diff --git a/.forgejo/workflows/runner-image.yml b/.forgejo/workflows/runner-image.yml index 8893fd5..1490afa 100644 --- a/.forgejo/workflows/runner-image.yml +++ b/.forgejo/workflows/runner-image.yml @@ -21,11 +21,24 @@ jobs: run: | git clone https://${{ env.registry }}/${{ env.owner }}/sneeuwvlok.git . - - name: Install docker + - name: Prepare podman run: | - nix-env -iA nixpkgs.podman nixpkgs.fuse + # configure container policy to accept insecure registry + nix-env -iA nixpkgs.podman + + # configure container policy to accept insecure registry mkdir -p ~/.config/containers echo '{ "default": [ {"type":"insecureAcceptAnything"} ] }' > ~/.config/containers/policy.json + + # ensure all required directories exist with proper permissions + mkdir -p /tmp/podman /var/tmp ~/.local/share/containers + chmod 755 /tmp/podman /var/tmp || true + + # set multiple environment variables for skopeo temporary directories + export TMPDIR=/tmp/podman + export TMP=/tmp/podman + export TEMP=/tmp/podman + export XDG_RUNTIME_DIR=/tmp/podman - name: Log into registry run: | @@ -34,6 +47,7 @@ jobs: - name: Build image run: >- podman build + --privileged -t ${{ env.registry }}/${{ env.owner }}/${{ env.image }}:${{ env.tag }} -f Dockerfile.default modules/nixos/services/development/forgejo diff --git a/modules/nixos/services/development/forgejo/Dockerfile.default b/modules/nixos/services/development/forgejo/Dockerfile.default index d632617..d9ff5f8 100644 --- a/modules/nixos/services/development/forgejo/Dockerfile.default +++ b/modules/nixos/services/development/forgejo/Dockerfile.default @@ -1,6 +1,6 @@ FROM docker.io/nixos/nix:latest -RUN nix-env -iA nixpkgs.nodejs_24 nixpkgs.podman nixpkgs.fuse +RUN nix-env -iA nixpkgs.nodejs_24 nixpkgs.podman RUN echo "experimental-features = nix-command flakes pipe-operators" >> /etc/nix/nix.conf RUN echo '{ "default": [ {"type":"insecureAcceptAnything"} ] }' >> /etc/containers/policy.json