repomaa/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix image build
Some checks failed
Build Images / build (push) Failing after 49s
Details
Check / check (push) Failing after 41s
Details

Browse Source
This commit is contained in:
Joakim Repomaa
2026-02-22 16:59:21 +02:00
parent 5bff4d9713
commit acecd28518
2 changed files with 39 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitea/workflows/build-images.yml
View File

@@ -14,9 +14,6 @@ jobs:
- name: Checkout
uses: actions/checkout@v6
- name: Install Skopeo
run: nix shell nixpkgs#skopeo -c echo "skopeo installed"
- name: Build aarch64 Image
run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz

64
flake.nix
View File

@@ -136,38 +136,52 @@
withSystem system (
{ pkgs, ... }:
{
node = pkgs.dockerTools.buildImage {
name = "node";
tag = "latest";
runAsRoot = ''
#!${pkgs.runtimeShell}
set -e
${pkgs.dockerTools.shadowSetup}
groupadd -r node
useradd -r -g node -m -d /home/node node
mkdir -p /nix
chown node:node /nix
'';
copyToRoot = pkgs.buildEnv {
name = "image-root";
pathsToLink = [ "/" ];
paths = with pkgs; [
node =
let
homeDir = pkgs.runCommand "home-node" { } ''
mkdir -p $out/home/node
'';
nixDir = pkgs.runCommand "nix-dir" { } ''
mkdir -p $out/nix
'';
in
pkgs.dockerTools.buildLayeredImage {
name = "node";
tag = "latest";
contents = with pkgs; [
nodejs
nix
busybox
bash
skopeo
cacert
homeDir
nixDir
(writeTextFile {
name = "etc-passwd";
destination = "/etc/passwd";
text = "node:x:1000:1000:node:/home/node:/bin/sh\n";
})
(writeTextFile {
name = "etc-group";
destination = "/etc/group";
text = "node:x:1000:\n";
})
];
enableFakechroot = true;
fakeRootCommands = ''
chown -R 1000:1000 /home/node /nix
'';
config = {
User = "1000";
Env = [
"NIX_CONFIG=experimental-features = nix-command flakes"
"SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
"NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-bundle.crt"
"HOME=/home/node"
];
};
};
config = {
User = "node";
Env = [
"NIX_CONFIG=experimental-features = nix-command flakes"
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"NODE_EXTRA_CA_CERTS=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
};
};
}
)
);