From a41c885bb2a5199000af5361a28ccfc783c68f16 Mon Sep 17 00:00:00 2001
From: Joakim Repomaa <joakim.repomaa@mocoapp.com>
Date: Fri, 20 Feb 2026 18:58:55 +0200
Subject: [PATCH] fix check workflow

---
 .gitea/workflows/check.yml   |  4 +---
 flake.nix                    | 39 ++++++++++++++++++++++++++++++++++++
 hosts/freun-dev/services.nix |  2 +-
 3 files changed, 41 insertions(+), 4 deletions(-)

diff --git a/.gitea/workflows/check.yml b/.gitea/workflows/check.yml
index e62a05c..073bafa 100644
--- a/.gitea/workflows/check.yml
+++ b/.gitea/workflows/check.yml
@@ -7,7 +7,7 @@ on:
     branches: [main]
 
 jobs:
-  build:
+  check:
     runs-on: nixos-latest
 
     steps:
@@ -16,5 +16,3 @@ jobs:
 
       - name: Check
         run: nix flake check
-        env:
-          NIX_CONFIG: "experimental-features = nix-command flakes"
diff --git a/flake.nix b/flake.nix
index c058446..3208f3e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -68,6 +68,7 @@
       ...
     }@inputs:
     flake-parts.lib.mkFlake { inherit inputs; } (
+      { withSystem, ... }:
       let
         ssh.publicKeys = {
           yubikey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLIUkESu5NnBi1M0+ZjYrkp6/rIFuwc3aguspf98jmOydNce6l65cnS3GRzc9oWx4lu11ahi87ZuE+pYV+gaHm4=";
@@ -124,6 +125,44 @@
             };
 
           images.turny = self.nixosConfigurations.turny.config.system.build.sdImage;
+
+          dockerImages =
+            nixpkgs.lib.genAttrs
+              [
+                "x86_64-linux"
+                "aarch64-linux"
+              ]
+              (
+                system:
+                withSystem system (
+                  { pkgs, ... }:
+                  {
+                    node = pkgs.dockerTools.buildImage {
+                      name = "node";
+                      tag = "latest";
+                      runAsRoot = ''
+                        #!${pkgs.stdenv.shell}
+                        set -e
+                        ${pkgs.dockerTools.shadowSetup}
+                        groupadd -r node
+                        useradd -r -g node node
+                      '';
+                      copyToRoot = pkgs.buildEnv {
+                        name = "image-root";
+                        pathsToLink = [ "/" ];
+                        paths = with pkgs; [
+                          nodejs
+                          nix
+                          busybox
+                        ];
+                      };
+                      config.Env = [
+                        "NIX_CONFIG=experimental-features = nix-command flakes"
+                      ];
+                    };
+                  }
+                )
+              );
           colmenaHive = colmena.lib.makeHive self.outputs.colmena;
 
           colmena =
diff --git a/hosts/freun-dev/services.nix b/hosts/freun-dev/services.nix
index cd813a3..513e64e 100644
--- a/hosts/freun-dev/services.nix
+++ b/hosts/freun-dev/services.nix
@@ -451,7 +451,7 @@ in
         labels = [
           "linux_arm64"
           "ubuntu-latest:docker://node:latest"
-          "nixos-latest:docker://nixos/nix:latest"
+          "nixos-latest:docker://repomaa/node:latest"
         ];
         tokenFile = secrets.gitea-actions-runner.path;
         url = "https://${config.services.gitea.subdomain}.${config.networking.domain}";