feat: convert to flake, based on

https://icewind.nl/entry/gitea-actions-nix/
This commit is contained in:
teutat3s 2023-11-10 18:20:41 +01:00
parent ed1e7dbbd7
commit 3c5574e281
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
4 changed files with 219 additions and 36 deletions

View file

@ -1,13 +1,24 @@
# nix-flakes-node docker image
Heavily based on:
- https://icewind.nl/entry/gitea-actions-nix/
How to build:
```
docker load --input $(nix-build default.nix)
nix build .#runner
image=$((docker load < ./result) | sed -n '$s/^Loaded image: //p')
docker tag "$image" nix-flakes-node:latest
```
Push to forgejo docker registry:
```
docker login git.pub.solar
docker tag nix-flakes-node:latest git.pub.solar/pub-solar/nix-flakes-node:latest
docker push git.pub.solar/pub-solar/nix-flakes-node:latest
```
How to test:
```
docker tag nix-flakes-node:ghyn1438kgxp09pxlpg6xakyw2fkjyhi nix-flakes-node:latest
docker run -it --rm nix-flakes-node:latest bash
bash-5.2# node

View file

@ -1,34 +0,0 @@
{ pkgs ? import <nixpkgs> { }
, pkgsLinux ? import <nixpkgs> { system = "x86_64-linux"; }
}:
let
nixFlakesImage = pkgs.dockerTools.pullImage {
imageName = "docker.nix-community.org/nixpkgs/nix-flakes";
imageDigest = "sha256:c564622ed14cccc8c5faa93d2540da29101200f41c442c824da83f54d4915a40";
sha256 = "15zkpmcrzqplz3fyi5z3gbjag19k627lszdvl93i2rb3ajkbvch6";
finalImageName = "docker.nix-community.org/nixpkgs/nix-flakes";
finalImageTag = "latest";
os = "linux";
arch = "x86_64";
};
in
pkgs.dockerTools.buildImage {
name = "nix-flakes-node";
fromImage = nixFlakesImage;
fromImageTag = "latest";
copyToRoot = pkgs.buildEnv {
name = "image-root";
paths = [ pkgsLinux.nodejs_20 ];
pathsToLink = [ "/bin" ];
};
config = {
Cmd = [ "/bin/bash" ];
};
}

134
flake.lock Normal file
View file

@ -0,0 +1,134 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
"lastModified": 1633514407,
"narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
"owner": "kristapsdz",
"repo": "lowdown",
"rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
"type": "github"
},
"original": {
"owner": "kristapsdz",
"repo": "lowdown",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": "flake-compat",
"lowdown-src": "lowdown-src",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1696259154,
"narHash": "sha256-WNmifcTsN9aG1ONkv+l2BC4sHZZxtNKy0keqBHXXQ7w=",
"owner": "nixos",
"repo": "nix",
"rev": "f5f4de6a550327b4b1a06123c2e450f1b92c73b6",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "2.18.1",
"repo": "nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1699291058,
"narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "41de143fda10e33be0f47eab2bfe08a50f234267",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nix": "nix",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

72
flake.nix Normal file
View file

@ -0,0 +1,72 @@
{
description = "Base image with nix for forgejo-actions-runner";
inputs = {
nix.url = "github:/nixos/nix?ref=2.18.1"; # Using nix 2.18.1
nix.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; # Stable NixOS 23.05 for our packages
flake-utils.url = "github:numtide/flake-utils";
};
outputs = {
self,
flake-utils,
nix,
nixpkgs,
...
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = (import nixpkgs) {
inherit system;
};
lib = pkgs.lib;
in rec {
packages = rec {
# A modified version of the nixos/nix image
# re-using the upstream nix docker image generation code
# https://github.com/NixOS/nix/blob/2.18.1/docker.nix
base = import (nix + "/docker.nix") {
inherit pkgs;
name = "nix-ci-base";
maxLayers = 10;
extraPkgs = with pkgs; [
nodejs_20 # Node.js is needed for running most 3rd party actions
# Add any other pre-installed packages here
];
# Change this if you want
channelURL = "https://nixos.org/channels/nixpkgs-23.05";
nixConf = {
substituters = [
"https://cache.nixos.org/"
"https://nix-community.cachix.org"
# Insert any other binary caches here
"https://pub-solar.cachix.org/"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
# Insert the public keys for those binary caches here
"pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos="
];
# Allow using the new flake commands in our workflows
experimental-features = ["nix-command" "flakes"];
};
};
# Make /bin/ available on the image
runner = pkgs.dockerTools.buildImage {
name = "nix-runner";
tag = "latest";
fromImage = base;
fromImageName = null;
fromImageTag = "latest";
copyToRoot = pkgs.buildEnv {
name = "image-root";
paths = [pkgs.coreutils-full];
pathsToLink = ["/bin"]; # add coreutuls (which includes sleep) to /bin
};
};
};
});
}