├── .editorconfig ├── .github ├── FUNDING.yml └── workflows │ └── publish-flake-workflow.yaml ├── .gitignore ├── README.md ├── flake.lock ├── flake.nix ├── go ├── README.md ├── cmd │ └── web │ │ └── main.go ├── flake.lock ├── flake.nix ├── go.mod └── go.sum ├── hello ├── README.md ├── VERSION ├── flake.lock └── flake.nix └── script ├── README.md ├── entrypoint.sh ├── flake.lock └── flake.nix /.editorconfig: -------------------------------------------------------------------------------- 1 | # https://editorconfig.org 2 | root = true 3 | 4 | [*] 5 | indent_style = space 6 | indent_size = 2 7 | end_of_line = lf 8 | charset = utf-8 9 | trim_trailing_whitespace = true 10 | insert_final_newline = true 11 | 12 | [{*.lock,VERSION}] 13 | insert_final_newline = false 14 | -------------------------------------------------------------------------------- /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | github: [lucperkins] 2 | -------------------------------------------------------------------------------- /.github/workflows/publish-flake-workflow.yaml: -------------------------------------------------------------------------------- 1 | on: 2 | push: 3 | tags: 4 | - "v*.*.*" 5 | 6 | jobs: 7 | publish: 8 | runs-on: "ubuntu-latest" 9 | permissions: 10 | id-token: "write" 11 | contents: "read" 12 | steps: 13 | - uses: "actions/checkout@v3" 14 | - uses: "DeterminateSystems/nix-installer-action@main" 15 | - uses: "DeterminateSystems/flakehub-push@main" 16 | with: 17 | visibility: "public" 18 | 19 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | result -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Nix Docker examples 2 | 3 | [![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org) 4 | 5 | | Directory | Docker image contents | 6 | | :-------------------- | :------------------------------------------- | 7 | | [`go`](./go/) | A simple [Go] web service | 8 | | [`hello`](./hello/) | An image containing just the `hello` package | 9 | | [`script`](./script/) | An image wrapping a shell script | 10 | 11 | In each project, you can run the following to build and run the image: 12 | 13 | ```shell 14 | nix build . 15 | docker load < result 16 | docker run -t ${IMAGE_NAME}:${IMAGE_HASH} 17 | ``` 18 | 19 | The `IMAGE_NAME` and `IMAGE_HASH` need to match the specific example. 20 | 21 | > All examples use [Nix flakes][flakes]. 22 | 23 | [flakes]: https://nixos.wiki/wiki/Flakes 24 | [go]: https://golang.org 25 | -------------------------------------------------------------------------------- /flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-utils": { 4 | "locked": { 5 | "lastModified": 1659877975, 6 | "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", 7 | "owner": "numtide", 8 | "repo": "flake-utils", 9 | "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", 10 | "type": "github" 11 | }, 12 | "original": { 13 | "owner": "numtide", 14 | "repo": "flake-utils", 15 | "type": "github" 16 | } 17 | }, 18 | "flake-utils_2": { 19 | "locked": { 20 | "lastModified": 1656928814, 21 | "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", 22 | "owner": "numtide", 23 | "repo": "flake-utils", 24 | "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", 25 | "type": "github" 26 | }, 27 | "original": { 28 | "owner": "numtide", 29 | "repo": "flake-utils", 30 | "type": "github" 31 | } 32 | }, 33 | "flake-utils_3": { 34 | "locked": { 35 | "lastModified": 1656928814, 36 | "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", 37 | "owner": "numtide", 38 | "repo": "flake-utils", 39 | "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", 40 | "type": "github" 41 | }, 42 | "original": { 43 | "owner": "numtide", 44 | "repo": "flake-utils", 45 | "type": "github" 46 | } 47 | }, 48 | "gitignore": { 49 | "inputs": { 50 | "nixpkgs": [ 51 | "go", 52 | "nixpkgs" 53 | ] 54 | }, 55 | "locked": { 56 | "lastModified": 