1511f01351
- Use the latest Nix version 1.11.14. - Attempts to download the Nix installation tarball from http://nixos.org redirect to https these days, which wget doesn't support unless OpenSSL is available. - Use addgroup and adduser commands to create the Nix build users. - Link the Nix profile script into /etc/profile.d, where it's run automatically. - Dropped installation of bash and tar. Neither tool is essential for running Nix. Use the command "docker build -t nix . && docker run -it --rm nix sh -" to build and run the Nix docker container.
26 lines
1.1 KiB
Docker
26 lines
1.1 KiB
Docker
FROM alpine
|
|
|
|
# Enable HTTPS support in wget.
|
|
RUN apk add --update openssl
|
|
|
|
# Download Nix and install it into the system.
|
|
RUN wget -O- https://nixos.org/releases/nix/nix-1.11.14/nix-1.11.14-x86_64-linux.tar.bz2 | bzcat - | tar xf - \
|
|
&& addgroup -g 30000 -S nixbld \
|
|
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
|
|
&& mkdir -m 0755 /nix && USER=root sh nix-*-x86_64-linux/install \
|
|
&& ln -s /root/.nix-profile/etc/profile.d/nix.sh /etc/profile.d/ \
|
|
&& rm -r /nix-*-x86_64-linux \
|
|
&& rm -r /var/cache/apk/*
|
|
|
|
ONBUILD ENV \
|
|
ENV=/etc/profile \
|
|
PATH=/root/.nix-profile/bin:/root/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin \
|
|
GIT_SSL_CAINFO=/root/.nix-profile/etc/ssl/certs/ca-bundle.crt \
|
|
NIX_SSL_CERT_FILE=/root/.nix-profile/etc/ssl/certs/ca-bundle.crt
|
|
|
|
ENV \
|
|
ENV=/etc/profile \
|
|
PATH=/root/.nix-profile/bin:/root/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin \
|
|
GIT_SSL_CAINFO=/root/.nix-profile/etc/ssl/certs/ca-bundle.crt \
|
|
NIX_SSL_CERT_FILE=/root/.nix-profile/etc/ssl/certs/ca-bundle.crt \
|
|
NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/
|