From e7fa2ecb36d66b804a48b71c9814d70c54e80772 Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Sat, 15 Feb 2025 03:22:28 +0300 Subject: [PATCH 1/3] nix: init tooling; replace docker --- .dockerignore | 15 --------------- .envrc | 1 + Dockerfile | 38 -------------------------------------- docker-compose.yml | 17 ----------------- flake.lock | 27 +++++++++++++++++++++++++++ flake.nix | 25 +++++++++++++++++++++++++ nix/packages/docker.nix | 37 +++++++++++++++++++++++++++++++++++++ nix/shell.nix | 16 ++++++++++++++++ shell.nix | 9 --------- 9 files changed, 106 insertions(+), 79 deletions(-) delete mode 100644 .dockerignore create mode 100644 .envrc delete mode 100644 Dockerfile delete mode 100644 docker-compose.yml create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 nix/packages/docker.nix create mode 100644 nix/shell.nix delete mode 100644 shell.nix diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index 599a350..0000000 --- a/.dockerignore +++ /dev/null @@ -1,15 +0,0 @@ -## Dependencies ## -node_modules -shell.nix - -## Github ## -*/.github/ -*/.github/workflows/ -.gitignore - -## Databases ## -*.db -*.sqlite - -## Config Files ## -data/ diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 2fe70cf..0000000 --- a/Dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# BryanBot Dockerfile v2.0.2 -# authors: -# - NotAShelf -# - XCraftMan52 -# Node 18.2.0 - -# From Node 18 Alpine image -FROM node:18-alpine as base - -# Set maintainer -LABEL MAINTAINER="NotAShelf " - -# Install pnpm -RUN npm i -g pnpm - -FROM base as dependencies - -# Set working directory -WORKDIR /opt/bryanbot - -# And copy files into that directory -COPY . ./ - -# fetch packages from pnpm-lock.yaml -RUN pnpm fetch - -# Install dependencies -RUN pnpm install -r --no-frozen-lockfile - -FROM dependencies as deploy - -# Make sure the data directory exists so that we can mount it -RUN mkdir -p /opt/bryanbot/data - -# Start the bot with the BOT_PLATFORM environment variable set to Docker -# This allows the bot to decide the correct error message(s) -RUN export BOT_PLATFORM=Docker -CMD [ "pnpm", "start" ] diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 6de7f35..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,17 +0,0 @@ -# BryanBot docker-compose.yaml v2.0.2 -# authors: -# - NotAShelf -# - XCraftMan52 - -services: - bryanbot: - tty: true - working_dir: /opt/bryanbot - image: Neushore/BrayanBot:latest - command: pnpm start - container_name: BryanBot - restart: unless-stopped - volumes: - - ./data:/opt/bryanbot/data - - ./src:/opt/bryanbot/src - environment: [] diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..42c04dd --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1739446958, + "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..2cc12a2 --- /dev/null +++ b/flake.nix @@ -0,0 +1,25 @@ +{ + description = "Bryanbot"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + + outputs = { + self, + nixpkgs, + ... + }: let + systems = ["x86_64-linux" "aarch64-linux"]; + forEachSystem = nixpkgs.lib.genAttrs systems; + + pkgsForEach = nixpkgs.legacyPackages; + in { + packages = forEachSystem (system: { + docker = pkgsForEach.${system}.callPackage ./nix/packages/docker.nix {}; + }); + + devShells = forEachSystem (system: { + default = pkgsForEach.