EACCESS issues with Docker image made with dockerTools.buildLayeredImage

I’m running a nextjs server in an ecs task, which is running docker. It seems I’m unable to write and read anything to the docker runtime.

The error from nextjs I keep getting is

Failed to update prerender cache for /default [Error: EACCES: permission denied, open '/nix/store/brzc1yvkrvgbmggc3q178ckcfyjjn7z5-my-project-1.0.0/.next/server/pages/default.html'] {

the code is

   dockerTools.buildLayeredImage {
      name = "my-project";
      tag = "latest";
      created = "now";
      enableFakechroot = true;
      fakeRootCommands = ''
        mkdir -m 0777 /tmp
        chmod -R +rw /tmp
        chown -R 1000:1000 /tmp
        chmod -R +rw /nix
        chown -R 1000:1000 /nix
      config.Env = [
      config = {
        User = "1000";
        Cmd = [ "${my-package}/bin/start" ];
        ExposedPorts = {
          "3000" = {};

Any hacky workaround I’d welcome. I think on runtime, in my opinion since it’s running on ephemeral ecs volume, that /nix is writeable. But if there’s a better/cleaner solution, I’ll take that too :slight_smile:


Found a nextjs specific workaround by passing to next.config.js

distDir: process.env.NEXT_DIST_DIR || “.next”,

where NEXT_DIST_DIR is /tmp/.next which is copied from nix store, and nix store in a hacky way symlinks to it, because nextjs disallows using folders that are not under the project root.