clean up by root

kachick · Mar 8, 2024 · a77483d · a77483d
1 parent c9e06ce
commit a77483d
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 3 deletions.
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -80,6 +80,7 @@ jobs:
           container_name="$(podman ps --sort=created --format {{.Names}} | tail -1)"
           [ -n "$container_name" ] # May be fail with bg timing
           podman exec --user=user -it "$container_name" /provisioner/needs_systemd.bash
+          podman exec --user=root -it "$container_name" rm -rf /provisioner/cleanup.bash
           podman commit "$container_name" ran-nix-commands-by-user
           podman kill "$container_name"
       - name: Finalize the image

diff --git a/containers/Containerfile b/containers/Containerfile
@@ -15,6 +15,7 @@ RUN mkdir -p ~/.local/state/nix/profiles
 # Don't use /tmp, it removes in first run
 COPY ./ /provisioner/dotfiles/
 COPY ./containers/needs_systemd.bash /provisioner/needs_systemd.bash
+COPY ./containers/cleanup.bash /provisioner/cleanup.bash
 
 # Should back to original of kachick/ubuntu-nix-systemd, we need to run systemd fist
 USER root

diff --git a/containers/cleanup.bash b/containers/cleanup.bash
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+# Focus to root privilege operations
+
+rm -rf /provisioner/dotfiles
+nix store gc
diff --git a/containers/needs_systemd.bash b/containers/needs_systemd.bash
@@ -4,6 +4,3 @@ set -euxo pipefail
 
 nix-shell --packages git --command 'git config --global --add safe.directory /provisioner/dotfiles'
 nix run '/provisioner/dotfiles#home-manager' -- switch -b backup --flake '/provisioner/dotfiles/#user'
-
-rm -rf /provisioner/dotfiles
-nix store gc