Allow building containers using Nix.

fly auth docker && \ nix build .#image -L && \ docker load < result && \ docker tag git-pages:latest registry.fly.io/git-pages:latest && \ docker push registry.fly.io/git-pages:latest
2026-05-23 15:41:36 +00:00 · 2025-09-19 01:26:13 +00:00
parent 5024802fd4
commit 54c9a0a77e
5 changed files with 127 additions and 4 deletions
--- a/5
+++ b/5
@@ -38,6 +38,11 @@
 		name https
 		protocols h1 h2
 	}
+
+	servers :2002 {
+		name health
+		protocols h1
+	}
 }

 http:// {
--- a/flake.nix
+++ b/flake.nix
@@ -32,13 +32,15 @@
            ];
          };

-          vendorHash = "sha256-WVnxNtCCk6T+EsT6Wvd+yR2mxU03SNnSwpeYlYLOCGU=";
+          vendorHash = "sha256-f2+NDRrgqlyRn7kiBYbuUhDsQPF3Yf/3v24lqBUja6s=";

          fixupPhase = ''
            # Apparently `go install` doesn't support renaming the binary, so country girls make do.
            mv $out/bin/{src,git-pages}
          '';
        };
+
+        image = pkgs.callPackage ./nix/pkgs/image.nix { inherit git-pages self; };
      in
      {
        formatter = pkgs.nixfmt-tree;
@@ -49,7 +51,10 @@
          ];
        };

-        packages.default = git-pages;
+        packages = {
+          inherit git-pages image;
+          default = git-pages;
+        };
      }
    );
 }
--- a/fly.toml
+++ b/fly.toml
@@ -5,10 +5,9 @@
 #  - S3_BUCKET
 #  - GIT_PAGES_CONFIG

-app = "git-pages"
-
 [build]
 dockerfile = "Dockerfile"
+# image = "registry.fly.io/git-pages-dev:latest"

 [experimental]
 cmd = ["supervisord"]
--- a/nix/pkgs/image.nix
+++ b/nix/pkgs/image.nix
@@ -0,0 +1,73 @@
+{
+  buildEnv,
+  caddy,
+  callPackage,
+  dockerTools,
+  git-pages,
+  runtimeShell,
+  self,
+  writeTextDir,
+  ...
+}:
+
+let
+  caddy' = caddy.withPlugins {
+    plugins = [
+      "github.com/ss098/certmagic-s3@v0.0.0-20250808023250-9788b7231c87"
+    ];
+
+    hash = "sha256-jZer6cBnE2Vo5/kMG+1vZBwWY8P/V1Lb33TA3Suz4pI=";
+  };
+
+  supervisord = callPackage ./supervisord.nix { };
+
+  supervisord-config = writeTextDir "app/supervisord.conf" ''
+    [program-default]
+    stderr_logfile = /dev/stderr
+    stopsignal = TERM
+    autorestart = true
+
+    [program:pages]
+    command = /bin/git-pages
+
+    [program:caddy]
+    command = /bin/caddy run
+    depends_on = pages
+  '';
+in
+dockerTools.buildImage {
+  name = "git-pages";
+  tag = "latest";
+
+  copyToRoot = buildEnv {
+    name = "image-root";
+
+    paths = [
+      caddy'
+      git-pages
+      supervisord
+      supervisord-config
+
+      dockerTools.caCertificates
+    ];
+
+    pathsToLink = [
+      "/app"
+      "/bin"
+      "/etc"
+    ];
+  };
+
+  runAsRoot = ''
+    #!${runtimeShell}
+
+    cp ${self}/Caddyfile /app/Caddyfile
+    cp ${self}/config.toml.example /app/config.toml
+    mkdir /app/data
+  '';
+
+  config = {
+    Cmd = [ "/bin/git-pages" ];
+    WorkingDir = "/app";
+  };
+}
--- a/nix/pkgs/supervisord.nix
+++ b/nix/pkgs/supervisord.nix
@@ -0,0 +1,41 @@
+{
+  buildGoModule,
+  fetchFromGitHub,
+  fetchpatch,
+  lib,
+  pkgsStatic,
+  ...
+}:
+
+buildGoModule rec {
+  pname = "supervisord";
+  version = "0.7.3";
+
+  src = fetchFromGitHub {
+    owner = "ochinchina";
+    repo = pname;
+    rev = "16cb640325b3a4962b2ba17d68fb5c2b1e1b6b3c";
+    hash = "sha256-NPlU2f+zXw1qHWKTyTghQmulDuphpLZ3K/Pr/K9J7KI=";
+  };
+
+  buildInputs = with pkgsStatic; [
+    musl
+  ];
+
+  tags = [
+    "release"
+  ];
+
+  ldflags = [
+    "-linkmode external"
+    "-extldflags -static"
+  ];
+
+  subPackages = ".";
+
+  vendorHash = "sha256-W/68Kq5Z9+7fUKQGq1/hI12pLznlKRYw7x464ZJVxtM=";
+
+  preBuild = ''
+    go generate -tags ${lib.concatStringsSep "," tags}
+  '';
+}