matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-configs/modules/arion/default.nix
matt1432 b1162ce7a8
All checks were successful
Discord / discord commits (push) Has been skipped
Details
feat(updateImage): check version before downloading image
2024-04-09 20:33:00 -04:00

137 lines
3.5 KiB
Nix
Raw Blame History

{
arion,
config,
lib,
pkgs,
...
}: let
inherit
(lib)
filterAttrs
hasAttr
mapAttrs
mkEnableOption
mkForce
mkIf
mkOption
optionalAttrs
types
;
inherit (config.vars) mainUser;
cfg = config.arion;
in {
imports = [arion.nixosModules.arion];
options.arion = {
enable = mkEnableOption (lib.mdDoc "My custom arion config layer module");
rwDataDir = mkOption {
default = "/var/lib/arion";
type = types.str;
description = lib.mdDoc ''
Directory to place persistent data in
'';
};
projects = mkOption {
default = {};
description = lib.mdDoc ''
Declarative specification of docker-compose in nix.
'';
type = types.attrs;
};
};
config = mkIf cfg.enable {
users.extraUsers.${mainUser}.extraGroups = ["docker"];
virtualisation = {
docker = {
enable = true;
storageDriver = "btrfs";
};
arion = {
backend = "docker";
projects =
mapAttrs (n: v: {
# https://docs.hercules-ci.com/arion/options
settings = {
enableDefaultNetwork = v.enableDefaultNetwork or true;
networks =
optionalAttrs (hasAttr "networks" v)
v.networks;
services =
mapAttrs (n': v': {
# https://github.com/hercules-ci/arion/issues/169#issuecomment-1301370634
build.image = let
importImage = file: pkgs.callPackage file pkgs;
in
mkForce (importImage v'.image);
service =
(filterAttrs (attrName: _:
attrName != "image" && attrName != "extraOptions")
v')
# By default set the container_name to the attrset's name
// (optionalAttrs (! hasAttr "container_name" v') {
container_name = n';
});
out.service =
optionalAttrs
(hasAttr "extraOptions" v')
v'.extraOptions;
})
v;
};
})
cfg.projects;
};
};
# Script for updating the images of all images of a compose.nix file
environment.systemPackages = with pkgs; [
(writeShellApplication {
name = "updateImages";
runtimeInputs = [
(writeShellApplication {
name = "pullImage";
runtimeInputs = [nix-prefetch-docker skopeo];
text = ''
FILE="$1"
IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE")
TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE")
CURRENT_DIGEST=$(sed -n 's/.*imageDigest = "\([^"]*\).*/\1/p' "$FILE")
NEW_DIGEST=$(skopeo inspect "docker://$IMAGE:$TAG" | jq '.Digest' -r)
echo "$IMAGE $TAG"
if ! grep "Locked" "$FILE"; then
if [[ "$CURRENT_DIGEST" == "$NEW_DIGEST" ]]; then
echo "Already up-to-date"
else
PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG")
echo -e "pkgs:\npkgs.dockerTools.pullImage $PREFETCH" > "$FILE"
fi
fi
'';
})
];
text = ''
DIR=''${1:-"."}
find "$DIR"/images -type f -exec pullImage {} \;
'';
})
];
};
}
Reference in a new issue View git blame Copy permalink