nix-flakes-node/flake.nix

{
  description = "Base image with nix for forgejo-actions-runner";

  inputs = {
    nix.url = "github:/nixos/nix?ref=2.18.1"; # Using nix 2.18.1
    nix.inputs.nixpkgs.follows = "nixpkgs";
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; # Stable NixOS 23.05 for our packages
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs = {
    self,
    flake-utils,
    nix,
    nixpkgs,
    ...
  }:
    flake-utils.lib.eachDefaultSystem (system: let
      pkgs = (import nixpkgs) {
        inherit system;
      };
      lib = pkgs.lib;
    in rec {
      packages = rec {
        # A modified version of the nixos/nix image
        # re-using the upstream nix docker image generation code
        # https://github.com/NixOS/nix/blob/2.18.1/docker.nix
        base = import (nix + "/docker.nix") {
          inherit pkgs;
          name = "nix-ci-base";
          maxLayers = 10;
          extraPkgs = with pkgs; [
            nodejs_20 # Node.js is needed for running most 3rd party actions
            # Add any other pre-installed packages here
          ];
          # Change this if you want
          channelURL = "https://nixos.org/channels/nixpkgs-23.05";
          nixConf = {
            substituters = [
              "https://cache.nixos.org/"
              "https://nix-community.cachix.org"
              # Insert any other binary caches here
              "https://pub-solar.cachix.org/"
            ];
            trusted-public-keys = [
              "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
              "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
              # Insert the public keys for those binary caches here
              "pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos="
            ];
            # Allow using the new flake commands in our workflows
            experimental-features = ["nix-command" "flakes"]; 
          };
        };
        # Make /bin/ available on the image
        runner = pkgs.dockerTools.buildImage {
          name = "nix-runner";
          tag = "latest";
        
          fromImage = base;
          fromImageName = null;
          fromImageTag = "latest";
        
          copyToRoot = pkgs.buildEnv {
            name = "image-root";
            paths = [pkgs.coreutils-full];
            pathsToLink = ["/bin"]; # add coreutuls (which includes sleep) to /bin
          };
        };
      };
    });
}