repomaa/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: repomaa:c684beed093ee63de204c2e72ff28da0a4b624c4
Branches Tags
repomaa:main repomaa:tech/native-immich-module repomaa:refactor
...
compare: repomaa:d6cb5fa99b0f5d65e19117c1b26a7d6cc30442fe
Branches Tags
repomaa:main repomaa:tech/native-immich-module repomaa:refactor

2 Commits
c684beed09 ... d6cb5fa99b

Author SHA1 Message Date
Joakim Repomaa
d6cb5fa99b fix push image step
Some checks failed
Check / check (push) Successful in 3m35s
Details
Build Images / build (push) Failing after 1m4s
Details
2026-02-22 17:44:44 +02:00
Joakim Repomaa
b1ebf5aff2 fix image build 2026-02-22 17:43:49 +02:00
2 changed files with 37 additions and 32 deletions
Expand all files Collapse all files

15
.gitea/workflows/build-images.yml
View File

@@ -14,27 +14,28 @@ jobs:
- name: Checkout
uses: actions/checkout@v6
- name: Install Skopeo
run: nix shell nixpkgs#skopeo -c echo "skopeo installed"
- name: Build aarch64 Image
run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz
run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz --option build-hook ""
- name: Push to Gitea Registry
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
env:
GITEA_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
REGISTRY="${{ github.server_url }}"
REGISTRY="${REGISTRY#https://}"
REGISTRY="${REGISTRY#http://}"
# Push aarch64 image
skopeo copy \
--insecure-policy \
--dest-creds "${{ github.actor }}:${GITEA_TOKEN}" \
"docker-archive:./image-aarch64.tar.gz" \
"docker://${{ github.server_url }}/${{ github.repository }}/node:latest-arm64"
"docker://${REGISTRY}/${{ github.repository }}/node:latest-arm64"
# Create and push manifest for arm64
skopeo manifest create \
--insecure-policy \
--dest-creds "${{ github.actor }}:${GITEA_TOKEN}" \
"docker://${{ github.server_url }}/${{ github.repository }}/node:latest" \
"docker://${{ github.server_url }}/${{ github.repository }}/node:latest-arm64"
"docker://${REGISTRY}/${{ github.repository }}/node:latest" \
"docker://${REGISTRY}/${{ github.repository }}/node:latest-arm64"

54
flake.nix
View File

@@ -136,38 +136,42 @@
withSystem system (
{ pkgs, ... }:
{
node = pkgs.dockerTools.buildImage {
name = "node";
tag = "latest";
runAsRoot = ''
#!${pkgs.runtimeShell}
set -e
${pkgs.dockerTools.shadowSetup}
groupadd -r node
useradd -r -g node -m -d /home/node node
mkdir -p /nix
chown node:node /nix
'';
copyToRoot = pkgs.buildEnv {
name = "image-root";
pathsToLink = [ "/" ];
paths = with pkgs; [
node =
let
setupDirs = pkgs.runCommand "setup-dirs" { } ''
mkdir -p $out/tmp $out/root $out/var/tmp
chmod 1777 $out/tmp $out/var/tmp
'';
in
pkgs.dockerTools.buildLayeredImage {
name = "node";
tag = "latest";
contents = with pkgs; [
nodejs
nix
busybox
bash
skopeo
cacert
git
setupDirs
(writeTextFile {
name = "etc-nix-nix-conf";
destination = "/etc/nix/nix.conf";
text = ''
build-users-group =
experimental-features = nix-command flakes
'';
})
];
config = {
Env = [
"SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
"NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-bundle.crt"
"HOME=/root"
];
};
};
config = {
User = "node";
Env = [
"NIX_CONFIG=experimental-features = nix-command flakes"
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"NODE_EXTRA_CA_CERTS=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
};
};
}
)
);