static-yarn-nginx-container/flake.nix
2024-11-21 22:21:02 -07:00

100 lines
2.8 KiB
Nix

{
description = "Utilities for building a artifacts for hosting a static site from a yarn project";
inputs = {
flake-utils.url = "github:numtide/flake-utils";
gitignore = {
url = "github:hercules-ci/gitignore.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
nixpkgs,
flake-utils,
...
}:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
lib = rec {
naiveFilter = names: name: type: let
bname = baseNameOf name;
in
(type == "regular") && (builtins.elem bname names);
npSrc = pkgs.lib.cleanSourceWith {
filter = name: type:
(type == "directory") || (naiveFilter ["package.json" "yarn.lock"] name type);
src = ./.;
};
mimeTypes = pkgs.concatTextFile {
name = "mime.types";
files = [./mime.types];
};
nginxConf = staticAssetsPath:
pkgs.writeTextFile {
name = "nginx.conf";
text = ''
user nginx nginx;
daemon off;
error_log /dev/stdout info;
pid /dev/null;
events {}
http {
include ${mimeTypes};
access_log /dev/stdout;
server {
listen 80;
index index.php index.html;
charset utf-8;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
location / {
root ${staticAssetsPath};
try_files $uri $uri/ /index.php?$query_string;
}
}
}
'';
};
mkContainer = staticAssetsPath: attrs @ {
copyToRoot ? [],
extraCommands ? "",
runAsRoot ? "",
config ? {},
}:
pkgs.dockerTools.buildImage (attrs
// {
copyToRoot = copyToRoot ++ [staticAssetsPath];
extraCommands =
''
mkdir -p var/log/nginx
mkdir -p var/cache/nginx
mkdir -p tmp
chmod 1777 tmp
''
+ extraCommands;
runAsRoot =
''
${pkgs.dockerTools.shadowSetup}
groupadd --system nginx
useradd --system --gid nginx nginx
''
+ runAsRoot;
config =
{
Cmd = ["${pkgs.nginx}/bin/nginx" "-c" "${nginxConf staticAssetsPath}"];
Expose = [80];
}
// config;
});
};
});
}