${system}.callPackage ./nix/shell.nix {}; + }); + + hydraJobs = self.packages; + }; +} diff --git a/nix/packages/docker.nix b/nix/packages/docker.nix new file mode 100644 index 0000000..0fc8f96 --- /dev/null +++ b/nix/packages/docker.nix @@ -0,0 +1,37 @@ +{ + dockerTools, + buildEnv, + ... +}: let + name = "node"; + tag = "current-alpine"; + digest = "sha256:b2f1e6d2f9eaf82afc910ec1e3b14f2a252be3f91e661602017974dee1bd9f40"; + + baseImage = dockerTools.pullImage { + imageName = name; + imageDigest = digest; + finalImageName = "${name}-${tag}"; + finalImageTag = tag; + sha256 = "sha256-veOOSIFG+nIfGV5Wv8k325S1sniyFSdzSYbKJvZsVpg="; + }; +in + dockerTools.buildImage { + name = "brayanbot"; + tag = "latest"; + + # Decent compression at the cost of some additional system resources. Since + # this image will be built by GitHub's runners, the cost is negligible. + compressor = "zstd"; + + # First we pull the appropriate nodejs image. This is the equivalent of + # 'FROM node:current-alpine as base' + fromImage = baseImage; + + copyToRoot = buildEnv { + name = "image-root"; + paths = []; + + # Makes package executables available to us + pathsToLink = ["/bin"]; + }; + } diff --git a/nix/shell.nix b/nix/shell.nix new file mode 100644 index 0000000..7103c00 --- /dev/null +++ b/nix/shell.nix @@ -0,0 +1,16 @@ +{ + mkShellNoCC, + eslint_d, + prettierd, + nodejs-slim, + pnpm, +}: +mkShellNoCC { + name = "bryanbot"; + packages = [ + eslint_d + prettierd + nodejs-slim + pnpm + ]; +} diff --git a/shell.nix b/shell.nix deleted file mode 100644 index 9861a2a..0000000 --- a/shell.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs ? import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/57b0ac48c781e14c939651571ec741125fa10463.tar.gz") {} }: - -pkgs.mkShell { - packages = [ - pkgs.nodejs-18_x - pkgs.nodePackages_latest.pnpm - pkgs.nodePackages_latest.prettier - ]; -} \ No newline at end of file From 17e5328ed580d1b717ebe775a0629e8a0615e6d1 Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Sat, 15 Feb 2025 03:29:17 +0300 Subject: [PATCH 2/3] ci: build and publish docker images --- .github/workflows/docker-push.yml | 47 ++++++++++++------------------- 1 file changed, 18 insertions(+), 29 deletions(-) diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml index b2128bc..5abb2ac 100644 --- a/.github/workflows/docker-push.yml +++ b/.github/workflows/docker-push.yml @@ -3,31 +3,20 @@ name: Docker Image CI on: push: - paths-ignore: - - ".github/**" - - ".dockerignore" - - "docker-compose.yml" - - "Dockerfile" - tags: - - v* - branches: - - main pull_request: - paths-ignore: - - ".github/**" - - ".dockerignore" - - "docker-compose.yml" - - "Dockerfile" - branches: - - main + workflow_dispatch: jobs: build-and-push: runs-on: ubuntu-latest + strategy: + matrix: + arch: [x86_64] # more can be added here, if necessary + steps: # Checkout to the git repository - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Logs into Docker using the credientals from the repository secrets - name: Login to Docker Hub @@ -36,16 +25,16 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # Docker builds now require buildx - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + - name: Build Docker image + run: | + nix build .#packages.${{ matrix.arch }}-linux.docker - # build the image using the provided Dockerfile - # and push them to Dockerhub - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: ./Dockerfile - push: true - tags: ${{ secrets.DOCKERHUB_USERNAME }}/bryanbot:latest + - name: Load and preview Docker image + run: | + docker load < result && + docker images + + - name: Push Docker image + run: | + docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:latest ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:${{ matrix.arch }}-latest + docker push ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:${{ matrix.arch }}-latest From 8da4922131e2bf31bc180f9e9c895d790018813c Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Sat, 