1660459072, 57 | "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", 58 | "owner": "hercules-ci", 59 | "repo": "gitignore.nix", 60 | "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", 61 | "type": "github" 62 | }, 63 | "original": { 64 | "owner": "hercules-ci", 65 | "repo": "gitignore.nix", 66 | "type": "github" 67 | } 68 | }, 69 | "go": { 70 | "inputs": { 71 | "flake-utils": "flake-utils", 72 | "gitignore": "gitignore", 73 | "nixpkgs": "nixpkgs" 74 | }, 75 | "locked": { 76 | "lastModified": 1, 77 | "narHash": "sha256-IMopK0mA67Vtz3gNxhgwKbfXjw7rBzjSObmilwG6wIQ=", 78 | "path": "./go", 79 | "type": "path" 80 | }, 81 | "original": { 82 | "path": "./go", 83 | "type": "path" 84 | } 85 | }, 86 | "hello": { 87 | "inputs": { 88 | "flake-utils": "flake-utils_2", 89 | "nixpkgs": "nixpkgs_2" 90 | }, 91 | "locked": { 92 | "lastModified": 1, 93 | "narHash": "sha256-H8wB8A1vHkZPqLJp8mb5p+lfmxxdnPKWZRdq6qAxQlk=", 94 | "path": "./hello", 95 | "type": "path" 96 | }, 97 | "original": { 98 | "path": "./hello", 99 | "type": "path" 100 | } 101 | }, 102 | "nixpkgs": { 103 | "locked": { 104 | "lastModified": 1661421329, 105 | "narHash": "sha256-5d/P/ydnirGBwu4ieyi4vIX42DYnlafgldtVoUBH8dc=", 106 | "owner": "NixOS", 107 | "repo": "nixpkgs", 108 | "rev": "4a179eac2c643cbab049937c5dd1d3b5bd769bb4", 109 | "type": "github" 110 | }, 111 | "original": { 112 | "owner": "NixOS", 113 | "repo": "nixpkgs", 114 | "type": "github" 115 | } 116 | }, 117 | "nixpkgs_2": { 118 | "locked": { 119 | "lastModified": 1657924121, 120 | "narHash": "sha256-eh9gBdv4svoOKkJoeGUxg3G/7RBtxVof81RY8JMHVm0=", 121 | "owner": "NixOS", 122 | "repo": "nixpkgs", 123 | "rev": "ed0e38f28d60055832397382c4ca471d2bc1b173", 124 | "type": "github" 125 | }, 126 | "original": { 127 | "owner": "NixOS", 128 | "repo": "nixpkgs", 129 | "type": "github" 130 | } 131 | }, 132 | "nixpkgs_3": { 133 | "locked": { 134 | "lastModified": 1657924121, 135 | "narHash": "sha256-eh9gBdv4svoOKkJoeGUxg3G/7RBtxVof81RY8JMHVm0=", 136 | "owner": "NixOS", 137 | "repo": "nixpkgs", 138 | "rev": "ed0e38f28d60055832397382c4ca471d2bc1b173", 139 | "type": "github" 140 | }, 141 | "original": { 142 | "owner": "NixOS", 143 | "repo": "nixpkgs", 144 | "type": "github" 145 | } 146 | }, 147 | "root": { 148 | "inputs": { 149 | "go": "go", 150 | "hello": "hello", 151 | "script": "script" 152 | } 153 | }, 154 | "script": { 155 | "inputs": { 156 | "flake-utils": "flake-utils_3", 157 | "nixpkgs": "nixpkgs_3" 158 | }, 159 | "locked": { 160 | "lastModified": 1, 161 | "narHash": "sha256-kOE5UUDQgQS6qp9x3iIVOi9VeHuBWtXMRTla33Xly8M=", 162 | "path": "./script", 163 | "type": "path" 164 | }, 165 | "original": { 166 | "path": "./script", 167 | "type": "path" 168 | } 169 | } 170 | }, 171 | "root": "root", 172 | "version": 7 173 | } 174 | -------------------------------------------------------------------------------- /flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "Nix Docker examples"; 3 | 4 | inputs = { 5 | go.url = "path:./go"; 6 | hello.url = "path:./hello"; 7 | script.url = "path:./script"; 8 | }; 9 | 10 | outputs = inputs: { 11 | inherit (inputs) go hello script; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /go/README.md: -------------------------------------------------------------------------------- 1 | # Go web service example 2 | 3 | Build the image using [Nix] and [load] the result into [Docker]: 4 | 5 | ```shell 6 | nix build 7 | docker load < result 8 | ``` 9 | 10 | To run the image: 11 | 12 | ```shell 13 | docker run -t -p 1111:1111 nix-docker-go-svc:v0.1.0 14 | ``` 15 | 16 | The web service has just one endpoint at `/hello`: 17 | 18 | ```shell 19 | curl http://localhost:1111 20 | ``` 21 | 22 | That should output `Welcome to Go inside Docker built with Nix!`. 