From 89b334168a2eef3b3480ffc262dd8d99b757c681 Mon Sep 17 00:00:00 2001
From: James Andariese <james@strudelline.net>
Date: Sat, 3 Aug 2024 19:48:21 -0500
Subject: [PATCH] first nixified version

---
 .github/workflows/build.yaml  | 27 ++++++++++++++++
 .github/workflows/update.yaml | 24 ++++++++++++++
 .gitignore                    |  6 ++++
 docker.nix                    | 20 ++++++++++++
 flake.lock                    | 61 +++++++++++++++++++++++++++++++++++
 flake.nix                     | 37 +++++++++++++++++++++
 6 files changed, 175 insertions(+)
 create mode 100644 .github/workflows/build.yaml
 create mode 100644 .github/workflows/update.yaml
 create mode 100644 .gitignore
 create mode 100644 docker.nix
 create mode 100644 flake.lock
 create mode 100644 flake.nix

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
new file mode 100644
index 0000000..e38fe6d
--- /dev/null
+++ b/.github/workflows/build.yaml
@@ -0,0 +1,27 @@
+name: Build and push nixos-based docker container
+on: [push]
+
+env:
+  REGISTRY: git.strudelline.net
+  PACKAGE: cascade/docker-node-red
+  REGISTRY_AUTH_FILE: ./registry-auth.json
+
+jobs:
+  build:
+    runs-on: nix
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+      - run: |-
+          set -x
+
+          skopeo login --username ${{ secrets.DOCKER_USER }} --password ${{ secrets.DOCKER_PASSWORD }} "$REGISTRY"
+
+          ( # echo tags into the image uploader's read loop
+            echo "sha-$(echo "$GITHUB_SHA" | cut -c 1-8)"
+            echo "$GITHUB_REF_NAME-$(date +%Y%m%d-%H%M%S)"
+          ) | while read -r TAG;do
+            nix run .#upload-image "docker://$REGISTRY/$PACKAGE:$TAG"
+          done
diff --git a/.github/workflows/update.yaml b/.github/workflows/update.yaml
new file mode 100644
index 0000000..2b13044
--- /dev/null
+++ b/.github/workflows/update.yaml
@@ -0,0 +1,24 @@
+name: Update flake lock
+on:
+  schedule:
+  - cron: '47 3 * * *'
+
+jobs:
+  build:
+    runs-on: nix
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.ADMIN_ACTIONS_TOKEN }}
+          fetch-depth: 0
+      - run: |-
+          git config --local --add user.email localadmin@strudelline.net
+          git config --local --add user.name 'Admin Actions'
+          git pull
+          nix flake update
+          if ! git commit -m "Flake updates for $(date)" -a;then
+            echo "no updates to commit"
+            exit 0
+          fi
+          git push
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7fff33d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+.*
+!.git?*
+
+*~
+\#*#
+result
diff --git a/docker.nix b/docker.nix
new file mode 100644
index 0000000..b74bd14
--- /dev/null
+++ b/docker.nix
@@ -0,0 +1,20 @@
+{ config, pkgs, ...}:
+
+let
+name = "node-red";
+entrypoint = pkgs.writeShellApplication {
+  name = "entrypoint";
+
+  runtimeInputs = with pkgs; with nodePackages; [
+    node-red
+    #ungoogled-chromium
+  ];
+
+  text = ''
+    node-red
+  '';
+};
+in pkgs.dockerTools.streamLayeredImage {
+      inherit name;
+      config.Cmd = [ "${entrypoint}/bin/entrypoint" ];
+}
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..f9a0884
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,61 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1722421184,
+        "narHash": "sha256-/DJBI6trCeVnasdjUo9pbnodCLZcFqnVZiLUfqLH4jA=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "9f918d616c5321ad374ae6cb5ea89c9e04bf3e58",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable-small",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..1c766b7
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,37 @@
+{
+  description = "docker builder for cascade's node-red";
+
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs = { self, nixpkgs, flake-utils }: flake-utils.lib.eachDefaultSystem (system:
+    let
+    lib = nixpkgs.lib;
+    pkgs = nixpkgs.legacyPackages.${system};
+    streamImage = pkgs.callPackage (import ./docker.nix) {};
+    in
+  {
+
+    packages.upload-image = pkgs.writeScriptBin "upload" ''
+      ${streamImage} | ${pkgs.skopeo}/bin/skopeo copy docker-archive:/dev/stdin "$@"
+    '';
+
+    packages.stream-image = pkgs.writeScriptBin "stream" ''
+      ${streamImage}
+    '';
+
+    packages.default = pkgs.writeScriptBin "help" ''
+      echo ${lib.escapeShellArg ''
+        nixos-based docker node-red image builder
+
+        usage:
+
+        nix run .#stream-image | docker load
+        nix run .#upload-image docker://registry.where/it/goes:its4tag
+        ''}
+
+    '';
+  });
+}