pyrox.dev / nixpkgs
lol
fork atom

apptainer, singularity: fix defaultPath and reflect upstream changes

Upstream changes:
singularity 3.8.7 (the legacy) -> apptainer 1.1.3 (the renamed) / singularity 3.10.4 (Sylabs's fork)

Build process:
* Share between different sources
* Fix the sed regexp to make defaultPath patch work
* allowGoReference is now true
* Provied input parameter removeCompat (default to false)
that removes the compatible "*singularity*" symbolic links
and related autocompletion files when projectName != "singularity"
* Change localstatedir to /var/lib
* Format with nixpkgs-fmt
* Fix the defaultPath patching
and use it instead of the `<executable> path` config directive
deprecated in Apptainer
* Provide dependencies for new functionalities such as
squashfuse (unprivileged squashfs mount)
* Provide an attribute `defaultPathInputs` to override
prefix of container runtime default PATH

NixOS module programs.singularity:
* Allow users to specify packages
* Place related directories to /var/lib
* Format with nixpkgs-fmt

singularity-tools:
* Allow users to specify packages
* Place related directories to /var/lib when building images in VM

Yueh-Shun Li 50788d2f ef09cfec

+423 -105
unified split
+36
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
··· 924 924 </listitem> 925 925 <listitem> 926 926 <para> 927 + As Singularity has renamed to 928 + <link xlink:href="https://apptainer.org/news/community-announcement-20211130">Apptainer</link> 929 + to distinguish from 930 + <link xlink:href="https://sylabs.io/2021/05/singularity-community-edition">an 931 + un-renamed fork by Sylabs Inc.</link>, there are now two 932 + packages of Singularity/Apptainer: 933 + </para> 934 + <itemizedlist spacing="compact"> 935 + <listitem> 936 + <para> 937 + <literal>apptainer</literal>: From 938 + <literal>github.com/apptainer/apptainer</literal>, which 939 + is the new repo after renaming. 940 + </para> 941 + </listitem> 942 + <listitem> 943 + <para> 944 + <literal>singularity</literal>: From 945 + <literal>github.com/sylabs/singularity</literal>, which is 946 + the fork by Sylabs Inc.. 947 + </para> 948 + </listitem> 949 + </itemizedlist> 950 + <para> 951 + <literal>programs.singularity</literal> got a new 952 + <literal>package</literal> option to specify which package to 953 + use. 954 + </para> 955 + <para> 956 + <literal>singularity-tools.buildImage</literal> got a new 957 + input argument <literal>singularity</literal> to specify which 958 + package to use. 959 + </para> 960 + </listitem> 961 + <listitem> 962 + <para> 927 963 The <literal>unifi-poller</literal> package and corresponding 928 964 NixOS module have been renamed to <literal>unpoller</literal> 929 965 to match upstream.
+10
nixos/doc/manual/release-notes/rl-2305.section.md
··· 225 225 226 226 - The `zramSwap` is now implemented with `zram-generator`, and the option `zramSwap.numDevices` for using ZRAM devices as general purpose ephemeral block devices has been removed. 227 227 228 + - As Singularity has renamed to [Apptainer](https://apptainer.org/news/community-announcement-20211130) 229 + to distinguish from [an un-renamed fork by Sylabs Inc.](https://sylabs.io/2021/05/singularity-community-edition), 230 + there are now two packages of Singularity/Apptainer: 231 + * `apptainer`: From `github.com/apptainer/apptainer`, which is the new repo after renaming. 232 + * `singularity`: From `github.com/sylabs/singularity`, which is the fork by Sylabs Inc.. 233 + 234 + `programs.singularity` got a new `package` option to specify which package to use. 235 + 236 + `singularity-tools.buildImage` got a new input argument `singularity` to specify which package to use. 237 + 228 238 - The `unifi-poller` package and corresponding NixOS module have been renamed to `unpoller` to match upstream. 229 239 230 240 - The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting.
