From 4e9a3de12af6cc36d70b58a0d425d6a1f64f87c3 Mon Sep 17 00:00:00 2001
From: trev <me@trev.xyz>
Date: Thu, 13 Mar 2025 05:03:45 -0400
Subject: [PATCH] feat: docker

---
 Dockerfile | 65 ++++++++++++++++++------------------------------------
 flake.nix  | 26 ++++++----------------
 2 files changed, 29 insertions(+), 62 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 21ed3d0..3158d12 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,49 +1,28 @@
-## BUF BUILD
-FROM bufbuild/buf:1.50.0 AS buf
-WORKDIR /buf
+# Nix builder
+FROM nixos/nix:latest AS builder
 
-# Create client and server services
-COPY buf.yaml buf.gen.yaml base.openapi.yaml ./
-COPY proto ./proto
-RUN buf generate
+# Copy our source and setup our working dir.
+COPY . /tmp/build
+WORKDIR /tmp/build
 
+# Build our Nix environment
+RUN nix \
+    --extra-experimental-features "nix-command flakes" \
+    --option filter-syscalls false \
+    build
 
-## CLIENT BUILD
-FROM node:22-alpine AS client
-WORKDIR /client
+# Copy the Nix store closure into a directory. The Nix store closure is the
+# entire set of Nix store values that we need for our build.
+RUN mkdir /tmp/nix-store-closure
+RUN cp -R $(nix-store -qR result/) /tmp/nix-store-closure
 
-# Install client dependencies
-COPY client/package.json client/package-lock.json ./
-RUN npm ci
+# Final image is based on scratch. We copy a bunch of Nix dependencies
+# but they're fully self-contained so we don't need Nix anymore.
+FROM scratch
 
-# Get client source
-COPY client .
+WORKDIR /app
 
-# Get buf service
-COPY --from=buf /buf/client/src/lib/services ./src/lib/services
-
-# Build client
-RUN npm run build
-
-
-## SERVER BUILD
-FROM golang:1.23 AS server
-WORKDIR /server
-
-# Install server dependencies
-COPY server/go.mod server/go.sum ./
-RUN go mod download && go mod verify
-
-# Get server source
-COPY server .
-
-# Get client build
-COPY --from=client /client/build ./client
-
-# Get buf service
-COPY --from=buf /buf/server/internal/services ./internal/services
-
-# Build server
-RUN go build -v -o /server/main .
-
-CMD ["/server/main"]
\ No newline at end of file
+# Copy /nix/store
+COPY --from=builder /tmp/nix-store-closure /nix/store
+COPY --from=builder /tmp/build/result /app
+CMD ["/app/bin/app"]
\ No newline at end of file
diff --git a/flake.nix b/flake.nix
index e002ace..3a06754 100644
--- a/flake.nix
+++ b/flake.nix
@@ -35,6 +35,11 @@
           name = "client";
           src = gitignore.lib.gitignoreSource ./client;
           npmDepsHash = "sha256-hOmZZrCSuHyRQhG6M7Yu5uRLTdCYOL/giT4zUm9iTRE=";
+          nodejs = pkgs.nodejs_22;
+          installPhase = ''
+            cp -r build "$out"
+            chmod -R u+w "$out"
+          '';
         };
 
       in
@@ -123,26 +128,9 @@
           pname = "trevstack";
           version = "1.0";
           src = gitignore.lib.gitignoreSource ./server;
-          vendorHash = "";
+          vendorHash = "sha256-PE9ns1W+7/ZBBxb7+96aXqBTzpDo5tGcfnCXAV8vp8E=";
 
-          buildInputs = with pkgs; [
-            # Go backend
-            go
-            gotools
-            gopls
-            
-            # Protobuf middleware
-            buf
-            protoc-gen-go
-            protoc-gen-connect-go
-            protoc-gen-es
-            protoc-gen-connect-openapi
-
-            # Svelte frontend
-            nodejs_22
-          ];
-
-          configurePhase = ''
+          preBuild = ''
             cp -r ${client} client
           '';
         };