Generate container images using Nix and serve them via an Docker Registry HTTP API V2 compatible HTTP API.
Container image tarballs are generated on the fly and cached by flakeforge (but not stored in the Nix store to save disk space).
Create a flake.nix (example repo) file to specify the container image (sample below for x86_64-linux, tested successfully with aarch64-linux as well):
{
description = "flakeforge example";
inputs = {
flakeforge.url = "github:elohmeier/flakeforge";
flakeforge.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
};
outputs = { self, flakeforge, nixpkgs }: {
packages.x86_64-linux.my-bash-image = flakeforge.packages.x86_64-linux.flakeforgeTools.streamLayeredImageConf {
name = "bash-stream-layered";
contents = [ nixpkgs.legacyPackages.x86_64-linux.bashInteractive ];
};
};
}Run flakenix using nix run github:elohmeier/flakeforge -- $(pwd) or nix run github:elohmeier/flakeforge -- github:myuser/myrepo (flakeforge is running nix build ${flakeroot}#${image} internally).
Use docker pull localhost:5000/my-bash-image (package name specified above) to pull the image using Docker.
Use docker run -it localhost:5000/my-bash-image bash to start a container with bash.
streamLayeredImageConf generates a config file specifying the layers and docker configuration (essentially the same code as in dockerTools.streamLayeredImage). That file is picked up by flakeforge (using a nix build call) and exposed via a Starlette-based webserver.
Currently this is in a proof of concept state. I'm using it in a Kubernetes cluster to provide container images to the nodes.
- no HTTPS support
- minimal registry API implementation (manifest & digest endpoints only)
- no compression (only tar images)
- Inspired by Nixery, which provides more generic approach.
- Using code from Nixpkgs/dockerTools to provide the on the fly container image tarfile generation.