+64 -20
nixos/modules/programs/singularity.nix
··· 3 3 with lib; 4 4 let 5 5 cfg = config.programs.singularity; 6 - singularity = pkgs.singularity.overrideAttrs (attrs: { 7 - installPhase = attrs.installPhase + '' 8 - mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig 9 - ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid 10 - ''; 11 - }); 12 6 in 13 7 { 14 8 15 9 options.programs.singularity = { 16 - enable = mkEnableOption (lib.mdDoc "Singularity"); 10 + enable = mkEnableOption (mdDoc "singularity") // { 11 + description = mdDoc '' 12 + Whether to install Singularity/Apptainer with system-level overriding such as SUID support. 13 + ''; 14 + }; 15 + package = mkOption { 16 + type = types.package; 17 + default = pkgs.singularity; 18 + defaultText = literalExpression "pkgs.singularity"; 19 + example = literalExpression "pkgs.apptainer"; 20 + description = mdDoc '' 21 + Singularity/Apptainer package to override and install. 22 + ''; 23 + }; 24 + packageOverriden = mkOption { 25 + type = types.nullOr types.package; 26 + default = null; 27 + description = mdDoc '' 28 + This option provides access to the overriden result of `programs.singularity.package`. 29 + 30 + For example, the following configuration makes all the Nixpkgs packages use the overriden `singularity`: 31 + ```Nix 32 + { config, lib, pkgs, ... }: 33 + { 34 + nixpkgs.overlays = [ 35 + (final: prev: { 36 + _singularity-orig = prev.singularity; 37 + singularity = config.programs.singularity.packageOverriden; 38 + }) 39 + ]; 40 + programs.singularity.enable = true; 41 + programs.singularity.package = pkgs._singularity-orig; 42 + } 43 + ``` 44 + 45 + Use `lib.mkForce` to forcefully specify the overriden package. 46 + ''; 47 + }; 48 + enableSuid = mkOption { 49 + type = types.bool; 50 + default = true; 51 + example = false; 52 + description = mdDoc '' 53 + Whether to enable the SUID support of Singularity/Apptainer. 54 + ''; 55 + }; 17 56 }; 18 57 19 58 config = mkIf cfg.enable { 20 - environment.systemPackages = [ singularity ]; 21 - security.wrappers.singularity-suid = 22 - { 23 - setuid = true; 24 - owner = "root"; 25 - group = "root"; 26 - source = "${singularity}/libexec/singularity/bin/starter-suid.orig"; 27 - }; 59 + programs.singularity.packageOverriden = (cfg.package.override ( 60 + optionalAttrs cfg.enableSuid { 61 + enableSuid = true; 62 + starterSuidPath = "/run/wrappers/bin/${cfg.package.projectName}-suid"; 63 + } 64 + )); 65 + environment.systemPackages = [ cfg.packageOverriden ]; 66 + security.wrappers."${cfg.packageOverriden.projectName}-suid" = mkIf cfg.enableSuid { 67 + setuid = true; 68 + owner = "root"; 69 + group = "root"; 70 + source = "${cfg.packageOverriden}/libexec/${cfg.packageOverriden.projectName}/bin/starter-suid.orig"; 71 + }; 28 72 systemd.tmpfiles.rules = [ 29 - "d /var/singularity/mnt/session 0770 root root -" 30 - "d /var/singularity/mnt/final 0770 root root -" 31 - "d /var/singularity/mnt/overlay 0770 root root -" 32 - "d /var/singularity/mnt/container 0770 root root -" 33 - "d /var/singularity/mnt/source 0770 root root -" 73 + "d /var/lib/${cfg.packageOverriden.projectName}/mnt/session 0770 root root -" 74 + "d /var/lib/${cfg.packageOverriden.projectName}/mnt/final 0770 root root -" 75 + "d /var/lib/${cfg.packageOverriden.projectName}/mnt/overlay 0770 root root -" 76 + "d /var/lib/${cfg.packageOverriden.projectName}/mnt/container 0770 root root -" 77 + "d /var/lib/${cfg.packageOverriden.projectName}/mnt/source 0770 root root -" 34 78 ]; 35 79 }; 36 80
-73
pkgs/applications/virtualization/singularity/default.nix
