debug environment

.gitea/workflows/build-images.yml

@@ -14,11 +14,20 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v6
 
-      - name: Install Skopeo
+      - name: Debug environment
-        run: nix shell nixpkgs#skopeo -c echo "skopeo installed"
+        run: |
+          echo "=== System Info ==="
+          uname -a
+          nix --version
+          echo "=== Memory ==="
+          free -h || true
+          echo "=== Disk ==="
+          df -h /nix /tmp || true
+          echo "=== Nix Config ==="
+          nix show-config 2>&1 | head -20 || true
 
       - name: Build aarch64 Image
-        run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz
+        run: nix build .#dockerImages.aarch64-linux.node --out-link ./image-aarch64.tar.gz --option build-hook ""
 
       - name: Push to Gitea Registry
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'

flake.nix

@@ -136,38 +136,42 @@
                 withSystem system (
                   { pkgs, ... }:
                   {
-                    node = pkgs.dockerTools.buildImage {
+                    node =
-                      name = "node";
+                      let
-                      tag = "latest";
+                        setupDirs = pkgs.runCommand "setup-dirs" { } ''
-                      runAsRoot = ''
+                          mkdir -p $out/tmp $out/root $out/var/tmp
-                        #!${pkgs.runtimeShell}
+                          chmod 1777 $out/tmp $out/var/tmp
-                        set -e
+                        '';
-                        ${pkgs.dockerTools.shadowSetup}
+                      in
-                        groupadd -r node
+                      pkgs.dockerTools.buildLayeredImage {
-                        useradd -r -g node -m -d /home/node node
+                        name = "node";
-                        mkdir -p /nix
+                        tag = "latest";
-                        chown node:node /nix
+                        contents = with pkgs; [
-                      '';
-                      copyToRoot = pkgs.buildEnv {
-                        name = "image-root";
-                        pathsToLink = [ "/" ];
-                        paths = with pkgs; [
                           nodejs
                           nix
                           busybox
                           bash
                           skopeo
+                          cacert
+                          git
+                          setupDirs
+                          (writeTextFile {
+                            name = "etc-nix-nix-conf";
+                            destination = "/etc/nix/nix.conf";
+                            text = ''
+                              build-users-group =
+                              experimental-features = nix-command flakes
+                            '';
+                          })
                         ];
+                        config = {
+                          Env = [
+                            "SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
+                            "NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-bundle.crt"
+                            "HOME=/root"
+                          ];
+                        };
                       };
-                      config = {
-                        User = "node";
-                        Env = [
-                          "NIX_CONFIG=experimental-features = nix-command flakes"
-                          "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
-                          "NODE_EXTRA_CA_CERTS=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
-                        ];
-                      };
-                    };
                   }
                 )
               );