{ description = "Docker image with Nginx, F-Droid, and a 30-minute periodic task"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; outputs = {nixpkgs, ...}: let system = "x86_64-linux"; pkgs = nixpkgs.legacyPackages.${system}; periodicScript = pkgs.writeShellScript "run-update" (builtins.readFile ./hosting/update.sh); caddyConfig = ./hosting/Caddyfile; entrypoint = pkgs.writeShellScript "entrypoint" '' # Ensure necessary directories exist mkdir -p /repo/fdroid/repo /tmp/caddy_data /tmp/caddy_config # Start the background loop (1800 seconds = 30 minutes) echo "Starting 30-minute background loop..." while true; do ${periodicScript} ${pkgs.coreutils}/bin/sleep 1800 done & # Set environment variables so Caddy writes its state to /tmp instead of /root export XDG_DATA_HOME=/tmp/caddy_data export XDG_CONFIG_HOME=/tmp/caddy_config # Start Caddy in the foreground echo "Starting Caddy..." exec ${pkgs.caddy}/bin/caddy run --config ${caddyConfig} --adapter caddyfile ''; deploy-script = pkgs.writeShellScriptBin "deploy" '' ${pkgs.nix}/bin/nix build .#container ${pkgs.skopeo}/bin/skopeo copy \ --registries-conf /dev/null \ docker-archive:result \ docker://gitlab.julian-mutter.de/julian/fdroid-frajul:latest ''; dockerImage = pkgs.dockerTools.buildLayeredImage { name = "gitlab.julian-mutter.de/julian/fdroid-frajul"; tag = "latest"; contents = with pkgs; [ coreutils bashInteractive caddy dockerTools.fakeNss # Provides fake /etc/passwd for basic user emulation dockerTools.usrBinEnv dockerTools.binSh dockerTools.caCertificates fdroidserver jq curl sops git ]; config = { Cmd = ["${entrypoint}"]; WorkingDir = "/src"; ExposedPorts = { "8080/tcp" = {}; }; }; maxLayers = 10; }; in { # nix build .#container # docker load < result packages.${system}.container = dockerImage; devShells.${system}.default = pkgs.mkShell { packages = [ deploy-script pkgs.skopeo ]; }; }; }