parent
51aee7dd00
commit
d680f8ea43
2 changed files with 114 additions and 141 deletions
71
flake.lock
generated
71
flake.lock
generated
|
@ -10,11 +10,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1738524606,
|
||||
"narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=",
|
||||
"lastModified": 1748532342,
|
||||
"narHash": "sha256-CvaKOUq8G10sghKpZhEB2UYjJoWhEkrDFggDgi7piUI=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e",
|
||||
"rev": "ce9373715fe3fac7a174a65a7e6d6baeba8cb4f9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -46,7 +46,6 @@
|
|||
},
|
||||
"determinate-nix": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"git-hooks-nix": "git-hooks-nix",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
|
@ -54,12 +53,12 @@
|
|||
"nixpkgs-regression": "nixpkgs-regression"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1745615317,
|
||||
"narHash": "sha256-dvZLk1eqFsiIVJGSgNPqdCmlMFTSZ6QyVi0yavjEvsc=",
|
||||
"rev": "234f790d6200eb1d4917e73aa301a08c92d3953d",
|
||||
"revCount": 20158,
|
||||
"lastModified": 1748909153,
|
||||
"narHash": "sha256-A/yjYc+vdkjvw3xI7qgfYRI+jzyiW9Ay6JPhGu1gFyo=",
|
||||
"rev": "a18fd9b131eb713eba11a746beb3d79628016936",
|
||||
"revCount": 20936,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.4.0/01966f00-97a8-7bef-b00a-bd9325329c98/source.tar.gz"
|
||||
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.6.2/01973342-bafd-782a-bbcf-6606879c0df6/source.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
|
@ -140,29 +139,9 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"git-hooks-nix": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"determinate-nix"
|
||||
],
|
||||
"flake-compat": "flake-compat_2",
|
||||
"gitignore": [
|
||||
"determinate-nix"
|
||||
],
|
||||
|
@ -276,32 +255,32 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1734359947,
|
||||
"narHash": "sha256-1Noao/H+N8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E=",
|
||||
"lastModified": 1747179050,
|
||||
"narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "48d12d5e70ee91fe8481378e540433a7303dbf6a",
|
||||
"rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-24.11",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1744440957,
|
||||
"narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=",
|
||||
"lastModified": 1749024892,
|
||||
"narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d",
|
||||
"rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.11",
|
||||
"ref": "nixos-25.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -310,24 +289,8 @@
|
|||
"inputs": {
|
||||
"attic": "attic",
|
||||
"determinate-nix": "determinate-nix",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
184
flake.nix
184
flake.nix
|
@ -2,9 +2,7 @@
|
|||
description = "Docker with Nix + Attic preinstalled";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-24.11";
|
||||
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05";
|
||||
|
||||
attic.url = "github:zhaofengli/attic";
|
||||
|
||||
|
@ -15,101 +13,113 @@
|
|||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
flake-utils,
|
||||
attic,
|
||||
determinate-nix,
|
||||
}:
|
||||
flake-utils.lib.eachDefaultSystem (
|
||||
system:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
attic.overlays.default
|
||||
];
|
||||
};
|
||||
let
|
||||
supportedSystems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
];
|
||||
|
||||
gitReallyMinimal =
|
||||
(pkgs.git.override {
|
||||
perlSupport = false;
|
||||
pythonSupport = false;
|
||||
withManual = false;
|
||||
withpcre2 = false;
|
||||
}).overrideAttrs
|
||||
(_: {
|
||||
# installCheck is broken when perl is disabled
|
||||
doInstallCheck = false;
|
||||
});
|
||||
in
|
||||
{
|
||||
packages.default = pkgs.dockerTools.buildImageWithNixDb {
|
||||
name = "docker-attic-nix";
|
||||
tag = "latest";
|
||||
forEachSupportedSystems =
|
||||
f:
|
||||
nixpkgs.lib.genAttrs supportedSystems (
|
||||
system:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
};
|
||||
in
|
||||
f { inherit pkgs system; }
|
||||
);
|
||||
in
|
||||
{
|
||||
packages = forEachSupportedSystems (
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
gitReallyMinimal =
|
||||
(pkgs.git.override {
|
||||
perlSupport = false;
|
||||
pythonSupport = false;
|
||||
withManual = false;
|
||||
withpcre2 = false;
|
||||
}).overrideAttrs
|
||||
(_: {
|
||||
# installCheck is broken when perl is disabled
|
||||
doInstallCheck = false;
|
||||
});
|
||||
in
|
||||
{
|
||||
default = pkgs.dockerTools.buildImageWithNixDb {
|
||||
name = "docker-attic-nix";
|
||||
tag = "latest";
|
||||
|
||||
copyToRoot =
|
||||
[
|
||||
./root
|
||||
copyToRoot =
|
||||
[
|
||||
./root
|
||||
|
||||
gitReallyMinimal
|
||||
gitReallyMinimal
|
||||
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
'';
|
||||
})
|
||||
]
|
||||
++ (builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
coreutils
|
||||
jq
|
||||
bashInteractive
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
nodejs
|
||||
iana-etc
|
||||
attic-client
|
||||
docker
|
||||
openssl
|
||||
gnugrep
|
||||
gnused
|
||||
forgejo-cli
|
||||
;
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
'';
|
||||
})
|
||||
]
|
||||
++ (builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
coreutils
|
||||
jq
|
||||
bashInteractive
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
nodejs
|
||||
iana-etc
|
||||
attic-client
|
||||
docker
|
||||
openssl
|
||||
gnugrep
|
||||
gnused
|
||||
forgejo-cli
|
||||
;
|
||||
|
||||
determinate-nix = determinate-nix.packages.${pkgs.stdenv.system}.default;
|
||||
});
|
||||
determinate-nix = determinate-nix.packages.${pkgs.stdenv.system}.default;
|
||||
});
|
||||
|
||||
extraCommands = ''
|
||||
# for /usr/bin/env
|
||||
mkdir usr
|
||||
ln -s ../bin usr/bin
|
||||
extraCommands = ''
|
||||
# for /usr/bin/env
|
||||
mkdir usr
|
||||
ln -s ../bin usr/bin
|
||||
|
||||
# make sure /tmp exists
|
||||
mkdir -m 1777 tmp
|
||||
# make sure /tmp exists
|
||||
mkdir -m 1777 tmp
|
||||
|
||||
# need a HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
# need a HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
|
||||
config = {
|
||||
Cmd = [ "/bin/bash" ];
|
||||
Env = [
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"NIX_PATH=nixpkgs=${./fake_nixpkgs}"
|
||||
"PAGER=cat"
|
||||
"PATH=/root/.nix-profile/bin:/nix/var/nix/profiles/per-user/root/profile/bin:/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
config = {
|
||||
Cmd = [ "/bin/bash" ];
|
||||
Env = [
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"NIX_PATH=nixpkgs=${./fake_nixpkgs}"
|
||||
"PAGER=cat"
|
||||
"PATH=/root/.nix-profile/bin:/nix/var/nix/profiles/per-user/root/profile/bin:/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue