blob: 55d73850dcf738111c8db78c85032718355daa99 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
FROM nixos/nix:latest AS builder
COPY . /tmp/build
WORKDIR /tmp/build
RUN nix \
--extra-experimental-features "nix-command flakes" \
--option filter-syscalls false \
build -L .#docker
# no quotes, we actually want to split
RUN mkdir /tmp/nix-store-closure && \
cp -R $(nix-store -qR result/) /tmp/nix-store-closure
WORKDIR /tmp/app
FROM scratch
COPY --from=builder /tmp/nix-store-closure /nix/store
COPY --from=builder /tmp/build/result /
USER 1000
ENV PATH=/bin
ENTRYPOINT ["perl", "/bin/sync"]
|