Server tools generated by Nix.
Should create a Nix derivation
to hold all the files for the Docker context that the local COPY
command in the Dockerfile
would reference.
Note:
pkgs.stdenv.mkDerivation
automatically changes shebang
lines for scripts to refer to paths in the Nix store
which wouldn't work inside the docker container, so need to add dontPatchShebangs = true;
as an attribute to the pkgs.stdenv.mkDerivation
function call.
pkgs.writeScript
, but not the outputs of pkgs.writeText
.pkgs.stdenv.mkDerivation
rewrites #!/bin.sh
to #!/nix/store/<hash>-some-bash/bin/sh
.patchShebangs
command in Nix build expressions?nix flake check
To get the latest versions of the build inputs can run nix flake update
before nix build .#
.
builtins.getEnv
with Nix flake.To read environment variables from the shell context where nix build .#<proxy>
is called:
nix build .#<proxy> --impure
if using builtins.getEnv("ENV_NAME")
in the Nix code that will be derived with the build call.
builtins.getEnv("ENV_NAME")
would be ""
.--impure
with caution.For the build input url can use: git+file://<absolute path to the local git repo>
.
Also see:
Nix automatically copies files into the nix-store. So recommend that secrets files should be encrypted anytime building with Nix such as nix build .#
or nix develop .#
, and the secret files should decrypted only when ecessary such as when running docker compose up
.