··· 1 - { lib 2 - , fetchurl 3 - , util-linux 4 - , gpgme 5 - , openssl 6 - , libuuid 7 - , coreutils 8 - , which 9 - , makeWrapper 10 - , cryptsetup 11 - , squashfsTools 12 - , buildGoPackage}: 13 - 14 - with lib; 15 - 16 - buildGoPackage rec { 17 - pname = "singularity"; 18 - version = "3.8.7"; 19 - 20 - src = fetchurl { 21 - url = "https://github.com/hpcng/singularity/releases/download/v${version}/singularity-${version}.tar.gz"; 22 - sha256 = "sha256-Myny5YP4SoNDyywDgKHWy86vrn0eYztcvK33FD6shZs="; 23 - }; 24 - 25 - goPackagePath = "github.com/sylabs/singularity"; 26 - 27 - buildInputs = [ gpgme openssl libuuid ]; 28 - nativeBuildInputs = [ util-linux which makeWrapper cryptsetup ]; 29 - propagatedBuildInputs = [ coreutils squashfsTools ]; 30 - 31 - postPatch = '' 32 - substituteInPlace internal/pkg/build/files/copy.go \ 33 - --replace /bin/cp ${coreutils}/bin/cp 34 - ''; 35 - 36 - postConfigure = '' 37 - cd go/src/github.com/sylabs/singularity 38 - 39 - patchShebangs . 40 - sed -i 's|defaultPath := "[^"]*"|defaultPath := "${lib.makeBinPath propagatedBuildInputs}"|' cmd/internal/cli/actions.go 41 - 42 - ./mconfig -V ${version} -p $out --localstatedir=/var 43 - 44 - # Don't install SUID binaries 45 - sed -i 's/-m 4755/-m 755/g' builddir/Makefile 46 - ''; 47 - 48 - buildPhase = '' 49 - runHook preBuild 50 - make -C builddir 51 - runHook postBuild 52 - ''; 53 - 54 - installPhase = '' 55 - runHook preInstall 56 - make -C builddir install LOCALSTATEDIR=$out/var 57 - chmod 755 $out/libexec/singularity/bin/starter-suid 58 - 59 - # Explicitly configure paths in the config file 60 - sed -i 's|^# mksquashfs path =.*$|mksquashfs path = ${lib.makeBinPath [squashfsTools]}/mksquashfs|' $out/etc/singularity/singularity.conf 61 - sed -i 's|^# cryptsetup path =.*$|cryptsetup path = ${lib.makeBinPath [cryptsetup]}/cryptsetup|' $out/etc/singularity/singularity.conf 62 - 63 - runHook postInstall 64 - ''; 65 - 66 - meta = with lib; { 67 - homepage = "http://www.sylabs.io/"; 68 - description = "Application containers for linux"; 69 - license = licenses.bsd3; 70 - platforms = platforms.linux; 71 - maintainers = [ maintainers.jbedo ]; 72 - }; 73 - }
+222
pkgs/applications/virtualization/singularity/generic.nix
··· 1 + # Configurations that should only be overrided by 2 + # overrideAttrs 3 + { pname 4 + , version 5 + , src 6 + , projectName # "apptainer" or "singularity" 7 + , vendorHash ? null 8 + , deleteVendor ? false 9 + , proxyVendor ? false 10 + , extraConfigureFlags ? [ ] 11 + , extraDescription ? "" 12 + , extraMeta ? { } 13 + }: 14 + 15 + let 16 + # Workaround for vendor-related attributes not overridable (#86349) 17 + # should be removed when the issue is resolved 18 + _defaultGoVendorArgs = { 19 + inherit 20 + vendorHash 21 + deleteVendor 22 + proxyVendor 23 + ; 24 + }; 25 + in 26 + { lib 27 + , buildGoModule 28 + # Native build inputs 29 + , makeWrapper 30 + , pkg-config 31 + , util-linux 32 + , which 33 + # Build inputs 34 + , bash 35 + , conmon 36 + , coreutils 37 + , cryptsetup 38 + , fakeroot 39 + , go 40 + , gpgme 41 + , libseccomp 42 + , libuuid 43 + # This is for nvidia-container-cli 44 + , nvidia-docker 45 + , openssl 46 + , squashfsTools 47 + , squashfuse 48 + # Overridable configurations 49 + , enableNvidiaContainerCli ? true 50 + # Compile with seccomp support 51 + # SingularityCE 3.10.0 and above requires explicit --without-seccomp when libseccomp is not available. 