From 3c5574e281ebad287c13fc40efff032122b14ce6 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Fri, 10 Nov 2023 18:20:41 +0100 Subject: [PATCH] feat: convert to flake, based on https://icewind.nl/entry/gitea-actions-nix/ --- README.md | 15 +++++- default.nix | 34 ------------- flake.lock | 134 ++++++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 72 ++++++++++++++++++++++++++++ 4 files changed, 219 insertions(+), 36 deletions(-) delete mode 100644 default.nix create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/README.md b/README.md index 0cb957e..aa5b411 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,24 @@ # nix-flakes-node docker image +Heavily based on: +- https://icewind.nl/entry/gitea-actions-nix/ + How to build: ``` -docker load --input $(nix-build default.nix) +nix build .#runner +image=$((docker load < ./result) | sed -n '$s/^Loaded image: //p') +docker tag "$image" nix-flakes-node:latest +``` + +Push to forgejo docker registry: +``` +docker login git.pub.solar +docker tag nix-flakes-node:latest git.pub.solar/pub-solar/nix-flakes-node:latest +docker push git.pub.solar/pub-solar/nix-flakes-node:latest ``` How to test: ``` -docker tag nix-flakes-node:ghyn1438kgxp09pxlpg6xakyw2fkjyhi nix-flakes-node:latest docker run -it --rm nix-flakes-node:latest bash bash-5.2# node diff --git a/default.nix b/default.nix deleted file mode 100644 index 26508f1..0000000 --- a/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ pkgs ? import { } - -, pkgsLinux ? import { system = "x86_64-linux"; } - -}: -let - nixFlakesImage = pkgs.dockerTools.pullImage { - imageName = "docker.nix-community.org/nixpkgs/nix-flakes"; - imageDigest = "sha256:c564622ed14cccc8c5faa93d2540da29101200f41c442c824da83f54d4915a40"; - sha256 = "15zkpmcrzqplz3fyi5z3gbjag19k627lszdvl93i2rb3ajkbvch6"; - finalImageName = "docker.nix-community.org/nixpkgs/nix-flakes"; - finalImageTag = "latest"; - os = "linux"; - arch = "x86_64"; -}; -in - -pkgs.dockerTools.buildImage { - - name = "nix-flakes-node"; - - fromImage = nixFlakesImage; - fromImageTag = "latest"; - - copyToRoot = pkgs.buildEnv { - name = "image-root"; - paths = [ pkgsLinux.nodejs_20 ]; - pathsToLink = [ "/bin" ]; - }; - - config = { - Cmd = [ "/bin/bash" ]; - }; -} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..3f108cc --- /dev/null +++ b/flake.lock @@ -0,0 +1,134 @@ +{ + "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "flake-compat": "flake-compat", + "lowdown-src": "lowdown-src", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1696259154, + "narHash": "sha256-WNmifcTsN9aG1ONkv+l2BC4sHZZxtNKy0keqBHXXQ7w=", + "owner": "nixos", + "repo": "nix", + "rev": "f5f4de6a550327b4b1a06123c2e450f1b92c73b6", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "2.18.1", + "repo": "nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1699291058, + "narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "41de143fda10e33be0f47eab2bfe08a50f234267", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nix": "nix", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..03e1d86 --- /dev/null +++ b/flake.nix @@ -0,0 +1,72 @@ +{ + description = "Base image with nix for forgejo-actions-runner"; + + inputs = { + nix.url = "github:/nixos/nix?ref=2.18.1"; # Using nix 2.18.1 + nix.inputs.nixpkgs.follows = "nixpkgs"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; # Stable NixOS 23.05 for our packages + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = { + self, + flake-utils, + nix, + nixpkgs, + ... + }: + flake-utils.lib.eachDefaultSystem (system: let + pkgs = (import nixpkgs) { + inherit system; + }; + lib = pkgs.lib; + in rec { + packages = rec { + # A modified version of the nixos/nix image + # re-using the upstream nix docker image generation code + # https://github.com/NixOS/nix/blob/2.18.1/docker.nix + base = import (nix + "/docker.nix") { + inherit pkgs; + name = "nix-ci-base"; + maxLayers = 10; + extraPkgs = with pkgs; [ + nodejs_20 # Node.js is needed for running most 3rd party actions + # Add any other pre-installed packages here + ]; + # Change this if you want + channelURL = "https://nixos.org/channels/nixpkgs-23.05"; + nixConf = { + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + # Insert any other binary caches here + "https://pub-solar.cachix.org/" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + # Insert the public keys for those binary caches here + "pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos=" + ]; + # Allow using the new flake commands in our workflows + experimental-features = ["nix-command" "flakes"]; + }; + }; + # Make /bin/ available on the image + runner = pkgs.dockerTools.buildImage { + name = "nix-runner"; + tag = "latest"; + + fromImage = base; + fromImageName = null; + fromImageTag = "latest"; + + copyToRoot = pkgs.buildEnv { + name = "image-root"; + paths = [pkgs.coreutils-full]; + pathsToLink = ["/bin"]; # add coreutuls (which includes sleep) to /bin + }; + }; + }; + }); +}