23 | 24 | ## Build without checking out 25 | 26 | You can also build and run the image without having access to this code locally: 27 | 28 | ```shell 29 | nix build 'github:the-nix-way/nix-docker-examples?dir=go' 30 | docker load < result 31 | docker run -t -p 1111:1111 nix-docker-go-svc:v0.1.0 32 | curl http://localhost:1111/hello 33 | ``` 34 | 35 | [docker]: https://docker.com 36 | [load]: https://docs.docker.com/engine/reference/commandline/load 37 | [nix]: https://nixos.org 38 | -------------------------------------------------------------------------------- /go/cmd/web/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "net/http" 6 | "os" 7 | 8 | "github.com/gin-gonic/gin" 9 | ) 10 | 11 | func getPort() string { 12 | if os.Getenv("PORT") != "" { 13 | return os.Getenv("PORT") 14 | } else { 15 | return "1111" 16 | } 17 | } 18 | 19 | func main() { 20 | srv := gin.Default() 21 | 22 | addr := fmt.Sprintf(":%s", getPort()) 23 | 24 | srv.GET("/hello", func(c *gin.Context) { 25 | c.String(http.StatusOK, "Welcome to Go inside Docker built with Nix!") 26 | }) 27 | 28 | srv.Run(addr) 29 | } 30 | -------------------------------------------------------------------------------- /go/flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-utils": { 4 | "locked": { 5 | "lastModified": 1659877975, 6 | "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", 7 | "owner": "numtide", 8 | "repo": "flake-utils", 9 | "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", 10 | "type": "github" 11 | }, 12 | "original": { 13 | "owner": "numtide", 14 | "repo": "flake-utils", 15 | "type": "github" 16 | } 17 | }, 18 | "gitignore": { 19 | "inputs": { 20 | "nixpkgs": [ 21 | "nixpkgs" 22 | ] 23 | }, 24 | "locked": { 25 | "lastModified": 1660459072, 26 | "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", 27 | "owner": "hercules-ci", 28 | "repo": "gitignore.nix", 29 | "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", 30 | "type": "github" 31 | }, 32 | "original": { 33 | "owner": "hercules-ci", 34 | "repo": "gitignore.nix", 35 | "type": "github" 36 | } 37 | }, 38 | "nixpkgs": { 39 | "locked": { 40 | "lastModified": 1661421329, 41 | "narHash": "sha256-5d/P/ydnirGBwu4ieyi4vIX42DYnlafgldtVoUBH8dc=", 42 | "owner": "NixOS", 43 | "repo": "nixpkgs", 44 | "rev": "4a179eac2c643cbab049937c5dd1d3b5bd769bb4", 45 | "type": "github" 46 | }, 47 | "original": { 48 | "owner": "NixOS", 49 | "repo": "nixpkgs", 50 | "type": "github" 51 | } 52 | }, 53 | "root": { 54 | "inputs": { 55 | "flake-utils": "flake-utils", 56 | "gitignore": "gitignore", 57 | "nixpkgs": "nixpkgs" 58 | } 59 | } 60 | }, 61 | "root": "root", 62 | "version": 7 63 | } 64 | -------------------------------------------------------------------------------- /go/flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "Go web service"; 3 | 4 | inputs = { 5 | nixpkgs.url = "github:NixOS/nixpkgs"; 6 | flake-utils.url = "github:numtide/flake-utils"; 7 | gitignore = { 8 | url = "github:hercules-ci/gitignore.nix"; 9 | inputs.nixpkgs.follows = "nixpkgs"; 10 | }; 11 | }; 12 | 13 | outputs = { self, nixpkgs, flake-utils, gitignore }: 14 | let 15 | target = { 16 | os = "linux"; 17 | arch = "arm64"; 18 | }; 19 | 20 | buildLinuxOverlay = self: super: { 21 | buildGoModule = super.buildGoModule.override { 22 | go = super.go_1_18 // { 23 | CGO_ENABLED = 0; 24 | GOOS = target.os; 25 | GOARCH = target.arch; 26 | }; 27 | }; 28 | }; 29 | 30 | inherit (gitignore.lib) gitignoreSource; 31 | in 32 | flake-utils.lib.eachDefaultSystem (system: 33 | let 34 | # Use system-specific Nixpkgs to build everything 35 | pkgs = import nixpkgs { 36 | inherit system; 37 | overlays = [ buildLinuxOverlay ]; 38 | }; 39 | 40 | inherit (pkgs) buildEnv buildGoModule; 41 | inherit (pkgs.dockerTools) buildImage; 42 | 43 | # The Go web service package 44 | goService = buildGoModule { 45 | name = "go-svc"; 46 | src = gitignoreSource ./.; 47 | vendorSha256 = "sha256-fwJTg/HqDAI12mF1u/BlnG52yaAlaIMzsILDDZuETrI="; 48 | subPackages = [ "cmd/web" ]; 