feat: add my nix-cache to the full container

.github/workflows/build.yml

@@ -2,6 +2,9 @@ name: Build and Push docker image
 on:
   workflow_dispatch:
   workflow_call:
+  push:
+    branches:
+      - main
 
 jobs:
   buildAndPush:
@@ -14,9 +17,8 @@ jobs:
       run: curl -o /etc/containers/policy.json --create-dirs https://raw.githubusercontent.com/containers/skopeo/refs/heads/main/default-policy.json
     - name: Push Image
       run: |
-        nix shell --extra-experimental-features "flakes nix-command" nixpkgs#skopeo -c sh -c \
-        'skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL:$(date --iso-8601)" && \
-        skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL"'
+       skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL:$(date --iso-8601)" && \
+       skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL"
       env: 
         USERNAME: tamipes
         UPLOAD_TOKEN: ${{ secrets.UPLOAD_TOKEN }}

README.md

@@ -7,21 +7,22 @@ As you cannot run a forgejo runner with `nixos/nix` due to it not having `node`
 ```bash
   USERNAME="tamipes"
   URL="git.tami.moe"
+  IMG_NAME="nix"
   nix build --extra-experimental-features "flakes nix-command" .
   docker load -i result
-  docker image tag nix "$URL/$USERNAME/nix:latest"
+  docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest"
   docker login "https://$URL"
-  docker push "$URL/$USERNAME/nix"
+  docker push "$URL/$USERNAME/$IMG_NAME"
   rm result # don't forget to cleanup the GC root
 
   # I also tag with the date, but this might be unneeded
-  docker image tag nix "$URL/$USERNAME/nix:latest$(date --iso-8601)"
-  docker push "$URL/$USERNAME/nix"
+  docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest$(date --iso-8601)"
+  docker push "$URL/$USERNAME/$IMG_NAME"
 ```
 
 
 # Extra info
-- This image is essentially still "based" on `nixos/nix`, but it builds it with nodejs included. Checkout the flake.nix!
+- These image are essentially still "based" on `nixos/nix`, but it builds it with nodejs(+extras) included. Checkout the flake.nix!
   - it does not use `nixos/nix` as a base image, but uses the same build script and adds extra stuff
   - [nixpkgs manual](https://nix.dev/manual/nix/2.24/installation/installing-docker#docker-image-with-the-latest-development-version-of-nix)
   - [nixos/nix build script](https://github.com/NixOS/nix/blob/master/docker.nix)

flake.lock

@@ -24,11 +24,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1733312601,
-        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
+        "lastModified": 1778716662,
+        "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
+        "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb",
         "type": "github"
       },
       "original": {
@@ -48,18 +48,14 @@
         "nixpkgs": [
           "nix",
           "nixpkgs"
-        ],
-        "nixpkgs-stable": [
-          "nix",
-          "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1734279981,
-        "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=",
+        "lastModified": 1778507602,
+        "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785",
+        "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a",
         "type": "github"
       },
       "original": {
@@ -78,11 +74,11 @@
         "nixpkgs-regression": "nixpkgs-regression"
       },
       "locked": {
-        "lastModified": 1768165334,
-        "narHash": "sha256-42bXWekwea6E+q00HVskzi7ggMQSr8g/7ApQaNd+mr0=",
+        "lastModified": 1780022537,
+        "narHash": "sha256-yhmkWBrvoIi0pSDmyBQZVNd4d1UZvWlgrXbUg8qZlnc=",
         "owner": "nixos",
         "repo": "nix",
-        "rev": "252aff5c8f1dcdea1046b03a8196ef63ecf3b112",
+        "rev": "9b03e7daa40b3d4d0a40a17d43bcc6c6d2b112ef",
         "type": "github"
       },
       "original": {
@@ -93,15 +89,15 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1763948260,
-        "narHash": "sha256-zZk7fn2ARAqmLwaYTpxBJmj81KIdz11NiWt7ydHHD/M=",
-        "rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c",
+        "lastModified": 1778003029,
+        "narHash": "sha256-amc4Y3GF3+anUi7IJeLVzf7hVqLb3ZqCGzYtkVyp7Qw=",
+        "rev": "0c88e1f2bdb93d5999019e99cb0e61e1fe2af4c5",
         "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/25.05/nixos-25.05.813095.1c8ba8d3f763/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.10470.0c88e1f2bdb9/nixexprs.tar.xz"
       },
       "original": {
         "type": "tarball",
-        "url": "https://channels.nixos.org/nixos-25.05/nixexprs.tar.xz"
+        "url": "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz"
       }
     },
     "nixpkgs-23-11": {
@@ -138,11 +134,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1768127708,
-        "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=",
+        "lastModified": 1779560665,
+        "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38",
+        "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
         "type": "github"
       },
       "original": {

flake.nix

@@ -6,16 +6,39 @@
   };
   outputs = { nixpkgs, nix, self }:
     let pkgs = import nixpkgs { system = "x86_64-linux"; }; in {
-      packages.x86_64-linux.default = import (nix + "/docker.nix") {
-        inherit pkgs;
-        extraPkgs = [ pkgs.nodejs ];
+      packages.x86_64-linux = rec {
+        default = nix-with-tools;
 
-        Labels = {
-          "org.opencontainers.image.title" = "Nix";
-          "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/";
-          "org.opencontainers.image.vendor" = "Tamipes";
-          "org.opencontainers.image.version" = pkgs.nix.version;
-          "org.opencontainers.image.description" = "Nix container image with nodejs";
+        minimal-nix = import (nix + "/docker.nix") {
+          inherit pkgs;
+          extraPkgs = [ pkgs.nodejs ];
+
+          Labels = {
+            "org.opencontainers.image.title" = "Nix (minimal)";
+            "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions";
+            "org.opencontainers.image.vendor" = "Tamipes";
+            "org.opencontainers.image.version" = pkgs.nix.version;
+            "org.opencontainers.image.description" = "Nix container image with nodejs";
+          };
+        };
+        nix-with-tools = import (nix + "/docker.nix") {
+          inherit pkgs;
+          extraPkgs = [ pkgs.nodejs pkgs.skopeo ];
+          nixConf = {
+            extra-substituters = [ "https://nix-cache.tami.moe" ];
+            trusted-public-keys = [
+              "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+              "nix-cache.tami.moe:3jrWZ412K0YTFfKMJC6ftc4lsugeMVWDBiudFCAdDb8="
+            ];
+          };
+
+          Labels = {
+            "org.opencontainers.image.title" = "Nix";
+            "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions";
+            "org.opencontainers.image.vendor" = "Tamipes";
+            "org.opencontainers.image.version" = pkgs.nix.version;
+            "org.opencontainers.image.description" = "Nix container image with more cli tools";
+          };
         };
       };
     };