Add base docker image

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

.envrc

@@ -0,0 +1 @@
+use flake self#nix

flake.nix

@@ -10,20 +10,23 @@
 
   outputs =
     inputs:
-    (
+    {
+      overlays.default = import ./overlays;
+    }
+    // (
       let
         system = "x86_64-linux";
 
         pkgs = import inputs.nixpkgs {
           inherit system;
           config.allowUnfree = true;
+          overlays = [ inputs.self.overlays.default ];
         };
 
         treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
       in
       {
-        lib.${system} = import ./lib { inherit pkgs; };
+        packages.${system} = import ./packages { inherit pkgs; };
-
         formatter.${system} = treefmt.config.build.wrapper;
         checks.${system}.formatting = treefmt.config.build.check inputs.self;
       }

lib/default.nix

@@ -1,8 +0,0 @@
-{ pkgs, ... }:
-let
-  callPackage = pkgs.lib.callPackageWith { inherit pkgs; };
-in
-{
-  fetchers = callPackage ./fetchers { };
-  runtime = callPackage ./runtime { };
-}

lib/fetchers/default.nix

@@ -1,7 +0,0 @@
-{ pkgs, ... }:
-let
-  callPackage = pkgs.lib.callPackageWith { inherit pkgs; };
-in
-{
-  sshKnownHosts = callPackage ./sshKnownHosts { };
-}

lib/runtime/default.nix

@@ -1,7 +0,0 @@
-{ pkgs, ... }:
-let
-  callPackage = pkgs.lib.callPackageWith { inherit pkgs; };
-in
-{
-  merge = callPackage ./merge { };
-}

lib/runtime/merge/default.nix

@@ -1,7 +0,0 @@
-{ pkgs, ... }:
-let
-  callPackage = pkgs.lib.callPackageWith { inherit pkgs; };
-in
-{
-  keyValue = callPackage ./keyValue { };
-}

overlays/default.nix

@@ -0,0 +1,20 @@
+final: prev:
+{
+  lib = prev.lib.recursiveUpdate prev.lib {
+    fetchers = {
+      sshKnownHosts = import ./fetchers/sshKnownHosts final prev;
+    };
+
+    runtime = {
+      merge = {
+        keyValue = import ./runtime/merge/keyValue final prev;
+      };
+    };
+  };
+}
+// (import ../packages { pkgs = final; })
+// {
+  dockerImages = prev.dockerImages or { } // {
+    base = final.docker-image-base;
+  };
+}

overlays/fetchers/sshKnownHosts/default.nix

@@ -1,5 +1,5 @@
-{ pkgs, ... }:
+final: prev:
-pkgs.lib.fetchers.withNormalizedHash { } (
+prev.lib.fetchers.withNormalizedHash { } (
   {
     host,
     name ? "ssh-known-hosts-${host}",
@@ -13,15 +13,15 @@ pkgs.lib.fetchers.withNormalizedHash { } (
     ],
   }:
   let
-    keyTypeArgs = pkgs.lib.concatStringsSep "," keyTypes;
+    keyTypeArgs = prev.lib.concatStringsSep "," keyTypes;
   in
-  pkgs.runCommandLocal name
+  prev.runCommandLocal name
     {
       inherit outputHash outputHashAlgo;
       outputHashMode = "flat";
       preferLocalBuild = true;
 
-      nativeBuildInputs = with pkgs; [
+      nativeBuildInputs = with final; [
         openssh
         gnugrep
         coreutils

overlays/runtime/merge/keyValue/default.nix

@@ -1,8 +1,8 @@
-{ pkgs, ... }:
+final: prev:
 "${
-  pkgs.writeShellApplication {
+  prev.writeShellApplication {
     name = "merge-key-value";
-    runtimeInputs = with pkgs; [
+    runtimeInputs = with final; [
       coreutils
       gawk
     ];

packages/default.nix

@@ -0,0 +1,4 @@
+{ pkgs, ... }:
+{
+  docker-image-base = import ./docker/base { inherit pkgs; };
+}

packages/docker/base/default.nix

@@ -0,0 +1,27 @@
+{ pkgs, ... }:
+pkgs.dockerTools.buildImage {
+  name = "base";
+
+  copyToRoot = pkgs.buildEnv {
+    name = "root";
+    paths = with pkgs; [
+      dockerTools.usrBinEnv
+      dockerTools.binSh
+      dockerTools.caCertificates
+      bashInteractive
+      busybox
+    ];
+    pathsToLink = [
+      "/bin"
+      "/lib"
+      "/share"
+      "/etc"
+      "/usr"
+    ];
+  };
+
+  runAsRoot = ''
+    ${pkgs.dockerTools.shadowSetup}
+    mkdir -p /tmp
+  '';
+}