49 | }; 50 | 51 | run = "${goService}/bin/${target.os}_${target.arch}/web"; 52 | in 53 | { 54 | packages.default = buildImage { 55 | name = "nix-docker-go-svc"; 56 | tag = "v0.1.0"; 57 | 58 | config = { 59 | Entrypoint = [ run ]; 60 | ExposedPorts."1111/tcp" = { }; 61 | }; 62 | }; 63 | }); 64 | } 65 | -------------------------------------------------------------------------------- /go/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/the-nix-way/nix-docker-examples/go 2 | 3 | go 1.18 4 | 5 | require github.com/gin-gonic/gin v1.8.1 6 | 7 | require ( 8 | github.com/gin-contrib/sse v0.1.0 // indirect 9 | github.com/go-playground/locales v0.14.0 // indirect 10 | github.com/go-playground/universal-translator v0.18.0 // indirect 11 | github.com/go-playground/validator/v10 v10.10.0 // indirect 12 | github.com/goccy/go-json v0.9.7 // indirect 13 | github.com/json-iterator/go v1.1.12 // indirect 14 | github.com/leodido/go-urn v1.2.1 // indirect 15 | github.com/mattn/go-isatty v0.0.14 // indirect 16 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect 17 | github.com/modern-go/reflect2 v1.0.2 // indirect 18 | github.com/pelletier/go-toml/v2 v2.0.1 // indirect 19 | github.com/ugorji/go/codec v1.2.7 // indirect 20 | golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect 21 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 // indirect 22 | golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069 // indirect 23 | golang.org/x/text v0.3.6 // indirect 24 | google.golang.org/protobuf v1.28.0 // indirect 25 | gopkg.in/yaml.v2 v2.4.0 // indirect 26 | ) 27 | -------------------------------------------------------------------------------- /go/go.sum: -------------------------------------------------------------------------------- 1 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= 2 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 3 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 4 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 5 | github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= 6 | github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= 7 | github.com/gin-gonic/gin v1.8.1 h1:4+fr/el88TOO3ewCmQr8cx/CtZ/umlIRIs5M4NTNjf8= 8 | github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR9tTTk= 9 | github.com/go-playground/assert/v2 v2.0.1 h1:MsBgLAaY856+nPRTKrp3/OZK38U/wa0CcBYNjji3q3A= 10 | github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= 11 | github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU= 12 | github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= 13 | github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho= 14 | github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= 15 | github.com/go-playground/validator/v10 v10.10.0 h1:I7mrTYv78z8k8VXa/qJlOlEXn/nBh+BF8dHX5nt/dr0= 16 | github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= 17 | github.com/goccy/go-json v0.9.7 h1:IcB+Aqpx/iMHu5Yooh7jEzJk1JZ7Pjtmys2ukPr7EeM= 18 | github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= 19 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= 20 | github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= 21 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 22 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= 23 | github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= 24 | github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= 25 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 26 | github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= 27 | github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= 28 | github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= 29 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 30 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 31 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= 32 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= 33 | github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= 34 | github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= 35 | github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= 36 | github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= 37 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc= 38 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 39 | github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= 40 | github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= 41 | github.com/pelletier/go-toml/v2 v2.0.1 h1:8e3L2cCQzLFi2CR4g7vGFuFxX7Jl1kKX8gW+iV0GUKU= 42 | github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= 43 | github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= 44 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 45 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 46 | github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= 47 | github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= 48 | github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= 49 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 50 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 51 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 52 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 53 | github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= 54 | github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 55 | github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= 56 | github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0= 57 | github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= 58 | golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 h1:/UOmuWzQfxxo9UtlXMwuQU8CMgg1eZXqTRwkSQJWKOI= 59 | golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= 60 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= 61 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= 62 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 63 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 64 | golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 65 | golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069 h1:siQdpVirKtzPhKl3lZWozZraCFObP8S1v6PRp0bLrtU= 66 | golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 67 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 68 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 69 | golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= 70 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 71 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 72 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= 73 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 74 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= 75 | google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= 76 | google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= 77 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 78 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 79 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= 80 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= 81 | gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= 82 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= 83 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= 84 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 85 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= 86 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 87 | -------------------------------------------------------------------------------- /hello/README.md: -------------------------------------------------------------------------------- 1 | # Hello example 2 | 3 | Build the image using [Nix] and [load] the result into [Docker]: 4 | 5 | ```shell 6 | nix build 7 | docker load < result 8 | ``` 9 | 10 | To run the image: 11 | 12 | ```shell 13 | alias hello='docker run -t nix-docker-hello:v0.1.0' 14 | 15 | hello 16 | ``` 17 | 18 | That should output `Hello, world!