Nix containers for usage with Forgejo Actions
There are currently two container images, one with the standard Nix implementation and one with Lix.
- Attic
- Bash
- BusyBox
- Cachix
- curl
- Nix or Lix with flakes enabled
- Git with LFS
- Node.js
- Forgejo CLI client
The containers can be used with Forgejo Actions by setting up the appropriate labels in the configuration file or the .runner file:
config.yml
runner:
labels:
- "nix-latest:docker://ghcr.io/joschi/forgejo-nix:latest"
- "lix-latest:docker://ghcr.io/joschi/forgejo-lix:latest".runner
{
"WARNING": "This file is automatically generated by act-runner. Do not edit it manually unless you know what you are doing. Removing this file will cause act runner to re-register as a new runner.",
"id": 42,
"uuid": "d2ax6368-9c20-4dy0-9a5a-e09c53854zb5",
"name": "my-forgejo-runner",
"token": "864e6019009e1635d98adf3935b305d32494d42a",
"address": "https://code.forgejo.org/",
"labels": [
"nix-latest:docker://ghcr.io/joschi/forgejo-nix:latest",
"lix-latest:docker://ghcr.io/joschi/forgejo-lix:latest"
]
}The built container images can be verified with cosign using the public key in cosign.pub:
cosign verify --key cosign.pub ghcr.io/joschi/forgejo-nix:latestIt can also be verified against GitHub directly:
cosign verify ghcr.io/joschi/forgejo-nix:latest --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp="https://github.com/joschi/forgejo-runner-nix-containers"This project has been greatly inspired by and is based on https://codeberg.org/nix-actions/container by Jan Baudisch.