monolith: fix gitlab-runner config to not override PATH

2025-05-28 20:56:59 -03:00 · 2025-05-28 20:56:59 -03:00 · 53a3cb0a0e
commit 53a3cb0a0e
parent 93c88db929
1 changed files with 51 additions and 49 deletions
--- a/system/gitlab-runner.nix
+++ b/system/gitlab-runner.nix
@ -1,22 +1,6 @@
 { pkgs, lib, ... }:
-{
-  mkNixRunner =
-    authenticationTokenConfigFile: with lib; {
-      # File should contain at least these two variables:
-      # `CI_SERVER_URL`
-      # `REGISTRATION_TOKEN`
-      inherit authenticationTokenConfigFile; # 2
-      dockerImage = "alpine:3.18.2";
-      dockerVolumes = [
-        "/etc/nix/nix.conf:/etc/nix/nix.conf:ro"
-        "/nix/store:/nix/store:ro"
-        "/nix/var/nix/db:/nix/var/nix/db:ro"
-        "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
-        "/var/run/docker.sock:/var/run/docker.sock"
-        "/cache"
-      ];
-      dockerDisableCache = true;
-      preBuildScript = pkgs.writeScript "setup-container" ''
+let
+  installNixScript = pkgs.writeScriptBin "install-nix" ''
    mkdir -p -m 0755 /nix/var/log/nix/drvs
    mkdir -p -m 0755 /nix/var/nix/gcroots
    mkdir -p -m 0755 /nix/var/nix/profiles
@ -30,7 +14,7 @@
    . ${pkgs.nix}/etc/profile.d/nix.sh

    ${pkgs.nix}/bin/nix-env -i ${
-          concatStringsSep " " (
+      lib.concatStringsSep " " (
        with pkgs;
        [
          nix
@ -42,11 +26,29 @@
      )
    }
  '';
+in
+{
+  mkNixRunner = authenticationTokenConfigFile: {
+    # File should contain at least these two variables:
+    # `CI_SERVER_URL`
+    # `REGISTRATION_TOKEN`
+    inherit authenticationTokenConfigFile; # 2
+    dockerImage = "alpine:3.18.2";
+    dockerVolumes = [
+      "/etc/nix/nix.conf:/etc/nix/nix.conf:ro"
+      "/nix/store:/nix/store:ro"
+      "/nix/var/nix/db:/nix/var/nix/db:ro"
+      "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+      "/tmp:/tmp"
+      "/var/run/docker.sock:/var/run/docker.sock"
+      "/var/lib/docker/containers:/var/lib/docker/containers"
+      "/cache"
+    ];
+    preBuildScript = "\". ${lib.getExe installNixScript}\"";
    environmentVariables = {
      ENV = "/etc/profile";
      USER = "root";
      NIX_REMOTE = "daemon";
-        PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
      NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
    };
  };