Nix and containers

Nix can be used to build reproducible OCI/Docker container images without a Dockerfile, using pkgs.dockerTools to compose layers purely from the Nix store. This approach guarantees bit-for-bit reproducible images with minimal attack surface, since only the exact declared dependencies are included.

https://thewagner.net/blog/2021/02/25/building-container-images-with-nix/
https://thewagner.net/blog/2020/04/30/exploring-nix/

https://nixos.asia/en/blog/replacing-docker-compose

See also

• Docker
• 00 Containers
• Nix cheat sheet

Page last modified: 2026-04-06 20:35:09