-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdefault.nix
84 lines (75 loc) · 1.97 KB
/
default.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{ pkgs ? import <nixpkgs> { } }:
let
envTag = builtins.getEnv "TAG";
shell = import ./shell.nix { isDevelopment = false; };
python-venv = pkgs.buildEnv {
name = "python-venv";
paths = [
(pkgs.runCommand "python-venv" { } ''
set -e
mkdir -p $out/bin $out/lib
find "${./.venv/bin}" -type f -executable -exec cp {} $out/bin \;
sed -i '1s|^#!.*/python|#!/usr/bin/env python|' $out/bin/*
cp -r "${./.venv/lib/python3.13/site-packages}"/* $out/lib
'')
];
pathsToLink = [ "/bin" "/lib" ];
};
entrypoint = pkgs.writeShellScriptBin "entrypoint" ''
set -ex
rm -f data/postgres/postmaster.pid
dev-start
set -o allexport
source "envs/app/${envTag}.env" set
set +o allexport
exec python -m gunicorn main:app "$@"
'';
in
with pkgs; dockerTools.buildLayeredImage {
name = "backend";
tag = if envTag != "" then envTag else "latest";
contents = shell.buildInputs ++ [
dockerTools.usrBinEnv
dockerTools.binSh # initdb dependency
python-venv
];
extraCommands = ''
set -e
mkdir tmp
mkdir app && cd app
mkdir -p data/postgres data/photos
cp "${./.}"/*.py .
cp -r "${./.}"/alembic_ .
cp -r "${./.}"/api .
cp -r "${./.}"/config .
cp -r "${./.}"/envs .
cp -r "${./.}"/middlewares .
cp -r "${./.}"/models .
cp -r "${./.}"/services .
'';
fakeRootCommands = ''
set -e
${dockerTools.shadowSetup}
chmod 0777 tmp
groupadd --system -g 999 docker
useradd --system --no-create-home -u 999 -g 999 docker
chown -R docker:docker app
'';
enableFakechroot = true;
config = {
WorkingDir = "/app";
Env = [
"PYTHONPATH=${python-venv}/lib"
"PYTHONUNBUFFERED=1"
"PYTHONDONTWRITEBYTECODE=1"
"TZ=UTC"
];
Volumes = {
"/app/data/postgres" = { };
"/app/data/photos" = { };
};
Ports = [ "8000" ];
Entrypoint = [ "${entrypoint}/bin/entrypoint" ];
User = "docker:docker";
};
}