145 lines
3.9 KiB
Nix
145 lines
3.9 KiB
Nix
{
|
|
description = "Gitea act runner with Nix installed";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
|
treefmt-nix = {
|
|
url = "github:numtide/treefmt-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs =
|
|
{ self, nixpkgs, ... }@inputs:
|
|
let
|
|
supportedSystems = [ "x86_64-linux" ];
|
|
pkgsFor =
|
|
system:
|
|
let
|
|
pkgs = import nixpkgs {
|
|
inherit system;
|
|
config.allowUnfree = true;
|
|
};
|
|
in
|
|
pkgs.extend (
|
|
pkgs.lib.composeManyExtensions [ dockerOverlay ]
|
|
# nixpkgs.lib.composeManyExtensions ([ ] ++ builtins.attrValues self.overlays)
|
|
);
|
|
eachSystem = f: nixpkgs.lib.genAttrs supportedSystems (system: f (pkgsFor system));
|
|
dockerOverlay = _final: prev: {
|
|
|
|
scripts = prev.callPackage ./scripts { };
|
|
|
|
# gitMinimal still ships with perl and python
|
|
gitReallyMinimal =
|
|
(prev.git.override {
|
|
perlSupport = false;
|
|
pythonSupport = false;
|
|
withManual = false;
|
|
withpcre2 = false;
|
|
}).overrideAttrs
|
|
(_: {
|
|
# installCheck is broken when perl is disabled
|
|
doInstallCheck = false;
|
|
});
|
|
|
|
};
|
|
treefmtEval = eachSystem (pkgs: inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix);
|
|
in
|
|
{
|
|
# nix fmt formatter
|
|
formatter = eachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
|
|
|
|
checks = eachSystem (pkgs: {
|
|
formatting = treefmtEval.${pkgs.system}.config.build.check self;
|
|
});
|
|
|
|
# Docker image for Gitea Actions runner
|
|
packages = eachSystem (pkgs: {
|
|
default = self.packages.${pkgs.system}.act-runner-image;
|
|
|
|
act-runner-image = pkgs.dockerTools.buildLayeredImage {
|
|
name = "nix-gitea-act-runner";
|
|
tag = "latest";
|
|
|
|
# fromImage = "ghcr.io/catthehacker/ubuntu:runner-latest";
|
|
|
|
contents = [
|
|
|
|
# some stuff that dockertools provides?
|
|
pkgs.dockerTools.usrBinEnv
|
|
pkgs.dockerTools.binSh
|
|
pkgs.dockerTools.caCertificates
|
|
pkgs.dockerTools.fakeNss
|
|
|
|
# Get nix in there
|
|
pkgs.nix
|
|
(pkgs.writeTextDir "etc/nix/nix.conf" ''
|
|
experimental-features = nix-command flakes
|
|
build-users-group =
|
|
'')
|
|
|
|
# Base packages
|
|
pkgs.bash
|
|
pkgs.coreutils
|
|
# for the actions/cache need the find command
|
|
pkgs.findutils
|
|
pkgs.cacert
|
|
pkgs.curl
|
|
pkgs.gitReallyMinimal
|
|
pkgs.gnutar
|
|
pkgs.gzip
|
|
pkgs.gnused
|
|
pkgs.gnugrep
|
|
pkgs.attic-client
|
|
pkgs.openssh
|
|
# zstd needed for cache-nix-action I believe
|
|
pkgs.zstd
|
|
|
|
# Tools we need to get some common actions running
|
|
pkgs.nodejs
|
|
pkgs.uv
|
|
|
|
# runner
|
|
pkgs.gitea-actions-runner
|
|
|
|
# Additional tools
|
|
# pkgs.docker
|
|
# pkgs.docker-compose
|
|
pkgs.jq
|
|
pkgs.terraform
|
|
pkgs.awscli2
|
|
];
|
|
|
|
config = {
|
|
Cmd = [ "/bin/bash" ];
|
|
Env = [
|
|
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
|
"NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
|
"PATH=/bin"
|
|
];
|
|
WorkingDir = "/workspace";
|
|
};
|
|
};
|
|
});
|
|
|
|
# default devshell
|
|
devShells = eachSystem (pkgs: {
|
|
default = pkgs.mkShell {
|
|
packages = [
|
|
pkgs.just
|
|
pkgs.dive
|
|
pkgs.jq
|
|
pkgs.skopeo
|
|
pkgs.docker
|
|
pkgs.nodejs
|
|
];
|
|
|
|
# Will be executed before entering the shell
|
|
# or running a command
|
|
shellHook = '''';
|
|
};
|
|
});
|
|
};
|
|
}
|