{ pkgs ? import (builtins.fetchTarball "https://d3g5gsiof5omrk.cloudfront.net/nixos/unstable-small/nixos-18.03pre115143.c7a152e5d0/nixexprs.tar.xz") {} }:

with pkgs;
let
  redis = pkgs.redis.overrideDerivation (attrs: rec {
    version = "4.0.1";
    name = "redis-${version}";
    src = fetchurl {
      url = "http://download.redis.io/releases/${name}.tar.gz";
      sha256 = "14bm8lkhylc93r4dgl7kkzzpw2xq7gr6w6h80n3jazqnx5mcsj90";
    };
  });

in
dockerTools.buildImage {
  name = "redis";
  tag = redis.version;

  runAsRoot = ''
    #!${stdenv.shell}
    ${dockerTools.shadowSetup}
    groupadd -r redis
    useradd -r -g redis -d /data -M redis
    mkdir /data
    chown redis:redis /data
  '';

  config = {
    Entrypoint = [
      "${su-exec}/bin/su-exec"
      "redis"
      "${redis}/bin/redis-server"
      # Docker-compose is in charge of mounting this config file
      "/data/redis.conf"
    ];
    # Exposed ports is unique per host
    # ExposedPorts = {
    #   "6379/tcp" = {};
    # };
    WorkingDir = "/data";
    Volumes = {
      "/data" = {};
    };
  };
}