Add dev/prod conditions in the nix files

This commit is contained in:
Omar Brikaa 2022-02-12 20:09:41 +02:00
parent b8e2af412e
commit 97fd8a16d4
3 changed files with 60 additions and 42 deletions

View File

@ -1,4 +1,4 @@
{pkgs, nosocket, ...}:
{pkgs, nosocket, appEnv, ...}:
with pkgs; rec {
package = mkYarnPackage {
name = "piston";
@ -25,45 +25,54 @@ with pkgs; rec {
};
};
};
basePackages = with pkgs; [
package
nosocket
bash
nixFlakes
coreutils-full
cacert.out
git
gnutar
gzip
gnugrep
rename
util-linux
];
devPackages = with pkgs; [
nodejs-16_x
yarn
python3
gcc
gnumake
gnused
];
baseCommands = ''
mkdir -p piston/{jobs,runtimes} etc/nix {,var/}tmp run/lock
echo -e "experimental-features = nix-command flakes" >> etc/nix/nix.conf
echo "nixbld:x:30000:nixbld1,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld2,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld3,nixbld30,nixbld31,nixbld32,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9" >> etc/group
for i in $(seq 1 32)
do
echo "nixbld$i:x:$(( $i + 30000 )):30000:Nix build user $i:/var/empty:/run/current-system/sw/bin/nologin" >> etc/passwd
done
chmod 1777 {,var/}tmp/
'';
devCommands = ''
mkdir -p usr/bin
ln -s /bin/env usr/bin/env
chmod -R 1777 usr
'';
container = pkgs.dockerTools.buildLayeredImageWithNixDb {
name = "piston";
tag = "base-latest";
contents = with pkgs; [
package
nosocket
bash
nixFlakes
coreutils-full
cacert.out
git
gnutar
gzip
gnugrep
rename
util-linux
nodejs-16_x
yarn
python3
gcc
gnumake
gnused
];
contents = if appEnv == "dev" then basePackages ++ devPackages else basePackages;
extraCommands = ''
mkdir -p piston/{jobs,runtimes} etc/nix {,var/}tmp run/lock
echo -e "experimental-features = nix-command flakes" >> etc/nix/nix.conf
echo "nixbld:x:30000:nixbld1,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld2,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld3,nixbld30,nixbld31,nixbld32,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9" >> etc/group
for i in $(seq 1 32)
do
echo "nixbld$i:x:$(( $i + 30000 )):30000:Nix build user $i:/var/empty:/run/current-system/sw/bin/nologin" >> etc/passwd
done
mkdir -p usr/bin
ln -s /bin/env usr/bin/env
chmod -R 1777 usr
chmod 1777 {,var/}tmp/
'';
extraCommands = if appEnv == "dev" then baseCommands + devCommands else baseCommands;
config = {
Cmd = ["${package}/bin/pistond"];

View File

@ -6,9 +6,16 @@
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
baseContainer = (import ./api {
inherit pkgs;
nosocket = self.legacyPackages."${system}".nosocket;
_nosocket = self.legacyPackages."${system}".nosocket;
_devContainer = (import ./api {
inherit pkgs _nosocket;
nosocket = _nosocket;
appEnv = "dev";
}).container;
_prodContainer = (import ./api {
inherit pkgs _nosocket;
nosocket = _nosocket;
appEnv = "prod";
}).container;
args = {
inherit pkgs;
@ -74,6 +81,7 @@
piston = (import ./api { inherit pkgs nosocket; }).package;
};
container = baseContainer;
devContainer = _devContainer;
prodContainer = _prodContainer;
};
}

7
piston
View File

@ -12,8 +12,9 @@ IMAGE_NAME_DEV="piston"
SUBCOMMAND="$1"
shift
build_base(){
CONTAINER_PATH="$(nix build ".#container" --no-link --json | jq '.[0].outputs.out' -r)"
build_base() {
container_flake_key=$([[ $1 == "dev" ]] && echo "devContainer" || echo "prodContainer")
CONTAINER_PATH="$(nix build ".#$container_flake_key" --no-link --json | jq '.[0].outputs.out' -r)"
echo "The image archive was created at: $CONTAINER_PATH"
docker load -i $CONTAINER_PATH || exit 1
docker tag "$IMAGE_NAME_DEV:$IMAGE_TAG" "$IMAGE_NAME:$IMAGE_TAG" || exit 1
@ -64,7 +65,7 @@ case "$SUBCOMMAND" in
echo "Removing the Nix volume if it exists"
docker volume rm -f $DEV_VOLUME_NAME
echo "Building the base docker image"
build_base
build_base dev
echo "Installing the required node modules"
docker run \
--rm \