initial commit

2024-01-18 19:04:14 -08:00 · 2024-01-18 19:04:14 -08:00 · 47d99094cd
commit 47d99094cd
4 changed files with 83 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+result
--- a/README.md
+++ b/README.md
@ -0,0 +1,27 @@
+# nix builder
+
+A custom buider for forgejo, trying to use nix instead of actions idioms
+wherever possible. The provide nix flake builds the docker container.
+
+## example config
+
+This is the workflow I use and seems to work well.
+
+```yaml
+name: build
+on: [push]
+jobs:
+  check:
+    runs-on: nix
+    steps:
+      - name: clone
+        run: git clone https://username:${{secrets.TOKEN}}@git.celery.eu.org/username/repo .
+      - name: cache login
+        run: attic login central ${{vars.ATTIC_URL}} ${{secrets.ATTIC_TOKEN}}
+      - name: cache setup
+        run: attic use actions
+      - name: build
+        run: nix build
+      - name: cache push
+        run: attic push actions result
+```
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,26 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1705619229,
+        "narHash": "sha256-fadsP3WWeCqkqFwo7p23GP3dGvhs7yFQKNlzA1hUvlE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "4e68f8bdc9a8fa513acc12ab8f8d1f8ce023fae8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,29 @@
+{
+  description = "nix builder for ci";
+
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs";
+
+  outputs = { self, nixpkgs }: let
+    pkgs = import nixpkgs { system = "x86_64-linux"; };
+  in {
+    packages.x86_64-linux.default = pkgs.dockerTools.buildImage {
+      name = "nix-builder";
+      tag = "latest";
+      copyToRoot = with pkgs; [coreutils cacert nix curl];
+      
+      runAsRoot = ''
+        #!${pkgs.runtimeShell}
+        mkdir -p /etc/nix
+        echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
+        ln -s $NIX_SSL_CERT_FILE /etc/ssl/certs
+      '';
+      
+      config = {
+        Cmd = ["${pkgs.bash}/bin/bash"];
+        Env = with pkgs; [
+          "NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+        ];
+      };
+    };
+  };
+}