darkkirb/nix-containers
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

upload as darkkirb
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Charlotte 🦝 Delenk 2022-06-26 09:08:00 +01:00
parent a45c9c7858
commit 1f937f7239
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
2 changed files with 35 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.drone.yml
View file

@ -15,7 +15,7 @@ steps:
echo '{"default": [{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
- nix-env -iA nixpkgs.skopeo
- nix build '.#buildImage'
- ./result | gzip --fast | skopeo copy --dest-creds=gitea-bot:$GITEA_KEY docker-archive:/dev/stdin docker://git.chir.rs/darkkirb/nix-containers:buildImage --dest-compress-format zstd --dest-compress-level 12
- ./result | gzip --fast | skopeo copy --dest-creds=darkkirb:$GITEA_KEY docker-archive:/dev/stdin docker://git.chir.rs/darkkirb/nix-containers:buildImage --dest-compress-format zstd --dest-compress-level 12
environment:
GITEA_KEY:
from_secret: GITEA_KEY
from_secret: DOCKER_KEY

61
flake.nix
View file

@ -6,33 +6,38 @@
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, flake-utils, ...} @ inputs: flake-utils.lib.eachSystem ["aarch64-linux" "x86_64-linux"] (system:
let
pkgs = import nixpkgs { inherit system; };
in rec {
formatter = pkgs.alejandra;
packages = {
buildImage = pkgs.dockerTools.streamLayeredImage {
name = "darkkirb/nix-containers";
tag = "build-container";
contents = with pkgs; [
bashInteractive
gzip
skopeo
nix
];
config.Env = [
"USER=nobody"
];
maxLayers = 125;
fakeRootCommands = ''
echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf
echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf
echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
mkdir /etc/containers
echo '{"default": [{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
'';
outputs = {
self,
nixpkgs,
flake-utils,
...
} @ inputs:
flake-utils.lib.eachSystem ["aarch64-linux" "x86_64-linux"] (system: let
pkgs = import nixpkgs {inherit system;};
in rec {
formatter = pkgs.alejandra;
packages = {
buildImage = pkgs.dockerTools.streamLayeredImage {
name = "darkkirb/nix-containers";
tag = "build-container";
contents = with pkgs; [
bashInteractive
gzip
skopeo
nix
];
config.Env = [
"USER=nobody"
];
maxLayers = 125;
fakeRootCommands = ''
echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf
echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf
echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
mkdir /etc/containers
echo '{"default": [{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
'';
};
};
};
});
});
}