X3HISPCS4DYF7L5FA6WA2L2SJNO2FAALGFYFLFUQNPNQQENX3CVAC # This file looks very similar to what official packages in nixpkgs look like{ stdenv, cmake, pkgconfig, curl}:stdenv.mkDerivation rec {name = "wttr-delft";src = builtins.path { path = ../src; name = name; };# Build-time dependencies# Since we include CMake, Nix will automatically do all the right things:# We don't need a custom 'buildPhase' or 'installPhase' anymore.nativeBuildInputs = [ cmake pkgconfig ];# DependenciesbuildInputs = [ curl.dev ];# Strict separation of# nativeBuildInputs (needed at build time only) and# buildInputs (needed at runtime as well)strictDeps = true;}
{ pkgs }:letregistriesConf = pkgs.writeText "registries.conf" ''[registries.search]registries = ['docker.io'][registries.block]registries = []'';storageConf = pkgs.writeText "storage.conf" ''[storage]driver = "overlay"# rootless_storage_path="$XDG_DATA_HOME/containers/storage"'';in pkgs.writeShellScript "podman-setup" ''# Dont overwrite customised configurationif ! test -f ~/.config/containers/policy.json; thenecho "Installing missing ~/.config/containers/policy.json"install -Dm644 ${pkgs.skopeo.src}/default-policy.json ~/.config/containers/policy.jsonfiif ! test -f ~/.config/containers/registries.conf; thenecho "Installing missing ~/.config/containers/registries.conf"install -Dm644 ${registriesConf} ~/.config/containers/registries.conffiif ! test -f ~/.config/containers/storage.conf; thenecho "Installing missing ~/.config/containers/storage.conf"install -Dm644 ${storageConf} ~/.config/containers/storage.conffiif ! grep -q "^''${USER}:" /etc/subuid; thenecho "No subuid range defined for user, consider running 'sudo usermod --add-subuids 10000-75535 ''${USER}' to allow rootless podman to work"fi''
{ pkgs }:# Development shell for interacting with containers# Based on https://gist.github.com/adisbladis/187204cb772800489ee3dac4acdd9947let# Provides a script that copies/creates files that are required for rootless podmanpodmanSetupScript = import ./podman-setup-script.nix { inherit pkgs; };# Provides a fake "docker" binary mapping to podmandockerCompat = pkgs.runCommandNoCC "docker-podman-compat" {} ''mkdir -p $out/binln -s ${pkgs.podman}/bin/podman $out/bin/docker'';in pkgs.mkShell {name = "podman";buildInputs = with pkgs; [podman # Manage pods, containers and imagesrunc # Container runtimeconmon # Container runtime monitorskopeo # Interact with container registryslirp4netns # User-mode networking for unprivileged namespacesfuse-overlayfs # CoW for images, much faster than default vfsdockerCompat # Aliases for docker / podman];shellHook = ''# Install configuration required for rootless podman${podmanSetupScript}'';}
{description = "Simple flake for simple libcurl example";inputs = {flake-utils.url = "github:numtide/flake-utils";nixpkgs.url = "github:NixOS/nixpkgs";};outputs = { self, nixpkgs, flake-utils }:flake-utils.lib.eachDefaultSystem (system:letpkgs = import nixpkgs {inherit system;overlays = [(final: prev: {wttr-delft = prev.callPackage ./wttr-delft.nix {};})];};# We copy only the static binary to avoid pulling in any unwanted dependencieswttr-delft-only-binary = pkgs.runCommand "wttr-delft-only-binary" {} ''mkdir $outcp ${pkgs.pkgsCross.musl64.pkgsStatic.wttr-delft}/bin/wttr-delft $out'';# Docker image containing only the wttr-delft static binarywttr-delft-container = pkgs.dockerTools.buildImage {name = "wttr-delft";tag = "nix";# created = "now";config = {Cmd = [ "${wttr-delft-only-binary}/wttr-delft" ];Env = [ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];};};in{packages.default = wttr-delft-container;devShells.default = import ./podman-devshell.nix { inherit pkgs; };});}
{"nodes": {"flake-utils": {"locked": {"lastModified": 1678901627,"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=","owner": "numtide","repo": "flake-utils","rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6","type": "github"},"original": {"owner": "numtide","repo": "flake-utils","type": "github"}},"nixpkgs": {"locked": {"lastModified": 1679396235,"narHash": "sha256-RjmNVFuZQ2e6u35B98JcY9IzVDtZb3d4QcbtfLtNWkE=","owner": "NixOS","repo": "nixpkgs","rev": "008ce261a7e3c532e792cb8e39482f2cc1b192f5","type": "github"},"original": {"owner": "NixOS","repo": "nixpkgs","type": "github"}},"root": {"inputs": {"flake-utils": "flake-utils","nixpkgs": "nixpkgs"}}},"root": "root","version": 7}
#!/usr/bin/env bash# shellcheck disable=SC1010,SC2288set -Eeuo pipefaildir="$(dirname "${BASH_SOURCE[0]}")"source "${dir}/../libdemo/libdemo.sh"h Putting wttr-delft into a container as a small static binary, We now combine our knowledge of making OCI containers with our knowledge of making static binariesx pygmentize "${dir}/flake.nix"h We now choose the \'container\' package we defined:x nix build "${dir}" -Lx ls -lhH "${dir}/result"x nix develop "${dir}" --command "${dir}/demo-inside-nix-develop.sh"
#!/usr/bin/env bash# shellcheck disable=SC2288set -Eeuo pipefaildir="$(dirname "${BASH_SOURCE[0]}")"source "${dir}/../libdemo/libdemo.sh"h Now we are inside a development shell that has rootless podman again.h So we start by loading the container we just made into the registry:x docker load -i "${dir}/result"h We can see it\'s there:x "docker image ls | grep 'wttr-delft\|^REPOSITORY'"h And now we can run it:x docker run -it localhost/wttr-delft:nixh The image is very minimal, e.g. there is no interactive shell:f podman run --entrypoint sh -it localhost/wttr-delft:nixh We have running containers:x "podman ps --all --storage | grep 'wttr-delft\|^CONTAINER ID'"h Let\'s kill them and remove them:x "podman ps --all --storage | tail -n +2 | grep wttr-delft | awk '{print \$1}' | xargs podman rm"x "podman image ls | tail -n +2 | grep wttr-delft | awk '{print \$3}' | xargs podman image rm -f"