Why not make this the official Dockerfile for Nix?

Question

Why not make this the official Dockerfile for Nix?

Opened this issue 8 years ago · 5 comments

CMCDragonkai commented 8 years ago

It seems that this is more raw as a container for Nix, and it's smaller too.

It also seems this is more updated, since the current Nix container is only at 1.11.

Would be better to market this container as the official Nix container.

And the nixpkgs container should be quietly deprecated (https://hub.docker.com/r/nixos/nixpkgs/).

Answer 1 · 2017-02-11T11:55:22.000Z

The main reason for me is the fact that this still needs some manual work to build. I improved it with the last update but it's not using dockerTools yet.

Answer 2 · 2018-05-11T22:14:03.000Z

@LnL7 Is it possible to use dockerTools at all. I have tried this:

  lnl7_niximage = pkgs.dockerTools.pullImage {
   imageName = "lnl7/nix";
   finalImageTag = "2.0";
   imageDigest = "sha256:632268d5fd9ca87169c65353db99be8b4e2eb41833b626e09688f484222e860f";
   sha256 = "20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b";
  };

but I don't know where to get the sha256 from. Using a wrong sha256 I ended up with the error:
claims to be content-addressed but isn't

Answer 3 · 2018-05-12T11:25:09.000Z

Generating the sha256 with nix-hash --type sha256 lnl7.tar (where the tar is the result of docker save I have got:

warning: path '/nix/store/bacpxcf1c8xzzk15vd8k7p4lyx9d45k2-docker-image-lnl7-nix-2.0.tar' claims to be content-addressed but isn't

Answer 4 · 2018-05-12T13:15:54.000Z

I've not really used pullImage, but it's probably nix-hash --flat --type sha256 <tar>. Also note that the version images can change , you might want to use the date tags.

Answer 5 · 2018-05-12T13:34:10.000Z

@LnL7 The --flat didn't fix it. The utility of the sha256 field is a bit confusing. I don't see why the imageDigest field generated with skopeo isn't enough. I will try to find out from the ones behind the recent updates of pullImage.