iA Blog

Building a Docker Image using Nix Flakes

06 Feb 2024 | docker, nix, nixos, flakes

Building a docker image using nix is great as dependencies are always bundled together in nix. By using nix, you don’t need to find out and install the missing dependencies that are not on the base images, which saves quite a considerable time debuging docker images.

However, while building with nix in docker I came across this error message:

error: unable to load seccomp BPF program: Invalid argument

According to this Github issue, this error occurs when nix is running inside an emulated environment (ie. an architecture different from the one running natively on your machine). This can be solved by appending filter-syscalls = false to the nix config. Note that this may be a security risk, but for running inside containers this seems to be an acceptable one.

In a Dockerfile, here’s how you would apply to your image’s nix config:

FROM nixos/nix:latest AS builder

RUN echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf \
  && echo "filter-syscalls = false" >> /etc/nix/nix.conf

# add your commands here

Adwin Ying's avatar
Adwin Ying

Self-taught full-stack web dev based in Tokyo. Occasionally wrecks servers through  self-hosting  and  homelab-ing.

← Back to all posts