`. You can also pass args: 19 | 20 | ```shell 21 | hello --traditional 22 | # hello, world 23 | 24 | hello --greeting "Herzlich willkommen\!" 25 | # Herzlich willkommen! 26 | ``` 27 | 28 | ## Build without checking out 29 | 30 | You can also build and run the image without having access to this code locally: 31 | 32 | ```shell 33 | nix build 'github:the-nix-way/nix-docker-examples?dir=hello' 34 | docker load < result 35 | docker run -t nix-docker-hello:v0.1.0 36 | ``` 37 | 38 | [docker]: https://docker.com 39 | [load]: https://docs.docker.com/engine/reference/commandline/load 40 | [nix]: https://nixos.org 41 | -------------------------------------------------------------------------------- /hello/VERSION: -------------------------------------------------------------------------------- 1 | 0.1.0 -------------------------------------------------------------------------------- /hello/flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-utils": { 4 | "locked": { 5 | "lastModified": 1656928814, 6 | "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", 7 | "owner": "numtide", 8 | "repo": "flake-utils", 9 | "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", 10 | "type": "github" 11 | }, 12 | "original": { 13 | "owner": "numtide", 14 | "repo": "flake-utils", 15 | "type": "github" 16 | } 17 | }, 18 | "nixpkgs": { 19 | "locked": { 20 | "lastModified": 1657924121, 21 | "narHash": "sha256-eh9gBdv4svoOKkJoeGUxg3G/7RBtxVof81RY8JMHVm0=", 22 | "owner": "NixOS", 23 | "repo": "nixpkgs", 24 | "rev": "ed0e38f28d60055832397382c4ca471d2bc1b173", 25 | "type": "github" 26 | }, 27 | "original": { 28 | "owner": "NixOS", 29 | "repo": "nixpkgs", 30 | "type": "github" 31 | } 32 | }, 33 | "root": { 34 | "inputs": { 35 | "flake-utils": "flake-utils", 36 | "nixpkgs": "nixpkgs" 37 | } 38 | } 39 | }, 40 | "root": "root", 41 | "version": 7 42 | } 43 | -------------------------------------------------------------------------------- /hello/flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "A single-package Docker image built by Nix"; 3 | 4 | inputs = { 5 | nixpkgs.url = "github:NixOS/nixpkgs"; 6 | flake-utils.url = "github:numtide/flake-utils"; 7 | }; 8 | 9 | outputs = { self, nixpkgs, flake-utils }: 10 | flake-utils.lib.eachDefaultSystem (system: 11 | let 12 | # Nixpkgs for the current system (used to build the image) 13 | pkgs = import nixpkgs { inherit system; }; 14 | inherit (pkgs.dockerTools) buildImage; 15 | 16 | # Linux-specific Nixpkgs (used for the actual contents of the image) 17 | pkgsLinux = import nixpkgs { system = "x86_64-linux"; }; 18 | 19 | # Get the image version from an external file 20 | version = builtins.readFile ./VERSION; 21 | in 22 | { 23 | packages.default = buildImage { 24 | # This metadata names the image nix-docker-hello:v0.1.0 25 | name = "nix-docker-hello"; 26 | tag = "v${version}"; 27 | 28 | # Final image configuration 29 | config.Entrypoint = [ "${pkgsLinux.hello}/bin/hello" ]; 30 | }; 31 | }); 32 | } 33 | -------------------------------------------------------------------------------- /script/README.md: -------------------------------------------------------------------------------- 1 | # Script example 2 | 3 | Build the image using [Nix] and [load] the result into [Docker]: 4 | 5 | ```shell 6 | nix build 7 | docker load < result 8 | ``` 9 | 10 | Now run the image: 11 | 12 | ```shell 13 | docker run -t nix-docker-script:v0.1.0 foo bar baz 14 | ``` 15 | 16 | The output should be something like this: 17 | 18 | ``` 19 | Hello! Here's some information about this image: 20 | 21 | { 22 | built-by: aarch64-darwin, 23 | built-for: x86_64-linux, 24 | shell: /bin/bash, 25 | base-image: shell-plus-coreutils 26 | args-passed: "foo bar baz" 27 | } 28 | ``` 29 | 30 | The `built-by` field may change if you're using a different platform. 