parent
51aee7dd00
commit
03eb98ca7e
2 changed files with 119 additions and 280 deletions
206
flake.lock
generated
206
flake.lock
generated
|
@ -1,65 +1,20 @@
|
|||
{
|
||||
"nodes": {
|
||||
"attic": {
|
||||
"inputs": {
|
||||
"crane": "crane",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-parts": "flake-parts",
|
||||
"nix-github-actions": "nix-github-actions",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1738524606,
|
||||
"narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"crane": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"attic",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722960479,
|
||||
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"determinate-nix": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"flake-parts": "flake-parts",
|
||||
"git-hooks-nix": "git-hooks-nix",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-23-11": "nixpkgs-23-11",
|
||||
"nixpkgs-regression": "nixpkgs-regression"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1745615317,
|
||||
"narHash": "sha256-dvZLk1eqFsiIVJGSgNPqdCmlMFTSZ6QyVi0yavjEvsc=",
|
||||
"rev": "234f790d6200eb1d4917e73aa301a08c92d3953d",
|
||||
"revCount": 20158,
|
||||
"lastModified": 1748909153,
|
||||
"narHash": "sha256-A/yjYc+vdkjvw3xI7qgfYRI+jzyiW9Ay6JPhGu1gFyo=",
|
||||
"rev": "a18fd9b131eb713eba11a746beb3d79628016936",
|
||||
"revCount": 20936,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.4.0/01966f00-97a8-7bef-b00a-bd9325329c98/source.tar.gz"
|
||||
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.6.2/01973342-bafd-782a-bbcf-6606879c0df6/source.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
|
@ -67,22 +22,6 @@
|
|||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1733328505,
|
||||
|
@ -99,27 +38,6 @@
|
|||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"attic",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts_2": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"determinate-nix",
|
||||
|
@ -140,29 +58,9 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"git-hooks-nix": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"determinate-nix"
|
||||
],
|
||||
"flake-compat": "flake-compat",
|
||||
"gitignore": [
|
||||
"determinate-nix"
|
||||
],
|
||||
|
@ -189,39 +87,18 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-github-actions": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"attic",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729742964,
|
||||
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-github-actions",
|
||||
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-github-actions",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1726042813,
|
||||
"narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=",
|
||||
"lastModified": 1747179050,
|
||||
"narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "159be5db480d1df880a0135ca0bfed84c2f88353",
|
||||
"rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -258,75 +135,26 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1724316499,
|
||||
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1734359947,
|
||||
"narHash": "sha256-1Noao/H+N8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "48d12d5e70ee91fe8481378e540433a7303dbf6a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-24.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1744440957,
|
||||
"narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=",
|
||||
"lastModified": 1749024892,
|
||||
"narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d",
|
||||
"rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.11",
|
||||
"ref": "nixos-25.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"attic": "attic",
|
||||
"determinate-nix": "determinate-nix",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
193
flake.nix
193
flake.nix
|
@ -2,11 +2,7 @@
|
|||
description = "Docker with Nix + Attic preinstalled";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-24.11";
|
||||
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
|
||||
attic.url = "github:zhaofengli/attic";
|
||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05";
|
||||
|
||||
determinate-nix.url = "https://flakehub.com/f/DeterminateSystems/nix-src/*";
|
||||
};
|
||||
|
@ -15,101 +11,116 @@
|
|||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
flake-utils,
|
||||
attic,
|
||||
determinate-nix,
|
||||
}:
|
||||
flake-utils.lib.eachDefaultSystem (
|
||||
system:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
attic.overlays.default
|
||||
];
|
||||
};
|
||||
let
|
||||
supportedSystems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
];
|
||||
|
||||
gitReallyMinimal =
|
||||
(pkgs.git.override {
|
||||
perlSupport = false;
|
||||
pythonSupport = false;
|
||||
withManual = false;
|
||||
withpcre2 = false;
|
||||
}).overrideAttrs
|
||||
(_: {
|
||||
# installCheck is broken when perl is disabled
|
||||
doInstallCheck = false;
|
||||
});
|
||||
in
|
||||
{
|
||||
packages.default = pkgs.dockerTools.buildImageWithNixDb {
|
||||
name = "docker-attic-nix";
|
||||
tag = "latest";
|
||||
forEachSupportedSystems =
|
||||
f:
|
||||
nixpkgs.lib.genAttrs supportedSystems (
|
||||
system:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
(final: prev: {
|
||||
nix = determinate-nix.packages.${pkgs.stdenv.system}.default;
|
||||
})
|
||||
];
|
||||
};
|
||||
in
|
||||
f { inherit pkgs system; }
|
||||
);
|
||||
in
|
||||
{
|
||||
packages = forEachSupportedSystems (
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
gitReallyMinimal =
|
||||
(pkgs.git.override {
|
||||
perlSupport = false;
|
||||
pythonSupport = false;
|
||||
withManual = false;
|
||||
withpcre2 = false;
|
||||
}).overrideAttrs
|
||||
(_: {
|
||||
# installCheck is broken when perl is disabled
|
||||
doInstallCheck = false;
|
||||
});
|
||||
in
|
||||
{
|
||||
default = pkgs.dockerTools.buildImageWithNixDb {
|
||||
name = "docker-attic-nix";
|
||||
tag = "latest";
|
||||
|
||||
copyToRoot =
|
||||
[
|
||||
./root
|
||||
copyToRoot =
|
||||
[
|
||||
./root
|
||||
|
||||
gitReallyMinimal
|
||||
gitReallyMinimal
|
||||
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
'';
|
||||
})
|
||||
]
|
||||
++ (builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
coreutils
|
||||
jq
|
||||
bashInteractive
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
nodejs
|
||||
iana-etc
|
||||
attic-client
|
||||
docker
|
||||
openssl
|
||||
gnugrep
|
||||
gnused
|
||||
forgejo-cli
|
||||
;
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
'';
|
||||
})
|
||||
]
|
||||
++ (builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
coreutils
|
||||
jq
|
||||
bashInteractive
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
nodejs
|
||||
iana-etc
|
||||
attic-client
|
||||
docker
|
||||
openssl
|
||||
gnugrep
|
||||
gnused
|
||||
forgejo-cli
|
||||
nix
|
||||
;
|
||||
});
|
||||
|
||||
determinate-nix = determinate-nix.packages.${pkgs.stdenv.system}.default;
|
||||
});
|
||||
extraCommands = ''
|
||||
# for /usr/bin/env
|
||||
mkdir usr
|
||||
ln -s ../bin usr/bin
|
||||
|
||||
extraCommands = ''
|
||||
# for /usr/bin/env
|
||||
mkdir usr
|
||||
ln -s ../bin usr/bin
|
||||
# make sure /tmp exists
|
||||
mkdir -m 1777 tmp
|
||||
|
||||
# make sure /tmp exists
|
||||
mkdir -m 1777 tmp
|
||||
# need a HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
|
||||
# need a HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
|
||||
config = {
|
||||
Cmd = [ "/bin/bash" ];
|
||||
Env = [
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"NIX_PATH=nixpkgs=${./fake_nixpkgs}"
|
||||
"PAGER=cat"
|
||||
"PATH=/root/.nix-profile/bin:/nix/var/nix/profiles/per-user/root/profile/bin:/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
config = {
|
||||
Cmd = [ "/bin/bash" ];
|
||||
Env = [
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"NIX_PATH=nixpkgs=${./fake_nixpkgs}"
|
||||
"PAGER=cat"
|
||||
"PATH=/root/.nix-profile/bin:/nix/var/nix/profiles/per-user/root/profile/bin:/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue