Hi,

On Fri, 06 Nov 2020 13:47:02 +0100
zimoun <zimon.toutoune@gmail.com> wrote:

> On Fri, 06 Nov 2020 at 10:59, Ludovic Courtès <ludo@gnu.org> wrote:
> 
> >  guix pack guix -f docker -S /bin=bin \
> >    --entry-point="bin/guix-daemon --disable-chroot"

Why --disable-chroot here?  (I'm not objecting to it)

> > might work, right?
> >
> > Someone needs to try because the devil is in the details.  
> 
> I will try to give a try.  If someone does not beat me.

Please do.

Note: guix-daemon needs a usergroup in order to actually usefully build
things, with at least one member user.

If Docker actually has first-class composition operators (I don't know), then
that should not go into the same image--but that means the end user has to 
provide a /etc/group and /etc/passwd with at least the "guixbuild" group and
at least one member in that group as a composable image[maybe 1] in order
for guix-daemon to actually work.

Also, guix needs /etc/services for http and https and so on to resolve.

Or you could just add those to the main guix docker image--but I think that
would be kinda weird (even though I'm doing it for mine--but it has a kind
of narrow use case where this is fine for the time being).

Or provide the host /etc/passwd using the "-v" command line option (that
would be kinda weird, too).

Or expect the user to always create a dockerfile and use "FROM" to derive
from the offical image.

[1] https://docs.docker.com/compose/compose-file/compose-file-v2/