Nix for better Dockerfile (hopefully)

Currently, my Dockerfile looks like this:

FROM debian:stable-slim as builder  # 30 MB only

RUN # install build deps

RUN # bring in the code, compile

FROM debian:stable-slim as runner

RUN # install runtime deps

COPY --from=builder /install-prefix /install-prefix

And believe it or not, I messed up a runtime dep

I was wondering if nix could help with this. I’m not troubled with the 100MB nixos/nix for the builder stage, but for runner, I’d like to keep as small as possible. I also use tini for the runner, so using systemd is out for that.

You can build really minimal images reproducibly with nix: NixOS - Nixpkgs 21.11 manual

It even allows some imperative RUN-like build steps.

Is that what you’re interested in? Or rather the contents of the image? Nix can help with both, but it can be a bit more difficult to build complex images with nix. I’d personally argue that’s an antipattern anyway, but some people like running whole init systems in there…

I’ve been wanting to reproduce this:

• GitHub - teamniteo/nix-docker-base: Nix Docker base images for fast and minimal builds.
• found via https://twitter.com/nzupan/status/1493704120435367938

…but I didn’t have time