Add dev/prod conditions in the nix files

This commit is contained in:
Omar Brikaa 2022-02-12 20:09:41 +02:00
parent b8e2af412e
commit 97fd8a16d4
3 changed files with 60 additions and 42 deletions

View File

@ -1,4 +1,4 @@
{pkgs, nosocket, ...}: {pkgs, nosocket, appEnv, ...}:
with pkgs; rec { with pkgs; rec {
package = mkYarnPackage { package = mkYarnPackage {
name = "piston"; name = "piston";
@ -25,45 +25,54 @@ with pkgs; rec {
}; };
}; };
}; };
basePackages = with pkgs; [
package
nosocket
bash
nixFlakes
coreutils-full
cacert.out
git
gnutar
gzip
gnugrep
rename
util-linux
];
devPackages = with pkgs; [
nodejs-16_x
yarn
python3
gcc
gnumake
gnused
];
baseCommands = ''
mkdir -p piston/{jobs,runtimes} etc/nix {,var/}tmp run/lock
echo -e "experimental-features = nix-command flakes" >> etc/nix/nix.conf
echo "nixbld:x:30000:nixbld1,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld2,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld3,nixbld30,nixbld31,nixbld32,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9" >> etc/group
for i in $(seq 1 32)
do
echo "nixbld$i:x:$(( $i + 30000 )):30000:Nix build user $i:/var/empty:/run/current-system/sw/bin/nologin" >> etc/passwd
done
chmod 1777 {,var/}tmp/
'';
devCommands = ''
mkdir -p usr/bin
ln -s /bin/env usr/bin/env
chmod -R 1777 usr
'';
container = pkgs.dockerTools.buildLayeredImageWithNixDb { container = pkgs.dockerTools.buildLayeredImageWithNixDb {
name = "piston"; name = "piston";
tag = "base-latest"; tag = "base-latest";
contents = with pkgs; [ contents = if appEnv == "dev" then basePackages ++ devPackages else basePackages;
package
nosocket
bash
nixFlakes
coreutils-full
cacert.out
git
gnutar
gzip
gnugrep
rename
util-linux
nodejs-16_x
yarn
python3
gcc
gnumake
gnused
];
extraCommands = '' extraCommands = if appEnv == "dev" then baseCommands + devCommands else baseCommands;
mkdir -p piston/{jobs,runtimes} etc/nix {,var/}tmp run/lock
echo -e "experimental-features = nix-command flakes" >> etc/nix/nix.conf
echo "nixbld:x:30000:nixbld1,nixbld10,nixbld11,nixbld12,nixbld13,nixbld14,nixbld15,nixbld16,nixbld17,nixbld18,nixbld19,nixbld2,nixbld20,nixbld21,nixbld22,nixbld23,nixbld24,nixbld25,nixbld26,nixbld27,nixbld28,nixbld29,nixbld3,nixbld30,nixbld31,nixbld32,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9" >> etc/group
for i in $(seq 1 32)
do
echo "nixbld$i:x:$(( $i + 30000 )):30000:Nix build user $i:/var/empty:/run/current-system/sw/bin/nologin" >> etc/passwd
done
mkdir -p usr/bin
ln -s /bin/env usr/bin/env
chmod -R 1777 usr
chmod 1777 {,var/}tmp/
'';
config = { config = {
Cmd = ["${package}/bin/pistond"]; Cmd = ["${package}/bin/pistond"];

View File

@ -6,9 +6,16 @@
let let
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
baseContainer = (import ./api { _nosocket = self.legacyPackages."${system}".nosocket;
inherit pkgs; _devContainer = (import ./api {
nosocket = self.legacyPackages."${system}".nosocket; inherit pkgs _nosocket;
nosocket = _nosocket;
appEnv = "dev";
}).container;
_prodContainer = (import ./api {
inherit pkgs _nosocket;
nosocket = _nosocket;
appEnv = "prod";
}).container; }).container;
args = { args = {
inherit pkgs; inherit pkgs;
@ -74,6 +81,7 @@
piston = (import ./api { inherit pkgs nosocket; }).package; piston = (import ./api { inherit pkgs nosocket; }).package;
}; };
container = baseContainer; devContainer = _devContainer;
prodContainer = _prodContainer;
}; };
} }

7
piston
View File

@ -12,8 +12,9 @@ IMAGE_NAME_DEV="piston"
SUBCOMMAND="$1" SUBCOMMAND="$1"
shift shift
build_base(){ build_base() {
CONTAINER_PATH="$(nix build ".#container" --no-link --json | jq '.[0].outputs.out' -r)" container_flake_key=$([[ $1 == "dev" ]] && echo "devContainer" || echo "prodContainer")
CONTAINER_PATH="$(nix build ".#$container_flake_key" --no-link --json | jq '.[0].outputs.out' -r)"
echo "The image archive was created at: $CONTAINER_PATH" echo "The image archive was created at: $CONTAINER_PATH"
docker load -i $CONTAINER_PATH || exit 1 docker load -i $CONTAINER_PATH || exit 1
docker tag "$IMAGE_NAME_DEV:$IMAGE_TAG" "$IMAGE_NAME:$IMAGE_TAG" || exit 1 docker tag "$IMAGE_NAME_DEV:$IMAGE_TAG" "$IMAGE_NAME:$IMAGE_TAG" || exit 1
@ -64,7 +65,7 @@ case "$SUBCOMMAND" in
echo "Removing the Nix volume if it exists" echo "Removing the Nix volume if it exists"
docker volume rm -f $DEV_VOLUME_NAME docker volume rm -f $DEV_VOLUME_NAME
echo "Building the base docker image" echo "Building the base docker image"
build_base build_base dev
echo "Installing the required node modules" echo "Installing the required node modules"
docker run \ docker run \
--rm \ --rm \