transfer over nix-flakes settings

2023-08-12 08:21:33 +01:00 · 2023-08-12 08:21:33 +01:00 · 31fd767dcc
commit 31fd767dcc
parent a2f6f43231
5 changed files with 150 additions and 40 deletions
--- a/fake_nixpkgs/default.nix
+++ b/fake_nixpkgs/default.nix
@ -0,0 +1,10 @@
+_:
+throw ''
+  This container doesn't include nixpkgs.
+
+  The best way to work around that is to pin your dependencies. See
+    https://nix.dev/tutorials/towards-reproducibility-pinning-nixpkgs.html
+
+  Or if you must, override the NIX_PATH environment variable with eg:
+    "NIX_PATH=nixpkgs=channel:nixos-unstable"
+''
--- a/flake.nix
+++ b/flake.nix
@ -7,54 +7,88 @@
  };

  outputs = { self, nixpkgs, flake-utils }:
-    flake-utils.lib.eachDefaultSystem (system:
-      let
-        pkgs = import nixpkgs { inherit system; };
-        pkgsStatic = pkgs.pkgsStatic;
-        lib = pkgs.lib;
+    flake-utils.lib.eachDefaultSystem
+      (system:
+        let
+          pkgs = import nixpkgs { inherit system; };
+          pkgsStatic = pkgs.pkgsStatic;
+          lib = pkgs.lib;

-        rustPlatform = pkgs.makeRustPlatform {
-          cargo = pkgs.cargo;
-          rustc = pkgs.rustc;
-        };
+        in
+        {
+          packages = {
+            hello = pkgs.dockerTools.buildImage {
+              name = "hello-docker";
+              config = {
+                Cmd = [ "${pkgs.hello}/bin/hello" ];
+              };
+            };
+            flakes-action = pkgs.dockerTools.buildImageWithNixDb {
+              name = "flakes-action";
+              contents = with pkgs; [
+                ./root
+                bash
+                coreutils
+                curl
+                gawk
+                git-lfs
+                gnused
+                nodejs
+                wget
+                sudo
+                nixFlakes
+                cacert
+                gnutar
+                gzip
+                openssh
+                xz
+                (pkgs.writeTextFile {
+                  name = "nix.conf";
+                  destination = "/etc/nix/nix.conf";
+                  text = ''
+                    accept-flake-config = true
+                    experimental-features = nix-command flakes
+                  '';
+                })
+              ];

-      in {
-        packages = {
-         flakes-action = pkgs.dockerTools.buildImage {
-            name = "flakes-action";
-            contents = with pkgs; [
-              bash
-              coreutils
-              curl
-              gawk
-              git-lfs
-              gnused
-              nodejs
-              wget
-              sudo
-              nix
-            ];
-            config = { 
+              extraCommands = ''
+                # for /usr/bin/env
+                mkdir usr
+                ln -s ../bin usr/bin
+
+                # make sure /tmp exists
+                mkdir -m 1777 tmp
+
+                # need a HOME
+                mkdir -vp root
+              '';
+              config = {
+                Cmd = [ "/bin/bash" ];
                Env = [
                  "LANG=en_GB.UTF-8"
+                  "ENV=/etc/profile.d/nix.sh"
+                  "BASH_ENV=/etc/profile.d/nix.sh"
+                  "NIX_BUILD_SHELL=/bin/bash"
+                  "NIX_PATH=nixpkgs=${./fake_nixpkgs}"
+                  "PAGER=cat"
+                  "PATH=/usr/bin:/bin"
+                  "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+                  "USER=root"
                ];
+              };
            };
-            extraCommands = ''
-            '';
-
          };

-        };
+          devShells = {
+            default = (pkgs.mkShell {
+              buildInputs = (with pkgs;
+                [
+                  git-lfs
+                ]);

-        devShells = {
-          default = (pkgs.mkShell {
-            buildInputs = (with pkgs; [
-              git-lfs
-              node
-            ]);
-
-          });
-        };
-      });
+            });
+          };
+        });
 }

