initial nix based docker images

2026-06-03 17:14:08 +02:00 · 2025-06-07 18:24:39 +02:00 · 2025-06-07 18:24:39 +02:00 · 06bf3b4b62
commit 06bf3b4b62
parent 4972a889eb
72 changed files with 472 additions and 789 deletions
--- a/nix/image/haze.nix
+++ b/nix/image/haze.nix
@ -0,0 +1,127 @@
+{
+  lib,
+  dockerTools,
+  php,
+  bash,
+  nginx,
+  blackfire,
+  coreutils,
+  getent,
+  shadow,
+  buildEnv,
+  runCommand,
+  cacert,
+  callPackage,
+  cronie,
+  redis,
+  gnused,
+  samba,
+  wget,
+  git,
+  procps,
+  gnugrep,
+  minio-client,
+  neovim,
+  helix,
+  debug ? false,
+  writeShellApplication,
+}: let
+  inherit (lib) readFile getExe;
+
+  phpVersion = lib.concatStringsSep "." (lib.take 2 (lib.splitString "." php.version));
+  phpEnv = callPackage ./php.nix {inherit debug php;};
+
+  bootstrap-nginx = writeShellApplication {
+    name = "bootstrap-nginx";
+    text = readFile ./bootstrap-nginx.sh;
+  };
+  bootstrap = writeShellApplication {
+    name = "bootstrap";
+    runtimeInputs = [getent];
+    text = readFile ./bootstrap.sh;
+  };
+
+  tmpDir = runCommand "tmp-dir" {} ''
+    mkdir -p $out/tmp
+    mkdir -p $out/var/cache/nginx
+    mkdir -p $out/var/log/nginx
+    mkdir -p $out/var/log/cron
+    mkdir -p $out/var/www/html
+    mkdir -p $out/var/run
+    mkdir -p $out/var/tmp
+    mkdir -p $out/run
+    mkdir -p $out/conf
+    mkdir -p $out/var/spool
+  '';
+  configs = callPackage ./configs.nix {};
+  scripts = callPackage ./scripts.nix {};
+  redis-certificates = runCommand "scripts" {} ''
+    mkdir -p $out
+    cp -r ${../../redis-certificates} $out/redis-certificates
+  '';
+
+  baseImage = dockerTools.buildImage {
+    name = "icewind1991/haze-base";
+    tag = phpVersion;
+
+    copyToRoot = [
+      cacert
+      dockerTools.usrBinEnv
+      dockerTools.fakeNss
+      bash
+      blackfire
+      nginx
+      coreutils
+      shadow
+      cronie
+      redis
+      gnused
+      procps
+      gnugrep
+      minio-client
+      # samba
+      wget
+      neovim
+      helix
+    ];
+  };
+
+  phpImage = dockerTools.buildImage {
+    name = "icewind1991/haze-php";
+    tag = phpVersion;
+    fromImage = baseImage;
+
+    copyToRoot = [
+      phpEnv
+      phpEnv.packages.composer
+    ];
+  };
+in
+  dockerTools.buildLayeredImage {
+    name = "icewind1991/haze";
+    tag = phpVersion;
+    maxLayers = 5;
+    fromImage = phpImage;
+    contents = [
+      tmpDir
+      bootstrap-nginx
+      bootstrap
+      configs
+      scripts
+      redis-certificates
+    ];
+    fakeRootCommands = ''
+      chmod 1777 tmp
+      chmod 1777 var/tmp
+      chmod 1777 var/run
+      chmod 1777 var/log/nginx
+      chmod 1777 var/cache/nginx
+      chmod 1777 var/spool
+      chmod -R 0755 etc/nc
+    '';
+    config = {
+      Cmd = [(getExe bootstrap) ./nginx.conf ./php-fpm.conf];
+      Env = ["EDITOR=hx" "WEBROOT=/var/www/html"];
+      WorkingDir = "/var/www/html";
+    };
+  }