# Nix CI Runner for Gitea Actions

A purpose-built Docker image for running Nix and Devenv pipelines inside Gitea Actions seamlessly. 

## 💡 Why does this exist?
Running standard Nix commands inside unprivileged Docker containers (which Gitea Actions uses by default) often results in friction. 
* Standard Ubuntu images require installing Nix on every run (which takes time) and lack default caching setups.
* Standard Nix images lack `nodejs`, causing basic CI tools like `actions/checkout` to crash.
* Nix inside standard Docker creates a `/homeless-shelter` artifact due to disabled namespaces, causing "purity" crashes on subsequent runs.

This project solves all of the above by baking everything into a single, clean base image.

## ✨ Features
* **Base:** Official `cachix/devenv:latest` (Nix and Devenv pre-installed, flakes enabled).
* **Actions Compatible:** Pre-loaded with `nodejs`, `bash`, and `jq` so standard GitHub/Gitea Actions execute flawlessly.
* **Privilege Escalation:** Configured with passwordless `sudo` for smooth CI execution.
* **Pre-cleaned:** The `/homeless-shelter` artifact is purged during the build, guaranteeing a pure Nix environment out-of-the-box.

## 🚀 Usage in your CI/CD

To use this image in your other Nix-based Gitea repositories, simply define it under the `container` key in your workflow file. 

You no longer need to use `install-nix-action` or install system dependencies manually.

```yaml
name: Build and Deploy
on: [push]

jobs:
  deploy:
    runs-on: ubuntu-latest
    
    # 1. Point the runner to use this custom image
    container:
      image: gitlab.julian-mutter.de/julian/nix-ci-runner:latest
      # Provide credentials if your registry is private
      credentials:
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
        
    steps:
      # Node.js is pre-installed, so standard actions work instantly
      - name: Checkout repository
        uses: actions/checkout@v4
      
      # Optional: Add caching (nix-community/cache-nix-action) here
      
      # 2. Run your Nix commands natively
      - name: Build Flake
        run: nix build .#default
```

## 🔄 Maintenance
This repository contains a scheduled Gitea Action that runs **every Sunday**. It automatically pulls the latest `devenv` base image, reinstalls the dependencies, and pushes a fresh `latest` tag to the registry. Your pipelines will always have up-to-date Nix packages without manual intervention.