Commit 54b6d19
2026-03-18 14:04:14
Changed files (5)
.gitignore
@@ -0,0 +1,2 @@
+result
+result-*
flake.lock
@@ -0,0 +1,95 @@
+{
+ "nodes": {
+ "flake-parts": {
+ "inputs": {
+ "nixpkgs-lib": "nixpkgs-lib"
+ },
+ "locked": {
+ "lastModified": 1772408722,
+ "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
+ "nix2container": {
+ "inputs": {
+ "nixpkgs": "nixpkgs"
+ },
+ "locked": {
+ "lastModified": 1767430085,
+ "narHash": "sha256-SiXJ6xv4pS2MDUqfj0/mmG746cGeJrMQGmoFgHLS25Y=",
+ "owner": "nlewo",
+ "repo": "nix2container",
+ "rev": "66f4b8a47e92aa744ec43acbb5e9185078983909",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nlewo",
+ "repo": "nix2container",
+ "type": "github"
+ }
+ },
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1767028467,
+ "narHash": "sha256-7G+2aXClSMaTY1ogpX14CAxjRsvyVzpE0GRwL71WO7g=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "1cabc318c11299f07ca53e3cb719854682fe6eb3",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs-lib": {
+ "locked": {
+ "lastModified": 1772328832,
+ "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=",
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "type": "github"
+ }
+ },
+ "nixpkgs_2": {
+ "locked": {
+ "lastModified": 1773705440,
+ "narHash": "sha256-xB30bbAp0e7ogSEYyc126mAJMt4FRFh8wtm6ADE1xuM=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "48652e9d5aea46e555b3df87354280d4f29cd3a3",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-25.11",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "root": {
+ "inputs": {
+ "flake-parts": "flake-parts",
+ "nix2container": "nix2container",
+ "nixpkgs": "nixpkgs_2"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
flake.nix
@@ -0,0 +1,129 @@
+{
+ inputs = {
+ nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
+ flake-parts.url = "github:hercules-ci/flake-parts";
+ nix2container.url = "github:nlewo/nix2container";
+ };
+
+ outputs = inputs @ {flake-parts, ...}:
+ flake-parts.lib.mkFlake {inherit inputs;} ({...}: {
+ debug = true;
+
+ systems = [
+ "x86_64-linux"
+ "aarch64-linux"
+ ];
+
+ perSystem = {
+ inputs',
+ lib,
+ pkgs,
+ system,
+ ...
+ }: let
+ nix2container = inputs'.nix2container.packages.nix2container;
+ mkEtc = pkgs.runCommand "nix-act-image-etc" {} ''
+ mkdir -p $out/etc
+ echo "root:x:0:0:System administrator:/root:/bin/bash" > \
+ $out/etc/passwd
+ echo "root:x:0:" > $out/etc/group
+
+ mkdir -p $out/etc/nix
+ echo "experimental-features = nix-command flakes" > $out/etc/nix/nix.conf
+ '';
+ mkTmp = pkgs.runCommand "nix-act-image-tmp" {} ''
+ mkdir -p $out/tmp
+ mkdir -p $out/var/tmp
+ '';
+ in {
+ packages.default = nix2container.buildImage {
+ name = "nix-act-image";
+ tag = "${lib.removeSuffix "-linux" system}-latest";
+ initializeNixDatabase = true;
+ copyToRoot = [
+ (pkgs.buildEnv {
+ name = "root";
+ paths = with pkgs; [
+ # Basic
+ bash
+ coreutils
+ mkEtc
+ nix
+ nodejs_24
+
+ # Network
+ aria2
+ cacert
+ curl
+ dnsutils
+ openssh
+ wget
+
+ # Git
+ gitMinimal
+ git-lfs
+
+ # Archive
+ gnutar
+ gzip
+ p7zip
+ unzip
+ xz
+ zip
+ zstd
+
+ # Build
+ autoconf
+ automake
+ gcc
+ gnumake
+ m4
+ patchelf
+
+ # Misc
+ binutils
+ file
+ findutils
+ gawk
+ gnugrep
+ gnupg
+ gnused
+ jq
+ parallel
+ python3
+ rsync
+ sqlite
+ sudo
+ tree
+ yq
+ ];
+ pathsToLink = ["/bin" "/etc"];
+ })
+ mkTmp
+ ];
+ perms = [
+ {
+ path = mkTmp;
+ regex = ".*";
+ mode = "1777";
+ }
+ ];
+ config = {
+ Entrypoint = ["/bin/bash"];
+ Env = [
+ "USER=root"
+ "HOME=/"
+ "PATH=/bin"
+ "NIX_PAGER=cat"
+ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+ ];
+ Labels = {
+ "org.opencontainers.image.source" = "https://codeberg.org/HPCesia/nix-act-image";
+ "org.opencontainers.image.description" = "A Nix based container for Forgejo Actions";
+ "org.opencontainers.image.licenses" = pkgs.lib.licenses.mit.spdxId;
+ };
+ };
+ };
+ };
+ });
+}
LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 HPCesia.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
README.md
@@ -0,0 +1,12 @@
+# Nix Action Image
+
+A Nix OCI image builder for Forgejo Actions.
+
+## Components
+
+- Nix (with flakes and nix-command enabled)
+- Most components in [catthehacker/docker_images](https://github.com/catthehacker/docker_images)
+
+## Usage
+
+This image use [nlewo/nix2container](https://github.com/nlewo/nix2container) to build OCI images from Nix expressions. You can use it to build and push images to a registry. Check it's documentation for more details.