2023-07-20 10:57:55 +00:00
4 changed files with 64 additions and 11 deletions
--- a/flake.lock
+++ b/flake.lock
@ -82,16 +82,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1689638193,
-        "narHash": "sha256-7SCl/TEswRCtVSFD9p2SXKH4iWbXDmly2O1oYsxidDc=",
-        "owner": "DavHau",
+        "lastModified": 1689838306,
+        "narHash": "sha256-rKQERGxsbP+Mkkwgepmy/a3KgYYdbFR7vTgEZ6GMoIA=",
+        "owner": "Mic92",
        "repo": "nixpkgs",
-        "rev": "2ab9f837047affd23ebf27b0175aff34d6b9e7e3",
+        "rev": "4bfb50dc6d66a86e61c6b38f567f7770d54db53e",
        "type": "github"
      },
      "original": {
-        "owner": "DavHau",
-        "ref": "gitea",
+        "owner": "Mic92",
+        "ref": "daemon",
        "repo": "nixpkgs",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@ -8,7 +8,7 @@

  inputs = {
    # https://github.com/NixOS/nixpkgs/pull/243252
-    nixpkgs.url = "github:DavHau/nixpkgs/gitea";
+    nixpkgs.url = "github:Mic92/nixpkgs/daemon";
    flake-parts.url = "github:hercules-ci/flake-parts";
    flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
    treefmt-nix.url = "github:numtide/treefmt-nix";
@ -43,8 +43,9 @@
        inputs.treefmt-nix.flakeModule
        ./targets/flake-module.nix
        ./modules/flake-module.nix
+        ./pkgs/flake-module.nix
      ];
-      perSystem = { config, pkgs, inputs', ... }: {
+      perSystem = { pkgs, inputs', ... }: {
        treefmt = {
          projectRootFile = "flake.nix";
          programs.terraform.enable = true;
@ -70,9 +71,6 @@
              ]))
            ];
          };
-          inherit (pkgs.callPackage ./pkgs/renovate { }) renovate;
-        } // lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
-          gitea = pkgs.callPackage ./pkgs/gitea { };
        };
      };
    });
--- a/pkgs/actions-runner.nix
+++ b/pkgs/actions-runner.nix
@ -0,0 +1,43 @@
+{ pkgs, inputs }:
+let
+  # FIXME get rid of nix input?
+  base = import (inputs.nix + "/docker.nix") {
+    inherit pkgs;
+    name = "nix-ci-base";
+    maxLayers = 10;
+    extraPkgs = with pkgs; [
+      nodejs_20 # nodejs is needed for running most 3rdparty actions
+      # add any other pre-installed packages here
+    ];
+    # do we want this at all?
+    channelURL = "https://nixos.org/channels/nixpkgs-unstable";
+    nixConf = {
+      substituters = [
+        "https://cache.nixos.org/"
+        "https://nix-community.cachix.org"
+        # insert any other binary caches here
+      ];
+      trusted-public-keys = [
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        # insert the public keys for those binary caches here
+      ];
+      # allow using the new flake commands in our workflows
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+  };
+in
+pkgs.dockerTools.buildImage {
+  name = "nix-runner";
+  tag = "latest";
+
+  fromImage = base;
+  fromImageName = null;
+  fromImageTag = "latest";
+
+  copyToRoot = pkgs.buildEnv {
+    name = "image-root";
+    paths = [ pkgs.coreutils-full ];
+    pathsToLink = [ "/bin" ]; # add coreutuls (which includes sleep) to /bin
+  };
+}
--- a/pkgs/flake-module.nix
+++ b/pkgs/flake-module.nix
@ -0,0 +1,12 @@
+{ lib, inputs, ... }: {
+  perSystem = { pkgs, inputs', ... }: {
+    packages = {
+      inherit (pkgs.callPackage ./renovate { }) renovate;
+    } // lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
+      gitea = pkgs.callPackage ./gitea { };
+      actions-runner = pkgs.callPackage ./actions-runner.nix {
+        inherit inputs;
+      };
+    };
+  };
+}