52 + , enableSeccomp ? true 53 + # Whether the configure script treat SUID support as default 54 + , defaultToSuid ? true 55 + # Whether to compile with SUID support 56 + , enableSuid ? false 57 + , starterSuidPath ? null 58 + # Remove the symlinks to `singularity*` when projectName != "singularity" 59 + , removeCompat ? false 60 + # Workaround #86349 61 + # should be removed when the issue is resolved 62 + , vendorHash ? _defaultGoVendorArgs.vendorHash 63 + , deleteVendor ? _defaultGoVendorArgs.deleteVendor 64 + , proxyVendor ? _defaultGoVendorArgs.proxyVendor 65 + }: 66 + 67 + let 68 + defaultPathOriginal = "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin"; 69 + in 70 + buildGoModule { 71 + inherit pname version src; 72 + 73 + # Override vendorHash with the output got from 74 + # nix-prefetch -E "{ sha256 }: ((import ./. { }).apptainer.override { vendorHash = sha256; }).go-modules" 75 + # or with `null` when using vendored source tarball. 76 + inherit vendorHash deleteVendor proxyVendor; 77 + 78 + # go is used to compile extensions when building container images 79 + allowGoReference = true; 80 + 81 + strictDeps = true; 82 + 83 + passthru = { 84 + inherit 85 + enableSeccomp 86 + enableSuid 87 + projectName 88 + removeCompat 89 + starterSuidPath 90 + ; 91 + }; 92 + 93 + nativeBuildInputs = [ 94 + makeWrapper 95 + pkg-config 96 + util-linux 97 + which 98 + ]; 99 + 100 + buildInputs = [ 101 + bash # To patch /bin/sh shebangs. 102 + conmon 103 + cryptsetup 104 + gpgme 105 + libuuid 106 + openssl 107 + squashfsTools 108 + squashfuse 109 + ] 110 + ++ lib.optional enableNvidiaContainerCli nvidia-docker 111 + ++ lib.optional enableSeccomp libseccomp 112 + ; 113 + 114 + configureScript = "./mconfig"; 115 + 116 + configureFlags = [ 117 + "--localstatedir=/var/lib" 118 + "--runstatedir=/var/run" 119 + ] 120 + ++ lib.optional (!enableSeccomp) "--without-seccomp" 121 + ++ lib.optional (defaultToSuid && !enableSuid) "--without-suid" 122 + ++ lib.optional (!defaultToSuid && enableSuid) "--with-suid" 123 + ++ extraConfigureFlags 124 + ; 125 + 126 + # Packages to prefix to the Apptainer/Singularity container runtime default PATH 127 + # Use overrideAttrs to override 128 + defaultPathInputs = [ 129 + bash 130 + coreutils 131 + cryptsetup # cryptsetup 132 + go 133 + squashfsTools # mksquashfs unsquashfs # Make / unpack squashfs image 134 + squashfuse # squashfuse_ll squashfuse # Mount (without unpacking) a squashfs image without privileges 135 + ] 136 + ++ lib.optional enableNvidiaContainerCli nvidia-docker 137 + ; 138 + 139 + postPatch = '' 140 + if [[ ! -e .git || ! -e VERSION ]]; then 141 + echo "${version}" > VERSION 142 + fi 143 + # Patch shebangs for script run during build 144 + patchShebangs --build "$configureScript" makeit e2e scripts mlocal/scripts 145 + # Patching the hard-coded defaultPath by prefixing the packages in defaultPathInputs 146 + substituteInPlace cmd/internal/cli/actions.go \ 147 + --replace "defaultPath = \"${defaultPathOriginal}\"" "defaultPath = \"''${defaultPathInputs// /\/bin:}''${defaultPathInputs:+/bin:}${defaultPathOriginal}\"" 148 + ''; 149 + 150 + postConfigure = '' 151 + # Code borrowed from pkgs/stdenv/generic/setup.sh configurePhase() 152 + 153 + # set to empty if unset 154 + : ''${configureFlags=} 155 + 156 + # shellcheck disable=SC2086 157 + $configureScript -V ${version} "''${prefixKey:---prefix=}$prefix" $configureFlags "''${configureFlagsArray[@]}" 158 + 159 + # End of the code from pkgs/stdenv/generic/setup.sh configurPhase() 160 + ''; 161 + 162 + buildPhase = '' 163 + runHook preBuild 164 + make -C builddir -j"$NIX_BUILD_CORES" 165 + runHook postBuild 166 + ''; 167 + 168 + installPhase = '' 169 + runHook preInstall 170 + make -C builddir install LOCALSTATEDIR="$out/var/lib" 171 + runHook postInstall 