix-shell --run "poetry install --without dev --no-root && rm -rf $POETRY_CACHE_DIR" \
&& nix-shell --run "./src/binaries/firmware/bin/download.sh" \
&& nix-shell --run "./patch_emulators.sh src/binaries/firmware/bin" \
&& nix-shell --run "./src/binaries/trezord-go/bin/download.sh"

CMD nix-shell --run "./run-nix.sh"
2 changes: 2 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,5 @@ test:

test_with_running_controller:
pytest -s --controller-already-runs

.PHONY: check style_check style code_check test test_with_running_controller
64 changes: 46 additions & 18 deletions docker/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,46 @@
FROM nixos/nix:2.12.0
# install the latest Alpine linux from scratch

# "fake" dbus address to prevent errors
# https://github.com/SeleniumHQ/docker-selenium/issues/87
#ENV DBUS_SESSION_BUS_ADDRESS=/dev/null
FROM scratch
ARG ALPINE_VERSION=3.15.0
ARG ALPINE_ARCH=x86_64
ADD docker/alpine-minirootfs-${ALPINE_VERSION}-${ALPINE_ARCH}.tar.gz /
# http://dl-cdn.alpinelinux.org/alpine/edge/releases/x86_64/alpine-minirootfs-3.15.0-x86_64.tar.gz

# the following is adapted from https://github.com/NixOS/docker/blob/master/Dockerfile

# Enable HTTPS support in wget and set nsswitch.conf to make resolution work within containers
RUN apk add --no-cache --update openssl \
&& echo hosts: files dns > /etc/nsswitch.conf
# Add basic packages
RUN apk update && apk add bash git python3

# Download Nix and install it into the system.
# https://nixos.org/releases/nix/nix-2.4/nix-2.4-x86_64-linux.tar.xz
ARG NIX_VERSION=2.4
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
&& tar xf nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
&& addgroup -g 30000 -S nixbld \
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
&& mkdir -m 0755 /etc/nix \
&& echo 'sandbox = false' > /etc/nix/nix.conf \
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-${ALPINE_ARCH}-linux/install \
&& ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d/ \
&& rm -r /nix-${NIX_VERSION}-${ALPINE_ARCH}-linux* \
&& rm -rf /var/cache/apk/* \
&& /nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-old \
&& /nix/var/nix/profiles/default/bin/nix-store --optimise \
&& /nix/var/nix/profiles/default/bin/nix-store --verify --check-contents

ENV \
USER=root \
PATH=/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin \
GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt \
NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \
NIX_PATH=/nix/var/nix/profiles/per-user/root/channels

# ####################################
# Trezor specific stuff starts here
# ####################################

# good colors for most applications
ENV TERM xterm
Expand All @@ -19,19 +57,9 @@ COPY ./ ./trezor-user-env

WORKDIR ./trezor-user-env

RUN ls /
RUN ls /trezor-user-env

RUN nix-shell --run "./src/binaries/firmware/bin/download.sh"
RUN nix-shell --run "./patch_emulators.sh src/binaries/firmware/bin"
RUN nix-shell --run "./src/binaries/trezord-go/bin/download.sh"

RUN nix-shell --run "./docker/create_version_file.sh"

RUN rm -rf /var/tmp/trezor.flash

RUN nix-shell --run "echo deps pre-installed"

RUN nix-shell --run "poetry install"
RUN nix-shell --run "poetry install --without dev --no-root && rm -rf $POETRY_CACHE_DIR" \
&& nix-shell --run "./src/binaries/firmware/bin/download.sh" \
&& nix-shell --run "./patch_emulators.sh src/binaries/firmware/bin" \
&& nix-shell --run "./src/binaries/trezord-go/bin/download.sh"

CMD nix-shell --run "./run-nix.sh"
Binary file added docker/alpine-minirootfs-3.15.0-x86_64.tar.gz
View file
Binary file not shown.
17 changes: 0 additions & 17 deletions docker/create_version_file.sh
View file

This file was deleted.

0 comments on commit fb59356

Please sign in to comment.