From 54c9a0a77ed698650bd8dd0534452e031c0fcd0c Mon Sep 17 00:00:00 2001 From: bin Date: Fri, 19 Sep 2025 01:26:13 +0000 Subject: [PATCH] Allow building containers using Nix. fly auth docker && \ nix build .#image -L && \ docker load < result && \ docker tag git-pages:latest registry.fly.io/git-pages:latest && \ docker push registry.fly.io/git-pages:latest --- Caddyfile | 5 +++ flake.nix | 9 +++-- fly.toml | 3 +- nix/pkgs/image.nix | 73 ++++++++++++++++++++++++++++++++++++++++ nix/pkgs/supervisord.nix | 41 ++++++++++++++++++++++ 5 files changed, 127 insertions(+), 4 deletions(-) create mode 100644 nix/pkgs/image.nix create mode 100644 nix/pkgs/supervisord.nix diff --git a/Caddyfile b/Caddyfile index b1ea209..cc68d66 100644 --- a/Caddyfile +++ b/Caddyfile @@ -38,6 +38,11 @@ name https protocols h1 h2 } + + servers :2002 { + name health + protocols h1 + } } http:// { diff --git a/flake.nix b/flake.nix index 333879b..a9057f2 100644 --- a/flake.nix +++ b/flake.nix @@ -32,13 +32,15 @@ ]; }; - vendorHash = "sha256-WVnxNtCCk6T+EsT6Wvd+yR2mxU03SNnSwpeYlYLOCGU="; + vendorHash = "sha256-f2+NDRrgqlyRn7kiBYbuUhDsQPF3Yf/3v24lqBUja6s="; fixupPhase = '' # Apparently `go install` doesn't support renaming the binary, so country girls make do. mv $out/bin/{src,git-pages} ''; }; + + image = pkgs.callPackage ./nix/pkgs/image.nix { inherit git-pages self; }; in { formatter = pkgs.nixfmt-tree; @@ -49,7 +51,10 @@ ]; }; - packages.default = git-pages; + packages = { + inherit git-pages image; + default = git-pages; + }; } ); } diff --git a/fly.toml b/fly.toml index 5b3f53e..e33c0e7 100644 --- a/fly.toml +++ b/fly.toml @@ -5,10 +5,9 @@ # - S3_BUCKET # - GIT_PAGES_CONFIG -app = "git-pages" - [build] dockerfile = "Dockerfile" +# image = "registry.fly.io/git-pages-dev:latest" [experimental] cmd = ["supervisord"] diff --git a/nix/pkgs/image.nix b/nix/pkgs/image.nix new file mode 100644 index 0000000..34be0e1 --- /dev/null +++ b/nix/pkgs/image.nix @@ -0,0 +1,73 @@ +{ + buildEnv, + caddy, + callPackage, + dockerTools, + git-pages, + runtimeShell, + self, + writeTextDir, + ... +}: + +let + caddy' = caddy.withPlugins { + plugins = [ + "github.com/ss098/certmagic-s3@v0.0.0-20250808023250-9788b7231c87" + ]; + + hash = "sha256-jZer6cBnE2Vo5/kMG+1vZBwWY8P/V1Lb33TA3Suz4pI="; + }; + + supervisord = callPackage ./supervisord.nix { }; + + supervisord-config = writeTextDir "app/supervisord.conf" '' + [program-default] + stderr_logfile = /dev/stderr + stopsignal = TERM + autorestart = true + + [program:pages] + command = /bin/git-pages + + [program:caddy] + command = /bin/caddy run + depends_on = pages + ''; +in +dockerTools.buildImage { + name = "git-pages"; + tag = "latest"; + + copyToRoot = buildEnv { + name = "image-root"; + + paths = [ + caddy' + git-pages + supervisord + supervisord-config + + dockerTools.caCertificates + ]; + + pathsToLink = [ + "/app" + "/bin" + "/etc" + ]; + }; + + runAsRoot = '' + #!${runtimeShell} + + cp ${self}/Caddyfile /app/Caddyfile + cp ${self}/config.toml.example /app/config.toml + mkdir /app/data + ''; + + config = { + Cmd = [ "/bin/git-pages" ]; + WorkingDir = "/app"; + }; +} diff --git a/nix/pkgs/supervisord.nix b/nix/pkgs/supervisord.nix new file mode 100644 index 0000000..3bea862 --- /dev/null +++ b/nix/pkgs/supervisord.nix @@ -0,0 +1,41 @@ +{ + buildGoModule, + fetchFromGitHub, + fetchpatch, + lib, + pkgsStatic, + ... +}: + +buildGoModule rec { + pname = "supervisord"; + version = "0.7.3"; + + src = fetchFromGitHub { + owner = "ochinchina"; + repo = pname; + rev = "16cb640325b3a4962b2ba17d68fb5c2b1e1b6b3c"; + hash = "sha256-NPlU2f+zXw1qHWKTyTghQmulDuphpLZ3K/Pr/K9J7KI="; + }; + + buildInputs = with pkgsStatic; [ + musl + ]; + + tags = [ + "release" + ]; + + ldflags = [ + "-linkmode external" + "-extldflags -static" + ]; + + subPackages = "."; + + vendorHash = "sha256-W/68Kq5Z9+7fUKQGq1/hI12pLznlKRYw7x464ZJVxtM="; + + preBuild = '' + go generate -tags ${lib.concatStringsSep "," tags} + ''; +}