Try nerdctl

96_nerdctl/Dockerfile.ffmpeg

@@ -0,0 +1,74 @@
+# syntax=docker/dockerfile:1.4
+ARG baseimage="scratch"
+FROM nixos/nix:latest AS BUILDER
+
+ARG FLAKE=ffmpeg
+
+WORKDIR /scratch
+
+COPY --chmod=755 <<EOF /scratch/enable-flakes.sh
+#!/usr/bin/env bash
+cat <<- HEREDOC > /etc/nix/nix.conf
+experimental-features = nix-command flakes
+# WARNING: This is a security risk - for arm builds only
+filter-syscalls = false
+HEREDOC
+EOF
+RUN "/scratch/enable-flakes.sh"
+
+COPY ./ffmpeg ./
+
+# NOTE: Escape the \$ otherwise they are rendered at buildtime
+COPY --chmod=755 <<EOF /scratch/exportldd.sh
+#!/usr/bin/env bash
+# Make sure these are dynamically discovered
+LDD_PROGRAM=$(find / -type f -executable -name "ldd")
+AWK_PROGRAM=$(find / -type f -executable -name "gawk")
+FFMPEG_PROGRAM=$(find / -type f -executable -name "ffmpeg")
+mkdir -p /output/libs /output/bin
+
+echo "LDD_PROGRAM=\$LDD_PROGRAM"
+echo "AWK_PROGRAM=\$AWK_PROGRAM"
+echo "FFMPEG_PROGRAM=\$FFMPEG_PROGRAM"
+echo \$(which ffmpeg)
+echo
+
+while IFS=, read -r PROGRAM_FILE
+do
+    #echo \$PROGRAM_FILE
+    \${LDD_PROGRAM} "\$PROGRAM_FILE" > /scratch/libs.txt
+    cat /scratch/libs.txt | \${AWK_PROGRAM} 'NF == 4 { {print \$3} }' > /scratch/libs_extracted.txt    
+    cat /scratch/libs_extracted.txt | \${AWK_PROGRAM} -F/ -vOFS=/ '{ print \$1,\$2,\$3,\$4; }' | sort -u >> /scratch/libs_paths.txt
+    cp "\$PROGRAM_FILE" /output/bin
+done << PROGRAMS
+\$FFMPEG_PROGRAM
+PROGRAMS
+
+tar -cvf /scratch/libraries.tar -T /scratch/libs_paths.txt
+tar xf /scratch/libraries.tar --directory=/output/libs
+# remove includes and manpages (add this once tested - reduces image by 45MB)
+find /output -iname "share" -or -iname "include" | xargs rm -rf
+EOF
+
+RUN nix develop --impure --command bash -c '/scratch/exportldd.sh'
+
+CMD ["./output/bin/$PROGRAM_FILE", "-version"]
+
+FROM $baseimage AS PRODUCTION
+
+COPY --from=BUILDER /output/bin/ /usr/bin/
+COPY --from=BUILDER /output/libs /
+
+# NOTE: Escape the \$ otherwise they are rendered at buildtime
+# If using distroless, use this instead
+#!/busybox/env sh
+COPY --chmod=755 <<EOF /usr/bin/show_architecture.sh
+#!/usr/bin/env bash
+cat /proc/version
+cat /proc/cpuinfo
+lscpu
+uname -a    
+EOF
+
+ENTRYPOINT [ "/usr/bin/ffmpeg" ]
+CMD ["/usr/bin/ffmpeg", "-version"]

96_nerdctl/README.md

@@ -0,0 +1,45 @@
+# NERDCTL
+
+Demonstrate how to use `nerdctl`  
+
+## Install
+
+```sh
+# on linux or mac
+brew install nerdctl
+
+# v1.4.0
+nerdctl --version 
+
+which nerdctl
+```
+
+## Building
+
+```sh
+# build normal
+docker buildx build  --platform linux/amd64 --load --progress=plain -f Dockerfile.ffmpeg -t ffmpeg .
+
+# run
+docker run --rm -it ffmpeg 
+```
+
+```sh
+# needs rootless
+nerdctl buildx build  --platform linux/amd64 --load --progress=plain -f Dockerfile.ffmpeg -t ffmpeg .
+
+# requires buildctl and buildkitd (using linuxbrew)
+sudo /home/linuxbrew/.linuxbrew/bin/nerdctl build --progress=plain -f Dockerfile.ffmpeg -t ffmpeg .
+
+brew install buildkit
+```
+
+## Resources
+
+* nerdctl: Docker-compatible CLI for containerd [here](https://github.com/containerd/nerdctl)  
+* Lazy-pulling using Stargz Snapshotter [here](https://github.com/containerd/nerdctl/blob/main/docs/stargz.md)  
+
+https://github.com/containerd/nerdctl/blob/main/docs/rootless.md
+
+https://github.com/moby/buildkit
+

96_nerdctl/ffmpeg/flake.nix

@@ -0,0 +1,19 @@
+{
+  description = "Install ffmpeg as a flake";
+  inputs.nixpkgs.url = "github:nixos/nixpkgs";
+  inputs.flake-utils.url = "github:numtide/flake-utils";
+
+  outputs = { nixpkgs, flake-utils, ... }:
+    flake-utils.lib.eachDefaultSystem (system:
+      let
+        pkgs = import nixpkgs { inherit system; };
+      in
+      {
+        devShells.default = pkgs.mkShell {
+          packages = [ 
+            pkgs.ffmpeg_5 
+          ];         
+        };
+      });
+}
+