-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
135 lines (114 loc) · 4.11 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
{
description = "NixOS agent.";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nix-serve-ng = {
url = "github:aristanetworks/nix-serve-ng";
inputs.nixpkgs.follows = "nixpkgs";
};
nil = {
url = "github:oxalica/nil";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, nix-serve-ng, nil, ... }:
let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in
{
devShells.x86_64-linux = {
default = pkgs.mkShell {
packages = with pkgs; [
git
cargo
rustc
rust-analyzer
rustfmt
just
clang
dbus.dev
systemdLibs.dev
pkg-config
# Both of these used with VSCode.
nixpkgs-fmt
nil.packages.${system}.default
];
hardeningDisable = [ "fortify" ];
env = {
RUST_BACKTRACE = "full";
RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}";
LIBCLANG_PATH = "${pkgs.libclang.lib}/lib";
};
};
};
packages.x86_64-linux =
let
nixless-agent-pkg = pkgs.rustPlatform.buildRustPackage {
pname = "nixless-agent";
version = "0.1.0";
src = ./.;
buildAndTestSubdir = "nixless-agent";
cargoLock = {
lockFile = ./Cargo.lock;
};
# TODO: Some incompatibility with libseccomp which is built by the `foundations` crate, should look into this to re-enable this setting in the future.
hardeningDisable = [ "fortify" ];
# TODO: remove.
buildType = "debug";
nativeBuildInputs = [ pkgs.pkg-config pkgs.rustPlatform.bindgenHook ];
buildInputs = [ pkgs.dbus.dev pkgs.systemdLibs.dev ];
meta = {
description = "nixless-agent";
mainProgram = "nixless-agent";
maintainers = with pkgs.lib.maintainers; [ danielsidhion ];
};
};
in
{
default = nixless-agent-pkg;
nixless-agent = nixless-agent-pkg;
system-switch-tracker = pkgs.rustPlatform.buildRustPackage {
pname = "system-switch-tracker";
version = "0.1.0";
src = ./.;
buildAndTestSubdir = "system-switch-tracker";
cargoLock = {
lockFile = ./Cargo.lock;
};
meta = {
description = "nixless-agent system switch tracker";
mainProgram = "system-switch-tracker";
maintainers = with pkgs.lib.maintainers; [ danielsidhion ];
};
};
nixless-request-signer = pkgs.rustPlatform.buildRustPackage {
pname = "nixless-request-signer";
version = "0.1.0";
src = ./.;
buildAndTestSubdir = "nixless-request-signer";
cargoLock = {
lockFile = ./Cargo.lock;
};
meta = {
description = "nixless-agent request signer";
mainProgram = "nixless-request-signer";
maintainers = with pkgs.lib.maintainers; [ danielsidhion ];
};
};
};
checks.x86_64-linux =
let
# Run `nix build .#.checks.x86_64-linux.<test_name>.driverInteractive` to build an interactive version of the check so you can inspect it if it fails.
# Inside the interactive session, you can either run the function `test_script()` to run the entire test, or call things individually. It works like a Python REPL. To log into a machine, run `machine_name.shell_interactive()`.
nixless-agent-tests = pkgs.callPackage ./tests/default.nix {
inherit nix-serve-ng;
inherit (self.packages.x86_64-linux) nixless-request-signer;
nixless-agent-module = import ./service.nix
{
inherit (self.packages.x86_64-linux) nixless-agent system-switch-tracker;
};
};
in
nixless-agent-tests;
};
}