--- a/root/etc/group
+++ b/root/etc/group
@ -0,0 +1,21 @@
+root:x:0:
+wheel:x:1:
+kmem:x:2:
+tty:x:3:
+messagebus:x:4:
+disk:x:6:
+audio:x:17:
+floppy:x:18:
+uucp:x:19:
+lp:x:20:
+cdrom:x:24:
+tape:x:25:
+video:x:26:
+dialout:x:27:
+utmp:x:29:
+adm:x:55:
+keys:x:96:
+users:x:100:
+input:x:174:
+nixbld:x:30000:nixbld1,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld2,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld3,nixbld30,nixbld31,nixbld32,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9
+nogroup:x:65534:
--- a/root/etc/nsswitch.conf
+++ b/root/etc/nsswitch.conf
@ -0,0 +1,11 @@
+passwd:    files mymachines systemd
+group:     files mymachines systemd
+shadow:    files
+
+hosts:     files mymachines dns myhostname
+networks:  files
+
+ethers:    files
+services:  files
+protocols: files
+rpc:       files
--- a/root/etc/passwd
+++ b/root/etc/passwd
@ -0,0 +1,34 @@
+root:x:0:0:System administrator:/root:/bin/bash
+nixbld1:x:30001:30000:Nix build user 1:/var/empty:/run/current-system/sw/bin/nologin
+nixbld2:x:30002:30000:Nix build user 2:/var/empty:/run/current-system/sw/bin/nologin
+nixbld3:x:30003:30000:Nix build user 3:/var/empty:/run/current-system/sw/bin/nologin
+nixbld4:x:30004:30000:Nix build user 4:/var/empty:/run/current-system/sw/bin/nologin
+nixbld5:x:30005:30000:Nix build user 5:/var/empty:/run/current-system/sw/bin/nologin
+nixbld6:x:30006:30000:Nix build user 6:/var/empty:/run/current-system/sw/bin/nologin
+nixbld7:x:30007:30000:Nix build user 7:/var/empty:/run/current-system/sw/bin/nologin
+nixbld8:x:30008:30000:Nix build user 8:/var/empty:/run/current-system/sw/bin/nologin
+nixbld9:x:30009:30000:Nix build user 9:/var/empty:/run/current-system/sw/bin/nologin
+nixbld10:x:30010:30000:Nix build user 10:/var/empty:/run/current-system/sw/bin/nologin
+nixbld11:x:30011:30000:Nix build user 11:/var/empty:/run/current-system/sw/bin/nologin
+nixbld12:x:30012:30000:Nix build user 12:/var/empty:/run/current-system/sw/bin/nologin
+nixbld13:x:30013:30000:Nix build user 13:/var/empty:/run/current-system/sw/bin/nologin
+nixbld14:x:30014:30000:Nix build user 14:/var/empty:/run/current-system/sw/bin/nologin
+nixbld15:x:30015:30000:Nix build user 15:/var/empty:/run/current-system/sw/bin/nologin
+nixbld16:x:30016:30000:Nix build user 16:/var/empty:/run/current-system/sw/bin/nologin
+nixbld17:x:30017:30000:Nix build user 17:/var/empty:/run/current-system/sw/bin/nologin
+nixbld18:x:30018:30000:Nix build user 18:/var/empty:/run/current-system/sw/bin/nologin
+nixbld19:x:30019:30000:Nix build user 19:/var/empty:/run/current-system/sw/bin/nologin
+nixbld20:x:30020:30000:Nix build user 20:/var/empty:/run/current-system/sw/bin/nologin
+nixbld21:x:30021:30000:Nix build user 21:/var/empty:/run/current-system/sw/bin/nologin
+nixbld22:x:30022:30000:Nix build user 22:/var/empty:/run/current-system/sw/bin/nologin
+nixbld23:x:30023:30000:Nix build user 23:/var/empty:/run/current-system/sw/bin/nologin
+nixbld24:x:30024:30000:Nix build user 24:/var/empty:/run/current-system/sw/bin/nologin
+nixbld25:x:30025:30000:Nix build user 25:/var/empty:/run/current-system/sw/bin/nologin
+nixbld26:x:30026:30000:Nix build user 26:/var/empty:/run/current-system/sw/bin/nologin
+nixbld27:x:30027:30000:Nix build user 27:/var/empty:/run/current-system/sw/bin/nologin
+nixbld28:x:30028:30000:Nix build user 28:/var/empty:/run/current-system/sw/bin/nologin
+nixbld29:x:30029:30000:Nix build user 29:/var/empty:/run/current-system/sw/bin/nologin
+nixbld30:x:30030:30000:Nix build user 30:/var/empty:/run/current-system/sw/bin/nologin
+nixbld31:x:30031:30000:Nix build user 31:/var/empty:/run/current-system/sw/bin/nologin
+nixbld32:x:30032:30000:Nix build user 32:/var/empty:/run/current-system/sw/bin/nologin
+nobody:x:65534:65534:Unprivileged account (don't use!):/var/empty:/run/current-system/sw/bin/nologin