172 + ''; 173 + 174 + postFixup = '' 175 + substituteInPlace "$out/bin/run-singularity" \ 176 + --replace "/usr/bin/env ${projectName}" "$out/bin/${projectName}" 177 + wrapProgram "$out/bin/${projectName}" \ 178 + --prefix PATH : "${lib.makeBinPath [ 179 + fakeroot 180 + squashfsTools # Singularity (but not Apptainer) expects unsquashfs from the host PATH 181 + ]}" 182 + # Make changes in the config file 183 + ${lib.optionalString enableNvidiaContainerCli '' 184 + substituteInPlace "$out/etc/${projectName}/${projectName}.conf" \ 185 + --replace "use nvidia-container-cli = no" "use nvidia-container-cli = yes" 186 + ''} 187 + ${lib.optionalString (removeCompat && (projectName != "singularity")) '' 188 + unlink "$out/bin/singularity" 189 + for file in "$out"/share/man/man?/singularity*.gz; do 190 + if [[ -L "$file" ]]; then 191 + unlink "$file" 192 + fi 193 + done 194 + for file in "$out"/share/*-completion/completions/singularity; do 195 + if [[ -e "$file" ]] 196 + rm "$file" 197 + done 198 + ''} 199 + ${lib.optionalString enableSuid (lib.warnIf (isNull starterSuidPath) "${projectName}: Null starterSuidPath when enableSuid produces non-SUID-ed starter-suid and run-time permission denial." '' 200 + chmod +x $out/libexec/${projectName}/bin/starter-suid 201 + '')} 202 + ${lib.optionalString (enableSuid && !isNull starterSuidPath) '' 203 + mv "$out"/libexec/${projectName}/bin/starter-suid{,.orig} 204 + ln -s ${lib.escapeShellArg starterSuidPath} "$out/libexec/${projectName}/bin/starter-suid" 205 + ''} 206 + ''; 207 + 208 + meta = with lib; { 209 + description = "Application containers for linux" + extraDescription; 210 + longDescription = '' 211 + Singularity (the upstream) renamed themselves to Apptainer 212 + to distinguish themselves from a fork made by Sylabs Inc.. See 213 + 214 + https://sylabs.io/2021/05/singularity-community-edition 215 + https://apptainer.org/news/community-announcement-20211130 216 + ''; 217 + license = licenses.bsd3; 218 + platforms = platforms.linux; 219 + maintainers = with maintainers; [ jbedo ShamrockLee ]; 220 + mainProgram = projectName; 221 + } // extraMeta; 222 + }
+70
pkgs/applications/virtualization/singularity/packages.nix
··· 1 + { callPackage 2 + , fetchFromGitHub 3 + , conmon 4 + }: 5 + 6 + { 7 + apptainer = callPackage 8 + (import ./generic.nix rec { 9 + pname = "apptainer"; 10 + # TODO: Upgrade to 1.1.4 only after https://github.com/apptainer/apptainer/pull/967 get merge 11 + # and https://github.com/apptainer/apptainer/issues/958 get fixed 12 + version = "1.1.3"; 13 + projectName = "apptainer"; 14 + 15 + src = fetchFromGitHub { 16 + owner = "apptainer"; 17 + repo = "apptainer"; 18 + rev = "v${version}"; 19 + hash = "sha256-QFg6RC77OE/a6Qlzn6Zi5I7Iaq/U3/m0eI9yLArzuNc="; 20 + }; 21 + 22 + # Update by running 23 + # nix-prefetch -E "{ sha256 }: ((import ./. { }).apptainer.override { vendorHash = sha256; }).go-modules" 24 + # at the root directory of the Nixpkgs repository 25 + vendorHash = "sha256-tAnh7A8Lw5KtY7hq+sqHMEUlgXvgeeCKKIfRZFoRtug="; 26 + 27 + extraDescription = " (previously known as Singularity)"; 28 + extraMeta.homepage = "https://apptainer.org"; 29 + }) 30 + { 31 + # Apptainer doesn't depend on conmon 32 + conmon = null; 33 + 34 + # defaultToSuid becomes false since Apptainer 1.1.0 35 + # https://github.com/apptainer/apptainer/pull/495 36 + # https://github.com/apptainer/apptainer/releases/tag/v1.1.0 37 + defaultToSuid = false; 38 + }; 39 + 40 + singularity = callPackage 41 + (import ./generic.nix rec { 42 + pname = "singularity-ce"; 43 + version = "3.10.4"; 44 + projectName = "singularity"; 