Building a docker image using nix is great as dependencies are always bundled together in nix. By using nix, you don’t need to find out and install the missing dependencies that are not on the base images, which saves quite a considerable time debuging docker images.
However, while building with nix in docker I came across this error message:
error: unable to load seccomp BPF program: Invalid argumentAccording to this Github issue, this error occurs when nix is running inside an emulated environment (ie. an architecture different from the one running natively on your machine). This can be solved by appending filter-syscalls = false to the nix config. Note that this may be a security risk, but for running inside containers this seems to be an acceptable one.
In a Dockerfile, here’s how you would apply to your image’s nix config:
FROM nixos/nix:latest AS builder
RUN echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf \
&& echo "filter-syscalls = false" >> /etc/nix/nix.conf
# add your commands here
Self-taught full-stack web dev based in Tokyo.
Occasionally wrecks servers through
self-hosting
and
homelab-ing.