fix home folder name

src/bootstrap/bootstrap/Dockerfile

@@ -20,30 +20,33 @@ RUN set -eux; \
     mv lrvick-live-bootstrap-* live-bootstrap
 WORKDIR live-bootstrap
 RUN ./download-distfiles.sh
+
+FROM fetch as config
 RUN set -eux; \
     mkdir -p /rootfs/external; \
     mv steps seed/* /rootfs/; \
-    mv distfiles /rootfs/external/
+    mv distfiles /rootfs/external/; \
-RUN echo "\
+    export CORES=$(nproc --all); \
+    echo "\
 FORCE_TIMESTAMPS=False\n\
 CHROOT=True\n\
 UPDATE_CHECKSUMS=False\n\
-JOBS=10\n\
+JOBS=${CORES}\n\
 SWAP_SIZE=0\n\
-FINAL_JOBS=10\n\
+FINAL_JOBS=${CORES}\n\
 INTERNAL_CI=False\n\
 INTERACTIVE=False\n\
 BARE_METAL=False\n\
 EXTERNAL_SOURCES=True\n\
 DISK=sda1\n\
 KERNEL_BOOTSTRAP=False\n\
-BUILD_KERNELS=False\
+BUILD_KERNELS=False" \
-" > /rootfs/steps/bootstrap.cfg
+    > /rootfs/steps/bootstrap.cfg
 RUN touch /rootfs/steps/lwext4-1.0.0-lb1/files/fiwix-file-list.txt
 
 FROM scratch as build
 COPY --from=stage0 / .
-COPY --from=fetch /rootfs .
+COPY --from=config /rootfs .
 ENV ARCH_DIR=x86
 ENV ARCH=x86
 RUN ["/x86/bin/kaem","--verbose","--strict","--file","./after.kaem"]
@@ -53,6 +56,7 @@ ENV PATH=/bin:/usr/sbin:/usr/bin
 RUN set -eux; \
     rm -rf /usr/lib/python*/__pycache__; \
     mkdir -p /rootfs/etc /rootfs/home/user; \
+    chown -R 1000:1000 /rootfs/home/user; \
     cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/; \
     cp -R lib usr bin var /rootfs/; \
     echo "user:x:1000:" > /rootfs/etc/group; \

src/macros.mk

@@ -32,6 +32,7 @@ define build
 			-t $(REGISTRY)/$(NAME):$(VERSION) \
 			--build-arg REGISTRY=$(REGISTRY) \
 			--platform $(PLATFORM) \
+			--network=host \
 			--progress=plain \
 			$(if $(filter latest,$(VERSION)),,--build-arg VERSION=$(VERSION)) \
 			--target $(TARGET) \

src/tools/build.mk

@@ -12,3 +12,8 @@ out/tofu.tgz: \
 	out/busybox.tgz \
 	out/go.tgz
 	$(call build,tools,tofu)
+
+out/sops.tgz: \
+	out/busybox.tgz \
+	out/go.tgz
+	$(call build,tools,sops)

src/tools/sops/Dockerfile

@@ -0,0 +1,46 @@
+
+ARG REGISTRY=local
+FROM ${REGISTRY}/go:latest as go
+FROM ${REGISTRY}/busybox:latest as busybox 
+FROM ${REGISTRY}/ca-certificates:latest as ca-certificates
+
+FROM busybox as base
+ENV VERSION=3.8.1
+ENV SRC_SITE=https://github.com/getsops/sops/archive/refs/tags
+ENV SRC_HASH=5ca70fb4f96797d09012c705a5bb935835896de7bcd063b98d498912b0e645a0
+RUN echo ${SRC_SITE}/${VERSION}.tar.gz
+
+FROM base as fetch
+COPY --from=go . /
+COPY --from=ca-certificates . /
+
+RUN set -eux; \
+    wget ${SRC_SITE}/v${VERSION}.tar.gz; \
+    echo "${SRC_HASH}  v${VERSION}.tar.gz" | sha256sum -c; 
+
+FROM fetch as build
+RUN tar -xvf v${VERSION}.tar.gz
+WORKDIR sops-${VERSION}
+ENV PWD=/home/user/sops-${VERSION}
+ENV GOPATH=${PWD}/cache/go
+ENV GOCACHE=${PWD}/cache/
+ENV GOWORK=off
+ENV GOPROXY=https://proxy.golang.org,direct
+ENV GOSUMDB=sum.golang.org
+
+ENV CGO_ENABLED=0
+ENV GOHOSTOS=linux
+ENV GOHOSTARCH=amd64
+ENV GOFLAGS=-trimpath 
+RUN mkdir -p ${GOPATH}
+RUN go build -o bin/sops ./cmd/sops
+
+from build as install
+USER 0:0
+RUN mkdir -p /rootfs/usr/bin/
+RUN cp bin/sops /rootfs/usr/bin/
+
+FROM scratch as package
+COPY --from=install /rootfs/ /
+ENTRYPOINT ["/usr/bin/sops"]
+CMD ["--version"]