mirror of
https://git.sr.ht/~magic_rb/cluster
synced 2024-11-25 09:36:14 +01:00
Simple base nix container, which interacts with the host nix daemon (CI/CD?)
This commit is contained in:
parent
594065f99b
commit
b64813c4c5
24
docker/nix/default.nix
Normal file
24
docker/nix/default.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{ pkgs, system, nixpkgs, ... }:
|
||||
let
|
||||
bashLib = ../bash-lib;
|
||||
init = pkgs.writeShellScriptBin "init" (builtins.readFile ./init);
|
||||
conf = pkgs.writeText "conf" ''
|
||||
_prog_busybox="${pkgs.busybox}"
|
||||
_prog_bashlib="${bashLib}"
|
||||
_prog_bash="${pkgs.bash}"
|
||||
_prog_nix="${pkgs.nixFlakes}"
|
||||
|
||||
_conf_nixpkgs="${nixpkgs}"
|
||||
_conf_cacert="${pkgs.cacert}"
|
||||
_conf_user_uid="1000"
|
||||
_conf_user_gid="1000"
|
||||
'';
|
||||
in
|
||||
pkgs.dockerTools.buildLayeredImage {
|
||||
name = "nix";
|
||||
tag = "latest";
|
||||
|
||||
config = {
|
||||
Entrypoint = [ "${init}/bin/init" "${conf}" ];
|
||||
};
|
||||
}
|
45
docker/nix/init
Normal file
45
docker/nix/init
Normal file
|
@ -0,0 +1,45 @@
|
|||
# -*- mode: shell-script; -*-
|
||||
|
||||
conf=$1 ; shift 1
|
||||
source $conf
|
||||
|
||||
source $_prog_bashlib/main.bash
|
||||
|
||||
$_prog_busybox/bin/cat << EOF
|
||||
### Nix Image Manual
|
||||
# You may place a \`main.bash\` file at \`/main.bash\`, if it's there it will be executed, otherwise an interactive shell will be spawned
|
||||
|
||||
/nix/var/nix/db
|
||||
/nix/var/nix/daemon-socket
|
||||
/nix/store-host
|
||||
|
||||
EOF
|
||||
|
||||
(
|
||||
set -e
|
||||
echo "root:x:0:0:Nix:/:$_prog_bash/bin/bash" > /etc/passwd
|
||||
echo "root:x:0:" > /etc/group
|
||||
) || echo_exit "Failed to create user and group!"
|
||||
|
||||
mkdir_chown /tmp 0 0
|
||||
|
||||
if [[ -d "/nix/store-host" ]]
|
||||
then
|
||||
$_prog_busybox/bin/mount -t overlay overlay -o lowerdir=/nix/store:/nix/store-host /nix/store
|
||||
export NIX_REMOTE=daemon
|
||||
else
|
||||
echo_exit "You must link the host nix store"
|
||||
fi
|
||||
|
||||
export PATH=$_prog_bash/bin:$_prog_nix/bin:$_prog_busybox/bin \
|
||||
NIX_PATH=nixpkgs=$_conf_nixpkgs \
|
||||
NIX_SSL_CERT_FILE=$_conf_cacert/etc/ssl/certs/ca-bundle.crt
|
||||
|
||||
if [[ -f /main.bash ]]
|
||||
then
|
||||
$_prog_bash/bin/bash /main.bash $@
|
||||
else
|
||||
$_prog_bash/bin/bash
|
||||
fi
|
||||
|
||||
# nix --experimental-features 'nix-command flakes' build github:edolstra/dwarffs
|
Loading…
Reference in a new issue