8 Mar 2025 23:33:00 +0300 Subject: [PATCH 3/3] nix: refactor; include un-filtered repo root --- flake.lock | 6 ++--- flake.nix | 6 ++--- nix/packages/bryanbot.nix | 54 +++++++++++++++++++++++++++++++++++++++ nix/packages/docker.nix | 24 +++++++++++++---- 4 files changed, 79 insertions(+), 11 deletions(-) create mode 100644 nix/packages/bryanbot.nix diff --git a/flake.lock b/flake.lock index 42c04dd..336261a 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1739446958, - "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "lastModified": 1741246872, + "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2cc12a2..0874a96 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { description = "Bryanbot"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable"; outputs = { self, @@ -9,11 +9,11 @@ }: let systems = ["x86_64-linux" "aarch64-linux"]; forEachSystem = nixpkgs.lib.genAttrs systems; - pkgsForEach = nixpkgs.legacyPackages; in { packages = forEachSystem (system: { - docker = pkgsForEach.${system}.callPackage ./nix/packages/docker.nix {}; + docker = pkgsForEach.${system}.callPackage ./nix/packages/docker.nix {inherit self;}; + bryanbot = pkgsForEach.${system}.callPackage ./nix/packages/bryanbot.nix {}; }); devShells = forEachSystem (system: { diff --git a/nix/packages/bryanbot.nix b/nix/packages/bryanbot.nix new file mode 100644 index 0000000..d736f25 --- /dev/null +++ b/nix/packages/bryanbot.nix @@ -0,0 +1,54 @@ +{ + lib, + stdenvNoCC, + git, + nodejs, + pnpm_10, + makeWrapper, + nix-update-script, +}: +stdenvNoCC.mkDerivation (finalAttrs: { + pname = "BryanBot"; + version = "2.0.0"; + + src = builtins.path { + path = ../../.; + name = "bryanbot-source"; + }; + + pnpmDeps = pnpm_10.fetchDeps { + inherit (finalAttrs) pname version src; + hash = "sha256-oSVQfkeG+Kw2YAOJSqOSySReozWe0/3jcB7uRZ8a7ng="; + }; + + nativeBuildInputs = [ + git + nodejs + pnpm_10.configHook + makeWrapper + ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + cp $src/src/index.js $out/bin/bryanbot + chmod +x $out/bin/bryanbot + wrapProgram $out/bin/bryanbot \ + --prefix PATH : ${lib.makeBinPath [nodejs]} + + runHook postInstall + ''; + + passthru.updateScript = nix-update-script {}; + + meta = { + description = "Modular, up-to-date Discord bot that just works"; + homepage = "https://github.com/BryanBotDev/BryanBot"; + platforms = lib.platforms.linux; + mainProgram = "bryanbot"; + maintainers = [ + lib.maintainers.NotAShelf + ]; + }; +}) diff --git a/nix/packages/docker.nix b/nix/packages/docker.nix index 0fc8f96..4ebc493 100644 --- a/nix/packages/docker.nix +++ b/nix/packages/docker.nix @@ -1,18 +1,21 @@ { + self, dockerTools, buildEnv, + nodejs, ... }: let name = "node"; tag = "current-alpine"; digest = "sha256:b2f1e6d2f9eaf82afc910ec1e3b14f2a252be3f91e661602017974dee1bd9f40"; + # TODO: we can stick all of this into a "manifest" in JSON and update it with nix-prefetch-docker baseImage = dockerTools.pullImage { imageName = name; imageDigest = digest; - finalImageName = "${name}-${tag}"; + finalImageName = name; finalImageTag = tag; - sha256 = "sha256-veOOSIFG+nIfGV5Wv8k325S1sniyFSdzSYbKJvZsVpg="; + sha256 = "sha256-nk6QCkQQe7Ms0ZJjDqEz9U7fXnydnaRJj5nam3hTGq4="; }; in dockerTools.buildImage { @@ -29,9 +32,20 @@ in copyToRoot = buildEnv { name = "image-root"; - paths = []; + paths = [nodejs self]; + pathsToLink = ["/bin" "/src"]; + }; + + config = { + Cmd = ["node" "/src/index.js"]; + WorkingDir = "/data"; + Volumes = { + "/data" = {}; + }; - # Makes package executables available to us - pathsToLink = ["/bin"]; + ExposedPorts = {}; }; + + diskSize = 1024; + buildVMMemorySize = 512; }