2024-04-26 21:11:47 +00:00
|
|
|
{ nixpkgs, flutils, ... }: flutils.lib.eachDefaultSystem (system:
|
|
|
|
|
let
|
|
|
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
|
|
|
|
|
|
|
|
nixFromDockerHub = pkgs.dockerTools.pullImage {
|
|
|
|
|
imageName = "nixos/nix";
|
|
|
|
|
imageDigest = "sha256:b3dc72ab3216606d52357ee46f0830a0cc32f3e50e00bd490efa1a8304e9f99d";
|
|
|
|
|
sha256 = "sha256-FvDlbSnCmPtWTn4eG3hu8WVK1Wm3RSi2T+CdmIDLkG4=";
|
|
|
|
|
finalImageTag = "2.22.0";
|
|
|
|
|
finalImageName = "nix";
|
|
|
|
|
};
|
2024-04-28 15:03:58 +00:00
|
|
|
|
|
|
|
|
nixConf = pkgs.writeText "nix.conf" ''
|
|
|
|
|
build-users-group = nixbld
|
|
|
|
|
sandbox = false
|
|
|
|
|
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
|
|
|
|
|
experimental-features = nix-command flakes
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
nixConfDrv = pkgs.stdenv.mkDerivation {
|
|
|
|
|
name = "nix.conf";
|
|
|
|
|
dontUnpack = true;
|
2024-04-28 18:17:08 +00:00
|
|
|
installPhase = ''
|
|
|
|
|
install -Dm755 ${nixConf} $out/etc/nix/nix.conf
|
|
|
|
|
'';
|
2024-04-28 15:03:58 +00:00
|
|
|
};
|
2024-04-26 21:11:47 +00:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
packages.forgejo-nix-action = pkgs.dockerTools.buildImage {
|
|
|
|
|
name = "forgejo-nix-action";
|
|
|
|
|
tag = "latest";
|
|
|
|
|
fromImage = nixFromDockerHub;
|
2024-04-27 20:38:01 +00:00
|
|
|
|
2024-04-26 21:11:47 +00:00
|
|
|
copyToRoot = pkgs.buildEnv {
|
|
|
|
|
name = "image-root";
|
2024-04-28 18:17:08 +00:00
|
|
|
# TODO: Maybe we don't even want these binaries in the base image, but run everything through nix-run?
|
|
|
|
|
paths = with pkgs; [ coreutils attic-client skopeo nixConfDrv ];
|
|
|
|
|
pathsToLink = [ "/bin" "/etc" ];
|
2024-04-26 21:11:47 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
})
|
