fix image build

2026-02-22 16:59:21 +02:00
parent 5bff4d9713
commit b1ebf5aff2
2 changed files with 30 additions and 28 deletions
--- a/.gitea/workflows/build-images.yml
+++ b/.gitea/workflows/build-images.yml
@@ -14,11 +14,9 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v6

-      - name: Install Skopeo
-        run: nix shell nixpkgs#skopeo -c echo "skopeo installed"

      - name: Build aarch64 Image
-        run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz
+        run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz --option build-hook ""

      - name: Push to Gitea Registry
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
--- a/flake.nix
+++ b/flake.nix
@@ -136,38 +136,42 @@
                withSystem system (
                  { pkgs, ... }:
                  {
-                    node = pkgs.dockerTools.buildImage {
-                      name = "node";
-                      tag = "latest";
-                      runAsRoot = ''
-                        #!${pkgs.runtimeShell}
-                        set -e
-                        ${pkgs.dockerTools.shadowSetup}
-                        groupadd -r node
-                        useradd -r -g node -m -d /home/node node
-                        mkdir -p /nix
-                        chown node:node /nix
-                      '';
-                      copyToRoot = pkgs.buildEnv {
-                        name = "image-root";
-                        pathsToLink = [ "/" ];
-                        paths = with pkgs; [
+                    node =
+                      let
+                        setupDirs = pkgs.runCommand "setup-dirs" { } ''
+                          mkdir -p $out/tmp $out/root $out/var/tmp
+                          chmod 1777 $out/tmp $out/var/tmp
+                        '';
+                      in
+                      pkgs.dockerTools.buildLayeredImage {
+                        name = "node";
+                        tag = "latest";
+                        contents = with pkgs; [
                          nodejs
                          nix
                          busybox
                          bash
                          skopeo
+                          cacert
+                          git
+                          setupDirs
+                          (writeTextFile {
+                            name = "etc-nix-nix-conf";
+                            destination = "/etc/nix/nix.conf";
+                            text = ''
+                              build-users-group =
+                              experimental-features = nix-command flakes
+                            '';
+                          })
                        ];
+                        config = {
+                          Env = [
+                            "SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
+                            "NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-bundle.crt"
+                            "HOME=/root"
+                          ];
+                        };
                      };
-                      config = {
-                        User = "node";
-                        Env = [
-                          "NIX_CONFIG=experimental-features = nix-command flakes"
-                          "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
-                          "NODE_EXTRA_CA_CERTS=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
-                        ];
-                      };
-                    };
                  }
                )
              );