45 + 46 + src = fetchFromGitHub { 47 + owner = "sylabs"; 48 + repo = "singularity"; 49 + rev = "v${version}"; 50 + hash = "sha256-bUnQXQVwaVA3Lkw3X9TBWqNBgiPxAVCHnkq0vc+CIsM="; 51 + }; 52 + 53 + # Update by running 54 + # nix-prefetch -E "{ sha256 }: ((import ./. { }).singularity.override { vendorHash = sha256; }).go-modules" 55 + # at the root directory of the Nixpkgs repository 56 + vendorHash = "sha256-K8helLcOuz3E4LzBE9y3pnZqwdwhO/iMPTN1o22ipVg="; 57 + 58 + # Do not build conmon from the Git submodule source, 59 + # Use Nixpkgs provided version 60 + extraConfigureFlags = [ 61 + "--without-conmon" 62 + ]; 63 + 64 + extraDescription = " (Sylabs Inc's fork of Singularity, a.k.a. SingularityCE)"; 65 + extraMeta.homepage = "https://sylabs.io/"; 66 + }) 67 + { 68 + defaultToSuid = true; 69 + }; 70 + }
+18 -11
pkgs/build-support/singularity-tools/default.nix
··· 23 23 mkLayer = 24 24 { name 25 25 , contents ? [ ] 26 - , 26 + # May be "apptainer" instead of "singularity" 27 + , projectName ? (singularity.projectName or "singularity") 27 28 }: 28 - runCommand "singularity-layer-${name}" 29 + runCommand "${projectName}-layer-${name}" 29 30 { 30 31 inherit contents; 31 32 } '' ··· 36 37 ''; 37 38 38 39 buildImage = 40 + let 41 + defaultSingularity = singularity; 42 + in 39 43 { name 40 44 , contents ? [ ] 41 45 , diskSize ? 1024 42 46 , runScript ? "#!${stdenv.shell}\nexec /bin/sh" 43 47 , runAsRoot ? null 44 48 , memSize ? 512 49 + , singularity ? defaultSingularity 45 50 }: 46 51 let 52 + projectName = singularity.projectName or "singularity"; 47 53 layer = mkLayer { 48 54 inherit name; 49 55 contents = contents ++ [ bash runScriptFile ]; 56 + inherit projectName; 50 57 }; 51 58 runAsRootFile = shellScript "run-as-root.sh" runAsRoot; 52 59 runScriptFile = shellScript "run-script.sh" runScript; 53 60 result = vmTools.runInLinuxVM ( 54 - runCommand "singularity-image-${name}.img" 61 + runCommand "${projectName}-image-${name}.img" 55 62 { 56 63 buildInputs = [ singularity e2fsprogs util-linux gawk ]; 57 64 layerClosure = writeReferencesToFile layer; 58 65 preVM = vmTools.createEmptyImage { 59 66 size = diskSize; 60 - fullName = "singularity-run-disk"; 67 + fullName = "${projectName}-run-disk"; 61 68 }; 62 69 inherit memSize; 63 70 } ··· 96 103 if [ ! -e bin/sh ]; then 97 104 ln -s ${runtimeShell} bin/sh 98 105 fi 99 - mkdir -p .singularity.d 100 - ln -s ${runScriptFile} .singularity.d/runscript 106 + mkdir -p .${projectName}.d 107 + ln -s ${runScriptFile} .${projectName}.d/runscript 101 108 102 - # Fill out .singularity.d 103 - mkdir -p .singularity.d/env 104 - touch .singularity.d/env/94-appsbase.sh 109 + # Fill out .${projectName}.d 110 + mkdir -p .${projectName}.d/env 111 + touch .${projectName}.d/env/94-appsbase.sh 105 112 106 113 cd .. 107 - mkdir -p /var/singularity/mnt/{container,final,overlay,session,source} 114 + mkdir -p /var/lib/${projectName}/mnt/{container,final,overlay,session,source} 108 115 echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd 109 116 echo > /etc/resolv.conf 110 - TMPDIR=$(pwd -P) singularity build $out ./img 117 + TMPDIR=$(pwd -P) ${projectName} build $out ./img 111 118 ''); 112 119 113 120 in
+3 -1
pkgs/top-level/all-packages.nix
··· 30196 30196 30197 30197 shepherd = nodePackages."@nerdwallet/shepherd"; 30198 30198 30199 - singularity = callPackage ../applications/virtualization/singularity { }; 30199 + inherit (callPackage ../applications/virtualization/singularity/packages.nix { }) 30200 + apptainer 30201 + singularity; 30200 30202 30201 30203 skate = callPackage ../applications/misc/skate { }; 30202 30204