sbl/docker-nixpkgs
1
0
Fork 0
forked from github-mirror/docker-nixpkgs
Code Pull Requests Actions Activity

Compare commits

base: sbl:nix-unstable-static
Branches Tags
sbl:master sbl:pjjw/nix-flake-runner sbl:pjjw/gitea-actions sbl:nix-unstable-static sbl:push-to-github sbl:nix-container-images
..
compare: sbl:1cc157b032864ec963176267110290ff7e9eb152
Branches Tags
sbl:master sbl:pjjw/nix-flake-runner sbl:pjjw/gitea-actions sbl:nix-unstable-static sbl:push-to-github sbl:nix-container-images github-mirror:main github-mirror:nix-container-images

2 Commits
nix-unstab ... 1cc157b032

Author SHA1 Message Date
pjjw
1cc157b032 Merge pull request 'cachix action failing for unknown reasons, patch to use local runner' (#2) from pjjw/gitea-actions into master
Some checks failed
Nix / build (nixos-unstable) (push) Failing after 21m13s
Details
Nix / build (nixos-22.11) (push) Failing after 23m58s
Details
Nix / build (nixos-23.05) (push) Failing after 24m32s
Details 
Reviewed-on: #2
 2023-09-08 12:24:27 -04:00
Peter Woodman
617b5494c1 cachix action failing for unknown reasons, patch to use local runner
All checks were successful
Nix / build (nixos-22.11) (pull_request) Successful in 23m0s
Details
Nix / build (nixos-unstable) (pull_request) Successful in 15m41s
Details
Nix / build (nixos-23.05) (pull_request) Successful in 18m47s
Details
2023-09-07 16:06:59 -04:00
2 changed files with 9 additions and 13 deletions
Expand all files Collapse all files

5
.github/workflows/nix.yml vendored
View File

@@ -18,11 +18,12 @@ jobs:
- nixos-unstable - nixos-unstable
- nixos-22.11 - nixos-22.11
- nixos-23.05 - nixos-23.05
runs-on: ubuntu-latest runs-on: native
container: pjjw/nix-flake-runner:1
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- run: nix-shell --run ./ci.sh - run: nix-shell --run ./ci.sh
env: env:
CI_PROJECT_PATH: pjjw
CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}' CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}'
NIXPKGS_CHANNEL: '${{ matrix.channel }}' NIXPKGS_CHANNEL: '${{ matrix.channel }}'

17
images/nix-unstable-static/default.nix
View File

@@ -6,20 +6,21 @@
, python3 , python3
, removeReferencesTo , removeReferencesTo
, runCommand , runCommand
, buildPackages
}: }:
let let
inherit (pkgsStatic) inherit (pkgsStatic)
bashInteractive bashInteractive
busybox busybox
cacert; cacert
openssl
;
bash = bashInteractive; bash = bashInteractive;
# Get nix from Hydra because the nixpkgs one is not fully static # Get nix from Hydra because the nixpkgs one is not fully static
nixStaticBin = fetchurl { nixStaticBin = fetchurl {
url = "https://hydra.nixos.org/build/228458395/download/1/nix"; url = "https://hydra.nixos.org/build/181573550/download/1/nix";
hash = "sha256-H361lUdMpBpBVwInBmpAXKAwjPIf740Jg9Nht0NV66s="; hash = "sha256-zO2xJhQIrLtL/ReTlcorjwsaTO1W5Rnr+sXwcLcujok=";
}; };
nixSymlinks = [ nixSymlinks = [
@@ -63,11 +64,6 @@ let
# Add user home folder # Add user home folder
mkdir home mkdir home
# Create an unpriveleged user that we can use also without the run-as-user.sh script
chmod +w $PWD/etc/group $PWD/etc/passwd
${buildPackages.shadow}/bin/groupadd --prefix $PWD -g 9000 nixuser
${buildPackages.shadow}/bin/useradd --prefix $PWD -m -d /tmp -u 9000 -g 9000 -G nixuser nixuser
# Add SSL CA certs # Add SSL CA certs
cp -a "${cacert}/etc/ssl/certs/ca-bundle.crt" etc/ssl/certs/ca-bundle.crt cp -a "${cacert}/etc/ssl/certs/ca-bundle.crt" etc/ssl/certs/ca-bundle.crt
@@ -121,8 +117,7 @@ let
Env = [ Env = [
"NIX_BUILD_SHELL=/bin/bash" "NIX_BUILD_SHELL=/bin/bash"
"PAGER=cat" "PAGER=cat"
# /host/bin can be used to extend the image with additional binaries "PATH=/bin"
"PATH=/bin:/host/bin"
"SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt" "SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
]; ];
}; };