coder · matifali · Jan 31, 2024 · Jan 18, 2024 · Jan 18, 2024 · Jan 18, 2024
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+# Ignore all files and folders
+**
+
+# Include flake.nix and flake.lock
+!flake.nix
+!flake.lock
diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml
@@ -45,17 +45,31 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
-      - name: Build and push
+      - name: Build and push Non-Nix image
         uses: depot/build-push-action@v1
         with:
           project: b4q6ltmpzh
           token: ${{ secrets.DEPOT_TOKEN }}
           buildx-fallback: true
           context: "{{defaultContext}}:dogfood"
           pull: true
+          save: true
           push: ${{ github.ref == 'refs/heads/main' }}
           tags: "codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }},codercom/oss-dogfood:latest"
 
+      - name: Build and push Nix image
+        uses: depot/build-push-action@v1
+        with:
+          project: b4q6ltmpzh
+          token: ${{ secrets.DEPOT_TOKEN }}
+          buildx-fallback: true
+          context: "."
+          file: "dogfood/Dockerfile.nix"
+          pull: true
+          save: true
+          push: ${{ github.ref == 'refs/heads/main' }}
+          tags: "codercom/oss-dogfood-nix:${{ steps.docker-tag-name.outputs.tag }},codercom/oss-dogfood-nix:latest"
+
   deploy_template:
     needs: build_image
     if: github.ref == 'refs/heads/main'

diff --git a/dogfood/Dockerfile.nix b/dogfood/Dockerfile.nix
@@ -0,0 +1,49 @@
+# Build stage
+FROM nixos/nix:2.19.2 as nix
+
+# enable --experimental-features 'nix-command flakes' globally
+RUN mkdir -p /etc/nix && echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
+
+# Copy the Nix related files into the Docker image
+COPY flake.nix /app/flake.nix
+COPY flake.lock /app/flake.lock
+
+# Install dependencies from flake and remove the flake
+RUN nix profile install /app#all --priority 4 && rm -rf /app
+
+# print all users and groups
+RUN cp /etc/passwd /etc/passwd.nix && cp /etc/group /etc/group.nix
+
+# Final image
+FROM codercom/enterprise-base:latest as final
+
+USER root
+
+# Copy the Nix related files into the Docker image
+COPY --from=nix /nix /nix
+COPY --from=nix /etc/nix /etc/nix
+COPY --from=nix /root/.nix-profile /root/.nix-profile
+COPY --from=nix /root/.nix-defexpr /root/.nix-defexpr
+COPY --from=nix /root/.nix-channels /root/.nix-channels
+
+# Merge the passwd and group files
+COPY --from=nix /etc/passwd.nix /etc/passwd.nix
+COPY --from=nix /etc/group.nix /etc/group.nix
+RUN cat /etc/passwd.nix >> /etc/passwd && cat /etc/group.nix >> /etc/group && rm /etc/passwd.nix && rm /etc/group.nix
+
+# Update the PATH to include the Nix stuff
+ENV PATH=/root/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:$PATH
+
+# Install playwright dependencies, playwright deps need apt-get to be installed, thats why we install it here
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get upgrade -y && \
+    npm install -g pnpm playwright@1.36.2 && npx playwright install-deps && npm cache clean --force && \
+    rm -rf /var/lib/apt/lists/*
+
+# Set environment variables
+ENV GOPRIVATE="coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder"
+
+# Increase memory allocation to NodeJS
+ENV NODE_OPTIONS="--max-old-space-size=8192"
+
+USER coder
diff --git a/dogfood/main.tf b/dogfood/main.tf
@@ -33,7 +33,6 @@ locals {
 
   repo_dir       = replace(data.coder_parameter.repo_dir.value, "/^~\\//", "/home/coder/")
   container_name = "coder-${data.coder_workspace.me.owner}-${lower(data.coder_workspace.me.name)}"
-  registry_name  = "codercom/oss-dogfood"
   jfrog_host     = replace(var.jfrog_url, "https://", "")
 }
 
@@ -45,6 +44,23 @@ data "coder_parameter" "repo_dir" {
   mutable     = true
 }
 
+data "coder_parameter" "image_type" {
+  type        = "string"
+  name        = "Coder Image"
+  default     = "codercom/oss-dogfood:latest"
+  description = "The Docker image used to run your workspace. Choose between nix and non-nix images."
+  option {
+    icon  = "/icon/coder.svg"
+    name  = "Non-Nix"
+    value = "codercom/oss-dogfood:latest"
+  }
+  option {
+    icon  = "/icons/nix.svg"
+    name  = "Nix"
+    value = "codercom/oss-dogfood-nix:latest"
+  }
+}
+
 data "coder_parameter" "region" {
   type    = "string"
   name    = "Region"
@@ -279,7 +295,7 @@ resource "docker_volume" "home_volume" {
 }
 
 data "docker_registry_image" "dogfood" {
-  name = "${local.registry_name}:latest"
+  name = data.coder_parameter.image_type.value
 }
 
 resource "docker_image" "dogfood" {
@@ -288,6 +304,7 @@ resource "docker_image" "dogfood" {
     data.docker_registry_image.dogfood.sha256_digest,
     sha1(join("", [for f in fileset(path.module, "files/*") : filesha1(f)])),
     filesha1("Dockerfile"),
+    filesha1("Dockerfile.nix"),
   ]
   keep_locally = true
 }

diff --git a/flake.nix b/flake.nix
@@ -10,14 +10,8 @@
   outputs = { self, nixpkgs, flake-utils, drpc }:
     flake-utils.lib.eachDefaultSystem (system:
       let
-        # Workaround for: terraform has an unfree license (‘bsl11’), refusing to evaluate.
         pkgs = import nixpkgs { inherit system; config.allowUnfree = true; };
         formatter = pkgs.nixpkgs-fmt;
-        # Check in https://search.nixos.org/packages to find new packages.
-        # Use `nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update`
-        # to update the lock file if packages are out-of-date.
-
-        # From https://nixos.wiki/wiki/Google_Cloud_SDK
         gdk = pkgs.google-cloud-sdk.withExtraComponents ([pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin]);
 
         devShellPackages = with pkgs; [
@@ -42,7 +36,6 @@
           kubectx
           kubernetes-helm
           less
-          # Needed for many LD system libs!
           libuuid
           mockgen
           nfpm
@@ -64,7 +57,6 @@
           shellcheck
           shfmt
           sqlc
-          # strace is not available on OSX
           (if pkgs.stdenv.hostPlatform.isDarwin then null else strace)
           terraform
           typos
@@ -76,10 +68,16 @@
           zsh
           zstd
         ];
+
+        allPackages = pkgs.buildEnv {
+          name = "all-packages";
+          paths = devShellPackages;
+        };
       in
       {
-        defaultPackage = formatter; # or replace it with your desired default package.
+        defaultPackage = formatter;
         devShell = pkgs.mkShell { buildInputs = devShellPackages; };
+        packages.all = allPackages;
       }
     );
 }
diff --git a/site/src/theme/icons.json b/site/src/theme/icons.json
@@ -54,6 +54,7 @@
   "matlab.svg",
   "memory.svg",
   "microsoft.svg",
+  "nix.svg",
   "node.svg",
   "nodejs.svg",
   "nomad.svg",