static-yarn-nginx-container/flake.nix

{
  description = "Utilities for building a artifacts for hosting a static site from a yarn project";

  inputs = {
    flake-utils.url = "github:numtide/flake-utils";
    gitignore = {
      url = "github:hercules-ci/gitignore.nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = {
    nixpkgs,
    flake-utils,
    ...
  }:
    flake-utils.lib.eachDefaultSystem (system: let
      pkgs = nixpkgs.legacyPackages.${system};
    in {
      lib = rec {
        naiveFilter = names: name: type: let
          bname = baseNameOf name;
        in
          (type == "regular") && (builtins.elem bname names);

        mkNpSrc = src:
          pkgs.lib.cleanSourceWith {
            inherit src;
            filter = name: type:
              (type == "directory") || (naiveFilter ["package.json" "yarn.lock"] name type);
          };
        mimeTypes = pkgs.concatTextFile {
          name = "mime.types";
          files = [./mime.types];
        };

        nginxConf = staticAssetsPath:
          pkgs.writeTextFile {
            name = "nginx.conf";
            text = ''
              user nginx nginx;
              daemon off;
              error_log /dev/stdout info;
              pid /dev/null;
              events {}
              http {
                include ${mimeTypes};
                access_log /dev/stdout;
                server {
                  listen 80;
                  index index.php index.html;
                  charset utf-8;

                  add_header X-Frame-Options "SAMEORIGIN";
                  add_header X-Content-Type-Options "nosniff";
                  location / {
                  root ${staticAssetsPath};
                    try_files $uri $uri/ /index.php?$query_string;
                  }
                }
              }
            '';
          };

        mkContainer = staticAssetsPath: attrs @ {
          copyToRoot ? [],
          extraCommands ? "",
          runAsRoot ? "",
          config ? {},
          ...
        }:
          pkgs.dockerTools.buildImage (attrs
            // {
              copyToRoot = copyToRoot ++ [staticAssetsPath];
              extraCommands =
                ''
                  mkdir -p var/log/nginx
                  mkdir -p var/cache/nginx
                  mkdir -p tmp
                  chmod 1777 tmp
                ''
                + extraCommands;

              runAsRoot =
                ''
                  ${pkgs.dockerTools.shadowSetup}
                  groupadd --system nginx
                  useradd --system --gid nginx nginx
                ''
                + runAsRoot;

              config =
                {
                  Cmd = ["${pkgs.nginx}/bin/nginx" "-c" "${nginxConf staticAssetsPath}"];
                  Expose = [80];
                }
                // config;
            });
      };
    });
}
Add utils 2024-11-21 22:21:02 -07:00			`{`
			`description = "Utilities for building a artifacts for hosting a static site from a yarn project";`

			`inputs = {`
			`flake-utils.url = "github:numtide/flake-utils";`
			`gitignore = {`
			`url = "github:hercules-ci/gitignore.nix";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
			`};`

			`outputs = {`
			`nixpkgs,`
			`flake-utils,`
			`...`
			`}:`
			`flake-utils.lib.eachDefaultSystem (system: let`
			`pkgs = nixpkgs.legacyPackages.${system};`
			`in {`
			`lib = rec {`
			`naiveFilter = names: name: type: let`
			`bname = baseNameOf name;`
			`in`
			`(type == "regular") && (builtins.elem bname names);`

Update 2024-11-21 22:51:31 -07:00			`mkNpSrc = src:`
			`pkgs.lib.cleanSourceWith {`
			`inherit src;`
			`filter = name: type:`
			`(type == "directory") \|\| (naiveFilter ["package.json" "yarn.lock"] name type);`
			`};`
Add utils 2024-11-21 22:21:02 -07:00			`mimeTypes = pkgs.concatTextFile {`
			`name = "mime.types";`
			`files = [./mime.types];`
			`};`

			`nginxConf = staticAssetsPath:`
			`pkgs.writeTextFile {`
			`name = "nginx.conf";`
			`text = ''`
			`user nginx nginx;`
			`daemon off;`
			`error_log /dev/stdout info;`
			`pid /dev/null;`
			`events {}`
			`http {`
			`include ${mimeTypes};`
			`access_log /dev/stdout;`
			`server {`
			`listen 80;`
			`index index.php index.html;`
			`charset utf-8;`

			`add_header X-Frame-Options "SAMEORIGIN";`
			`add_header X-Content-Type-Options "nosniff";`
			`location / {`
			`root ${staticAssetsPath};`
			`try_files $uri $uri/ /index.php?$query_string;`
			`}`
			`}`
			`}`
			`'';`
			`};`

			`mkContainer = staticAssetsPath: attrs @ {`
			`copyToRoot ? [],`
			`extraCommands ? "",`
			`runAsRoot ? "",`
			`config ? {},`
Fix 2024-11-21 22:54:59 -07:00			`...`
Add utils 2024-11-21 22:21:02 -07:00			`}:`
			`pkgs.dockerTools.buildImage (attrs`
			`// {`
			`copyToRoot = copyToRoot ++ [staticAssetsPath];`
			`extraCommands =`
			`''`
			`mkdir -p var/log/nginx`
			`mkdir -p var/cache/nginx`
			`mkdir -p tmp`
			`chmod 1777 tmp`
			`''`
			`+ extraCommands;`

			`runAsRoot =`
			`''`
			`${pkgs.dockerTools.shadowSetup}`
			`groupadd --system nginx`
			`useradd --system --gid nginx nginx`
			`''`
			`+ runAsRoot;`

			`config =`
			`{`
			`Cmd = ["${pkgs.nginx}/bin/nginx" "-c" "${nginxConf staticAssetsPath}"];`
			`Expose = [80];`
			`}`
			`// config;`
			`});`
			`};`
			`});`
			`}`