diff options
| author |  MarkKoz <[email protected]> | 2019-06-06 16:54:33 -0700 |
|---|---|---|
| committer | MarkKoz <[email protected]> | 2019-06-22 13:36:38 -0700 |
| commit | 2c843101843b975ece546b8921d53b3dd4e6974d (patch) | |
| tree | a3c56d081cc9b541d35662af26e80f7b2fbc02b6 /scripts | |
| parent | Add NsJail alias and switch to ash (diff) | |
Create shell script for building a dev image and running a shell
* Put scripts in a new scripts folder
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/.profile | 25 | ||||
| -rwxr-xr-x | scripts/dev.sh | 45 |
2 files changed, 70 insertions, 0 deletions
diff --git a/scripts/.profile b/scripts/.profile new file mode 100644 index 0000000..415e4f6 --- /dev/null +++ b/scripts/.profile @@ -0,0 +1,25 @@ +nsjpy() { + local nsj_args="" + while [ "$#" -gt 1 ]; do + nsj_args="${nsj_args:+${nsj_args} }$1" + shift + done + + mkdir -p /sys/fs/cgroup/pids/NSJAIL + mkdir -p /sys/fs/cgroup/memory/NSJAIL + nsjail \ + -Mo \ + --rlimit_as 700 \ + --chroot / \ + -E LANG=en_US.UTF-8 \ + -R/usr -R/lib -R/lib64 \ + --user nobody \ + --group nogroup \ + --time_limit 2 \ + --disable_proc \ + --iface_no_lo \ + --cgroup_pids_max=1 \ + --cgroup_mem_max=52428800 \ + $nsj_args -- \ + /snekbox/.venv/bin/python3 -Iq -c "$@" +} diff --git a/scripts/dev.sh b/scripts/dev.sh new file mode 100755 index 0000000..490021f --- /dev/null +++ b/scripts/dev.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env sh + +# Sets up a development environment and runs a shell in a docker container. +# Usage: dev.sh [--build [--clean]] [ash_args ...] + +if [ "$1" = "--build" ]; then + shift + printf "Building pythondiscord/snekbox-venv:dev..." + + docker build \ + -t pythondiscord/snekbox-venv:dev \ + -f docker/venv.Dockerfile \ + --build-arg DEV=1 \ + -q \ + . \ + >/dev/null \ + && printf " done!\n" || exit "$?" + + if [ "$1" = "--clean" ]; then + shift + dangling_imgs=$(docker images -f "dangling=true" -q) + + if [ -n "${dangling_imgs}" ]; then + printf "Removing dangling images..." + + docker rmi $dangling_imgs >/dev/null \ + && printf " done!\n" || exit "$?" + fi + fi +fi + +docker run \ + -it \ + --rm \ + --privileged \ + --network host \ + -h pdsnk-dev \ + -e PYTHONDONTWRITEBYTECODE=1 \ + -e PIPENV_PIPFILE="/snekbox/Pipfile" \ + -e ENV="/snekbox-local/scripts/.profile" \ + -v "${PWD}":/snekbox-local \ + -w "/snekbox-local" \ + --entrypoint /bin/ash \ + pythondiscord/snekbox-venv:dev \ + "$@" |