Commit Graph

6 Commits

Author SHA1 Message Date
Markus Rudy
473001be55
vpn: ship our own container image (#2909)
* vpn: ship our own container image

The container image used in the VPN chart should be reproducible and
stable. We're sticking close to the original nixery.dev version by
building the image with nix ourselves, and then publishing the single
layer from the result with Bazel OCI rules. The resulting image should
be handled similar to s3proxy: it's built as a part of the Constellation
release process and then consumed from a Helm chart in our registry.

Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2024-02-15 13:08:27 +01:00
Malte Poll
5c19b2c27b bazel: add cross compiler for darwin
This allows cross compiling from aarch64-darwin to x86_64-linux.
It is required for building Go binaries on macos that target Linux and have CGO enabled.
2023-12-01 09:35:33 +01:00
Malte Poll
cd6e03049a libvirt: build containerized libvirt as nix container image 2023-12-01 09:35:33 +01:00
Malte Poll
9be252fccb bazel: import C libraries from nix as cc_libary
This also includes aliases to select the correct library based on the target platform.
2023-12-01 09:35:33 +01:00
Malte Poll
e895aa5495 nix: add derivations for C library dependencies
Cryptsetup and libvirt are new.
OpenSSL was moved with the rest.

The dynamic libaries cryptsetup and libvirt also ship a file called closure.tar,
that contains the transitive closure for all of their dependencies.
This tar file can be used as a container image layer or added to a bootable OS image
to provide the runtime dependencies required for dynamic linking.
Additionally, they ship a `rpath` file. This can be used together with patchelf to
fix the RPATH of binaries produced by Bazel.
2023-12-01 09:35:33 +01:00
Malte Poll
b25ae9a3be nix: init flake
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-09-27 17:58:19 +02:00