From ab9770a725e60c2c7cea8deabbd743f584dc7160 Mon Sep 17 00:00:00 2001 From: Julian Mutter Date: Thu, 4 Jun 2026 14:10:49 +0200 Subject: [PATCH] Change base docker image with more stuff preinstalled --- Dockerfile | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index 836f697..fcfd7c5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,18 @@ -# Start with the official Cachix Devenv image (which has Nix and Devenv pre-installed) -FROM ghcr.io/cachix/devenv/devenv:latest +# Start with a official gitea runner image based on ubuntu with node installed +FROM docker.gitea.com/runner-images:ubuntu-latest-slim -# Switch to root to install system-level packages -USER root +# Install Nix as a multi-user installation +RUN curl -L https://nixos.org/nix/install | sh -s -- --daemon +ENV PATH="/nix/var/nix/profiles/default/bin:$PATH" -# Install the critical dependencies for Gitea Actions -# - nodejs: Required to run standard actions (like actions/checkout) -# - sudo: Required by many actions to escalate privileges -# - bash & jq: Standard utilities often expected in CI scripts -RUN apt-get update && \ - apt-get install -y nodejs sudo bash jq && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* +# Enable flakes and nix-command +RUN mkdir -p /etc/nix && \ + echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf -# Allow passwordless sudo for any user in the container. -# CI runners often execute as 'runner' or 'root'. This guarantees neither gets stuck. -RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers +# Install devenv (the Nix way, not the apt-get way) +RUN nix profile install nixpkgs#devenv -# Guarantee the image ships without the Nix sandboxing artifact. -# This prevents the "purity" crash on the very first Nix run. +# Cleanup, otherwise nix panicks RUN rm -rf /homeless-shelter -# Set the default shell to bash CMD ["/bin/bash"]