This is a docker registry, i.e. you can pull images from this registry
with e.g. docker run
or in kubernetes.
This registry builds images on-the-fly based on a nix expression found in a public or private repository.
I first explored this idea here and there is also nixery, a slightly different take on the same idea.
The service needs:
- A directory to store layer blobs
- A directory to cache
git clone
output - A set of repository descriptions
The invocation looks e.g. like this:
nixcr \
--blob-root /tmp/blob-cache/ \
--repo-root /tmp/repo-cache/ \
# public repo:
--repo nixpkgs,https://github.com/NixOS/nixpkgs \
# ^^^^^^^ lookup key
# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ repository for that key
# private repo:
--repo nixcr,[email protected]:private/private.git,/keys/id_rsa
# ^^^^^ lookup key
# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ repository for key
# ^^^^^^^^^^^^ path to private ssh deploy key
For the example above you could do e.g.
docker run -it 127.0.0.1:8888/nixpkgs/cafe1111:hello
# ^^^^^^^^^^^^^^ host + port where nixcr is running
# ^^^^^^^^ lookup key (see above)
# ^^^^^^^^ commit
# ^^^^^ nix attribute path