From be9246781977e5afdb19cce90681cd4b7f5fa6ed Mon Sep 17 00:00:00 2001
From: Vladimir Timofeenko <vladimir.timofeenko@snowflake.com>
Date: Fri, 22 Mar 2024 14:40:04 -0700
Subject: [PATCH] chore: remove manual environment configuration step

GH actions now have proper Nix with KVM so the extra step of fixup-env
is no longer needed.

Closes #2.
---
 README.md                          |  2 --
 packages/ttydContainer/package.nix | 42 ++++++------------------------
 2 files changed, 8 insertions(+), 36 deletions(-)

diff --git a/README.md b/README.md
index cb07fb2..b04f19e 100644
--- a/README.md
+++ b/README.md
@@ -94,8 +94,6 @@ machine).
 2. Wait for endpoints provisioning to complete (you can monitor the output of
    `SHOW ENDPOINTS IN SERVICE <serviceName>`)
 3. Open the `ttyd` endpoint URL
-4. If using the Nix-based image, run `fixup-env` command to set up the
-   environment
 
 # Packages in the container
 
diff --git a/packages/ttydContainer/package.nix b/packages/ttydContainer/package.nix
index a45031e..18abde4 100644
--- a/packages/ttydContainer/package.nix
+++ b/packages/ttydContainer/package.nix
@@ -3,21 +3,6 @@
 let
   pkgs = targetPkgs;
 
-  fixUpEnv = pkgs.writeShellApplication {
-    name = "fixup-env";
-    runtimeInputs = [ pkgs.shadow ];
-
-    meta.description = "Performs post-setup updates in the container allowing to use nix command.";
-
-    text = ''
-      mkdir -p /tmp
-
-      ${pkgs.dockerTools.shadowSetup}
-      groupadd -r nixbld
-      for n in $(seq 1 10); do useradd -c "Nix build user $n" -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(command -v nologin)" "nixbld$n"; done
-    '';
-  };
-
   nixConfig = pkgs.stdenv.mkDerivation {
     name = "nix-conf";
     src = ./.;
@@ -54,7 +39,7 @@ let
         moreutils
         ;
     })
-  ++ [ nixConfig fixUpEnv ];
+  ++ [ nixConfig ];
 in
 pkgs.dockerTools.buildImage {
   name = "ttyd-container";
@@ -73,25 +58,14 @@ pkgs.dockerTools.buildImage {
     }) ++ commonPackages;
   };
 
-  /* runAsRoot needs nix with `kvm`. This can be achieved with cachix action:
-
-    - uses: cachix/install-nix-action@vXX
-      with:
-        extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
-
-    which might need udevadm action:
-
-    - name: Enable KVM group perms
-        run: |
-            echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
-            sudo udevadm control --reload-rules
-            sudo udevadm trigger --name-match=kvm
-
-    source: https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
+  # Needs Nix runner with kvm capabilities. GH actions provide one.
+  runAsRoot = ''
+    mkdir -p /tmp
 
-    TODO: try with cachix and try with det sys action for the magic cache.
-  */
-  # runAsRoot = "";
+    ${pkgs.dockerTools.shadowSetup}
+    groupadd -r nixbld
+    for n in $(seq 1 10); do useradd -c "Nix build user $n" -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(command -v nologin)" "nixbld$n"; done
+  '';
 
   architecture = "amd64";