gitlab-system/gitlab-runner/default.nix

{ system ? builtins.currentSystem }:
let
  pkgs = import <nixpkgs> {
    inherit system;
    overlays = [
      (self: super: {
        docker = super.docker.override {
          iptables = self.iptables-legacy;
        };
      })
    ];
  };

in
let
  img = spec: {
    streamed = pkgs.dockerTools.streamLayeredImage spec;
    layered = pkgs.dockerTools.buildLayeredImage spec;
    image = pkgs.dockerTools.buildImage spec;
  };

in
let
  init =
    pkgs.writeShellScriptBin "init" ''
      set -xeuo pipefail

      if ! [ -e /vol/docker-data/docker.ext4 ]; then
          ${pkgs.busybox}/bin/dd if=/dev/zero of=/vol/docker-data/docker.ext4 bs=1G count=0 seek=30
          ${pkgs.e2fsprogs}/bin/mkfs.ext4 /vol/docker-data/docker.ext4
      fi
      ${pkgs.e2fsprogs}/bin/e2fsck -y /vol/docker-data/docker.ext4
      ${pkgs.busybox}/bin/mkdir -p /var/lib/docker
      ${pkgs.busybox}/bin/mount -o loop,rw /vol/docker-data/docker.ext4 /var/lib/docker

      ${pkgs.docker}/bin/dockerd --storage-driver=overlay2 &
      sleep 10s

      ${pkgs.docker}/bin/docker kill $(${pkgs.docker}/bin/docker ps -a -q) || :
      ${pkgs.docker}/bin/docker system prune --volumes --force || :

      exec ${pkgs.gitlab-runner}/bin/gitlab-runner run
    '';

  src = ./.;

  extraDeps = with pkgs; [
    # for Docker
    cacert

    # for GitLab runner
    docker
  ];

  maintenanceDeps = with pkgs; [
    bash
    busybox
    coreutils
    findutils
    pxattr
    strace
  ];

in
img {
  name = "docker.benkard.de/mulk/gitlab-runner";
  #tag = "latest";
  maxLayers = 125;
  contents = extraDeps ++ maintenanceDeps;
  extraCommands =
    ''
      #!${pkgs.runtimeShell}

      install -dm755 etc/gitlab-runner
      install -dm755 vol/docker-data
      install -dm755 tmp

      cp -a ${src}/* .
    '';
  config = {
    Entrypoint = [ "${init}/bin/init" ];
    Cmd = [ ];
    Workdir = "/";
    Volumes = {
      "/etc/gitlab-runner" = { };
      "/vol/docker-data" = { };
    };
  };
}