Say that I’m building containers using a services.nix
like so:
let
config = import ./config.nix;
pkgs = config.pkgs;
postgres = import ./services/postgres.nix;
searx = import ./services/searx.nix;
in rec {
serviceimages = pkgs.writeText "images.ini" ''
[containers]
postgres=${postgres(pkgs)}
searx=${searx(pkgs)}
'';
}
with config.nix
just containing the version hash (yes I know I’m out of date, I’m getting to it!)
# nixos-23.05
pkgs = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/fcc147b1e9358a8386b2c4368bd928e1f63a7df2.tar.gz") {};
The actual service nix
files look like the following:
{ pkgs, ... }:
with pkgs;
let
entryPoint = writeShellScriptBin "entrypoint.sh" ''
#!/bin/sh
set -Eeuo pipefail
PGUSER=${PGUSER:-postgres}
PGDATA="/postgres"
export PGDATA
if [[ ! -d "$PGDATA" ]]; then
mkdir -p "$PGDATA"
initdb --auth=trust --encoding=UTF8 --no-locale -U "$PGUSER"
cat >> "$PGDATA/postgresql.conf" <<-EOF
listen_addresses = '*'
unix_socket_directories = '$PGDATA'
EOF
fi
exec postgres
'';
in
dockerTools.buildLayeredImage {
name = "postgres";
contents = [ busybox bash postgresql_14 entryPoint ];
config = {
Cmd = [ "entrypoint.sh" ];
Env = [];
Volumes = { "/postgres" = {}; };
};
}
I can use nix-build
to get container images I can load into docker or podman. I’m creating my own entrypoint here to run Postgres. I was considering using superd
to just run the systemd target file. However, if I look in these containers, I don’t see the .service
file in the nix store or in the out
directory. I’ve been looking around at documentation and it seems like the package has to be added as a systemPackage
in order to get the systemd service files? But I’m not sure how that works with buildLayeredImage