wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-09 07:53:55 +02:00
Code Activity

Merge pull request #13328 from h0nIg/patch-3

Browse source 
docker: add docu references & remove duplicate code
This commit is contained in:
Eelco Dolstra 2025-07-07 11:31:59 +02:00 committed by GitHub
commit 99c20e6c3e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 25 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

48
docker.nix
View file

@ -176,24 +176,20 @@ let
"${k}:x:${toString gid}:${lib.concatStringsSep "," members}"; "${k}:x:${toString gid}:${lib.concatStringsSep "," members}";
groupContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs groupToGroup groups))); groupContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs groupToGroup groups)));
defaultNixConf = { toConf =
sandbox = "false"; with pkgs.lib.generators;
toKeyValue {
mkKeyValue = mkKeyValueDefault {
mkValueString = v: if lib.isList v then lib.concatStringsSep " " v else mkValueStringDefault { } v;
} " = ";
};
nixConfContents = toConf {
sandbox = false;
build-users-group = "nixbld"; build-users-group = "nixbld";
trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
}; };
nixConfContents =
(lib.concatStringsSep "\n" (
lib.mapAttrsToList (
n: v:
let
vStr = if builtins.isList v then lib.concatStringsSep " " v else v;
in
"${n} = ${vStr}"
) (defaultNixConf // nixConf)
))
+ "\n";
userHome = if uid == 0 then "/root" else "/home/${uname}"; userHome = if uid == 0 then "/root" else "/home/${uname}";
baseSystem = baseSystem =
@ -211,10 +207,7 @@ let
echo "[]" > $out/manifest.nix echo "[]" > $out/manifest.nix
fi fi
''; '';
rootEnv = buildPackages.buildEnv { # doc/manual/source/command-ref/files/manifest.nix.md
name = "root-profile-env";
paths = defaultPkgs;
};
manifest = buildPackages.runCommand "manifest.nix" { } '' manifest = buildPackages.runCommand "manifest.nix" { } ''
cat > $out <<EOF cat > $out <<EOF
[ [
@ -244,11 +237,15 @@ let
] ]
EOF EOF
''; '';
profile = buildPackages.runCommand "user-environment" { } '' profile = buildPackages.buildEnv {
mkdir $out name = "root-profile-env";
cp -a ${rootEnv}/* $out/ paths = defaultPkgs;
ln -s ${manifest} $out/manifest.nix
''; postBuild = ''
mv $out/manifest $out/manifest.nix
'';
inherit manifest;
};
flake-registry-path = flake-registry-path =
if (flake-registry == null) then if (flake-registry == null) then
null null
@ -280,6 +277,7 @@ let
set -x set -x
mkdir -p $out/etc mkdir -p $out/etc
# may get replaced by pkgs.dockerTools.caCertificates
mkdir -p $out/etc/ssl/certs mkdir -p $out/etc/ssl/certs
ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs
@ -307,16 +305,20 @@ let
mkdir -p $out${userHome} mkdir -p $out${userHome}
mkdir -p $out/nix/var/nix/profiles/per-user/${uname} mkdir -p $out/nix/var/nix/profiles/per-user/${uname}
# see doc/manual/source/command-ref/files/profiles.md
ln -s ${profile} $out/nix/var/nix/profiles/default-1-link ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
ln -s /nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default ln -s /nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
# see doc/manual/source/command-ref/files/channels.md
ln -s ${channel} $out/nix/var/nix/profiles/per-user/${uname}/channels-1-link ln -s ${channel} $out/nix/var/nix/profiles/per-user/${uname}/channels-1-link
ln -s /nix/var/nix/profiles/per-user/${uname}/channels-1-link $out/nix/var/nix/profiles/per-user/${uname}/channels ln -s /nix/var/nix/profiles/per-user/${uname}/channels-1-link $out/nix/var/nix/profiles/per-user/${uname}/channels
# see doc/manual/source/command-ref/files/default-nix-expression.md
mkdir -p $out${userHome}/.nix-defexpr mkdir -p $out${userHome}/.nix-defexpr
ln -s /nix/var/nix/profiles/per-user/${uname}/channels $out${userHome}/.nix-defexpr/channels ln -s /nix/var/nix/profiles/per-user/${uname}/channels $out${userHome}/.nix-defexpr/channels
echo "${channelURL} ${channelName}" > $out${userHome}/.nix-channels echo "${channelURL} ${channelName}" > $out${userHome}/.nix-channels
# may get replaced by pkgs.dockerTools.binSh & pkgs.dockerTools.usrBinEnv
mkdir -p $out/bin $out/usr/bin mkdir -p $out/bin $out/usr/bin
ln -s ${lib.getExe' coreutils-full "env"} $out/usr/bin/env ln -s ${lib.getExe' coreutils-full "env"} $out/usr/bin/env
ln -s ${lib.getExe bashInteractive} $out/bin/sh ln -s ${lib.getExe bashInteractive} $out/bin/sh