From 96a2d420fb8ed78bffd57151141ad1e75ee9ea08 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Fri, 20 Feb 2026 23:23:06 -0800 Subject: [PATCH] Update install-dagger-on-nix-runner card with actual resolution Dagger can't run on the bare nix runner (needs container runtime). Used nix eval directly instead. Co-Authored-By: Claude Opus 4.6 --- .../zot/install-dagger-on-nix-runner.md | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/docs/how-to/zot/install-dagger-on-nix-runner.md b/docs/how-to/zot/install-dagger-on-nix-runner.md index f7960ac..7d5fda7 100644 --- a/docs/how-to/zot/install-dagger-on-nix-runner.md +++ b/docs/how-to/zot/install-dagger-on-nix-runner.md @@ -9,7 +9,7 @@ tags: # Install Dagger on Nix Runner -Install the Dagger CLI on the ringtail nix-container-builder runner so that the nix container build workflow can use `dagger call nix-version` to extract package versions from nixpkgs. +Use `nix eval` instead of `dagger call nix-version` for version extraction on the ringtail nix-container-builder runner. ## Context @@ -17,21 +17,14 @@ The `build-container-nix.yaml` workflow extracts container versions in this orde 1. `version = "..."` from `default.nix` (e.g. ntfy) 2. `ARG CONTAINER_APP_VERSION=` from Dockerfile (e.g. nettest) -3. `dagger call nix-version --package=` for nixpkgs packages (e.g. authentik) +3. Nixpkgs package version for packages without explicit versions (e.g. authentik) -Step 3 fails on the ringtail nix runner because dagger is not installed. The runner currently only has nix, skopeo, and jq. +Step 3 originally used `dagger call nix-version`, but dagger can't run on the bare nix runner: -## What to Do +- **Dagger is not in nixpkgs** — removed due to [trademark concerns](https://github.com/NixOS/nixpkgs/issues/260848). Available via `github:dagger/nix` flake. +- **Dagger needs a container runtime** — the CLI is just an API client; the engine runs as a container via Docker/containerd, which the nix runner doesn't have. -1. Add `dagger` to the ringtail nix runner environment in `nixos/ringtail/configuration.nix` (or equivalent) -2. Verify `dagger` is available in the runner's PATH -3. Re-run `mise run container-build-and-release authentik` to confirm the nix build succeeds - -## Verification - -- [ ] `ssh ringtail 'which dagger'` returns a path -- [ ] Authentik nix build workflow completes successfully -- [ ] `dagger call nix-version --package=authentik` works on the runner +The fix was to use `nix eval --raw "nixpkgs#.version"` directly, which is already available on the nix host and more appropriate. ## Related