31 | 32 | ## Build without checking out 33 | 34 | You can also build and run the image without having access to this code locally: 35 | 36 | ```shell 37 | nix build 'github:the-nix-way/nix-docker-examples?dir=script' 38 | docker load < result 39 | docker run -t nix-docker-script:v0.1.0 40 | ``` 41 | 42 | [docker]: https://docker.com 43 | [load]: https://docs.docker.com/engine/reference/commandline/load 44 | [nix]: https://nixos.org 45 | -------------------------------------------------------------------------------- /script/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!@shell@ 2 | 3 | ARGS=${@:-none} 4 | 5 | cat << EOM 6 | Hello! Here's some information about this image: 7 | 8 | { 9 | built-by: @system@, 10 | built-for: @targetSystem@, 11 | shell: @shell@, 12 | base-image: @baseImageName@ 13 | args-passed: ${ARGS} 14 | } 15 | EOM 16 | -------------------------------------------------------------------------------- /script/flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-utils": { 4 | "locked": { 5 | "lastModified": 1656928814, 6 | "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", 7 | "owner": "numtide", 8 | "repo": "flake-utils", 9 | "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", 10 | "type": "github" 11 | }, 12 | "original": { 13 | "owner": "numtide", 14 | "repo": "flake-utils", 15 | "type": "github" 16 | } 17 | }, 18 | "nixpkgs": { 19 | "locked": { 20 | "lastModified": 1657924121, 21 | "narHash": "sha256-eh9gBdv4svoOKkJoeGUxg3G/7RBtxVof81RY8JMHVm0=", 22 | "owner": "NixOS", 23 | "repo": "nixpkgs", 24 | "rev": "ed0e38f28d60055832397382c4ca471d2bc1b173", 25 | "type": "github" 26 | }, 27 | "original": { 28 | "owner": "NixOS", 29 | "repo": "nixpkgs", 30 | "type": "github" 31 | } 32 | }, 33 | "root": { 34 | "inputs": { 35 | "flake-utils": "flake-utils", 36 | "nixpkgs": "nixpkgs" 37 | } 38 | } 39 | }, 40 | "root": "root", 41 | "version": 7 42 | } 43 | -------------------------------------------------------------------------------- /script/flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "A Docker image wrapping a shell script"; 3 | 4 | inputs = { 5 | nixpkgs.url = "github:NixOS/nixpkgs"; 6 | flake-utils.url = "github:numtide/flake-utils"; 7 | }; 8 | 9 | outputs = { self, nixpkgs, flake-utils }: 10 | flake-utils.lib.eachDefaultSystem (system: 11 | let 12 | # Nixpkgs for the build system 13 | pkgs = import nixpkgs { inherit system; }; 14 | inherit (pkgs) buildEnv substituteAll writeScriptBin; 15 | inherit (pkgs.dockerTools) buildImage; 16 | 17 | # Nixpkgs for the target system 18 | targetSystem = "x86_64-linux"; 19 | pkgsLinux = import nixpkgs { system = targetSystem; }; 20 | 21 | # The default shell for x86_64-linux 22 | shell = pkgsLinux.runtimeShellPackage; 23 | 24 | # A base image with just a shell and coreutils. Doesn't require a tag. 25 | baseImage = buildImage { 26 | name = "shell-plus-coreutils"; 27 | copyToRoot = [ shell pkgsLinux.coreutils ]; 28 | }; 29 | 30 | # The script that our Docker image will wrap. The string substitutions via the 31 | # `substituteAll` function pass attributes into the script. 32 | scriptFile = "entrypoint.sh"; 33 | 34 | script = builtins.readFile (substituteAll { 35 | src = ./${scriptFile}; 36 | inherit system targetSystem; 37 | baseImageName = baseImage.imageName; 38 | shell = shell.shellPath; 39 | }); 40 | 41 | # Our script converted to a package 42 | entrypoint = writeScriptBin scriptFile script; 43 | in 44 | { 45 | packages.default = buildImage { 46 | name = "nix-docker-script"; 47 | tag = "v0.1.0"; 48 | fromImage = baseImage; 49 | 50 | copyToRoot = buildEnv { 51 | name = "script-image-env"; 52 | paths = [ entrypoint ]; 53 | }; 54 | 55 | runAsRoot = ""; 56 | 57 | # Final image configuration 58 | config.Entrypoint = [ scriptFile ]; 59 | }; 60 | }); 61 | } 62 | --------------------------------------------------------------------------------