NixOS-based container for running GitHub actions
more permission fixes
+1
-17
+1
-17
flake.nix
+1
-17
flake.nix
···
122
122
pkgs.podman
123
123
pkgs.reuse
124
124
pkgs.regctl
125
-
pkgs.shadow.su
126
125
pkgs.stdenv.cc.cc.lib
127
-
pkgs.sudo
128
126
pkgs.tailscale
129
127
pkgs.which
130
128
pkgs.xz
···
316
314
317
315
gitConfig = ''
318
316
[safe]
319
-
directory = *
320
-
'';
321
-
322
-
sudoers = ''
323
-
root ALL=(ALL:ALL) NOPASSWD:ALL SETENV:ALL
324
-
%wheel ALL=(ALL:ALL) NOPASSWD:ALL SETENV:ALL
317
+
directory = /__w/nixos-runner/nixos-runner
325
318
'';
326
319
327
320
baseSystem =
···
385
378
passwdContents
386
379
shadowContents
387
380
gitConfig
388
-
sudoers
389
381
;
390
382
passAsFile = [
391
383
"containerPolicy"
···
397
389
"passwdContents"
398
390
"shadowContents"
399
391
"gitConfig"
400
-
"sudoers"
401
392
];
402
393
allowSubstitutes = false;
403
394
preferLocalBuild = true;
···
416
407
417
408
cat $shadowContentsPath > $out/etc/shadow
418
409
echo "" >> $out/etc/shadow
419
-
420
-
cat $sudoersPath > $out/etc/sudoers
421
-
echo "" >> $out/etc/sudoers
422
-
423
-
mkdir -p $out/etc/pam.d
424
-
cat $pamSuPath > $out/etc/pam.d/su
425
-
echo "" >> $out/etc/pam.d/su
426
410
427
411
mkdir -p $out/etc/nix
428
412
cat $nixConfContentsPath > $out/etc/nix/nix.conf