initial commit

.drone.yml

@@ -0,0 +1,17 @@
+---
+kind: pipeline
+type: docker
+name: Build containers
+
+steps:
+  - name: buildImage
+    image: nixos/nix
+    commands:
+      - echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf
+      - echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf
+      - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
+      - nix-env -iA skopeo
+      - $(nix build '.#buildImage') | skopeo copy --creds=gitea-bot:$GITEA_KEY docker://git.chir.rs/darkkirb/nix-containers:buildImage
+    environment:
+      GITEA_KEY:
+        from_secret: GITEA_KEY

flake.lock

@@ -0,0 +1,42 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1656065134,
+        "narHash": "sha256-oc6E6ByIw3oJaIyc67maaFcnjYOz1mMcOtHxbEf9NwQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "bee6a7250dd1b01844a2de7e02e4df7d8a0a206c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1656182524,
+        "narHash": "sha256-p4ZzCgZyQ4avz/huv8UrZHW0Gt2xry+Hm3tcL+GYUzo=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "061263a28a561ee6e7c7bd527e1e0d8e25852f40",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,36 @@
+{
+  description = "various nix-based docker containers";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs";
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs = { self, nixpkgs, flake-utils, ...} @ inputs: flake-utils.lib.eachSystem ["aarch64-linux" "x86_64-linux"] (system:
+  let
+    pkgs = import nixpkgs { inherit system; };
+  in rec {
+    formatter = pkgs.alejandra;
+    packages = {
+      buildImage = pkgs.dockerTools.streamLayeredImage {
+        name = "darkkirb/nix-containers";
+        tag = "build-container";
+        contents = with pkgs; [
+          bashInteractive
+          gzip
+          skopeo
+          nix
+        ];
+        config.Env = [
+          "USER=nobody"
+        ];
+        maxLayers = 125;
+        fakeRootCommands = ''
+          echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf
+          echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf
+          echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
+        '';
+      };
+    };
+  });
+}