diff options
-rw-r--r-- | .envrc | 2 | ||||
-rw-r--r-- | default.nix | 43 | ||||
-rw-r--r-- | flake.lock | 193 | ||||
-rw-r--r-- | flake.nix | 85 | ||||
-rwxr-xr-x | justfile | 45 | ||||
-rw-r--r-- | nix/default.nix | 101 | ||||
-rw-r--r-- | npins/default.nix | 80 | ||||
-rw-r--r-- | npins/sources.json | 41 | ||||
-rw-r--r-- | shell.nix | 37 |
9 files changed, 193 insertions, 434 deletions
diff --git a/.envrc b/.envrc index 51aa811..a75b02f 100644 --- a/.envrc +++ b/.envrc @@ -3,5 +3,5 @@ if type -P lorri &>/dev/null; then eval "$(lorri direnv)" else echo 'while direnv evaluated .envrc, could not find the command "lorri" [https://github.com/nix-community/lorri]' - use flake + use nix fi diff --git a/default.nix b/default.nix index 2cccff2..fd92a90 100644 --- a/default.nix +++ b/default.nix @@ -1,10 +1,33 @@ -(import - ( - let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in - fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; - } - ) - { src = ./.; } -).defaultNix +let + sources = import ./npins; + + pkgs = import sources.nixpkgs { + overlays = [ + (import "${sources.gomod2nix}/overlay.nix") + ]; + }; + pre-commit-hooks = import sources.pre-commit-hooks; +in +{ + pre-commit-check = pre-commit-hooks.run { + src = ./.; + hooks = { + go-mod-tidy = { + enable = true; + name = "go-mod-tidy"; + description = "Run `go mod tidy`"; + types_or = [ "go" "go-mod" ]; + entry = "${pkgs.go}/bin/go mod tidy"; + pass_filenames = false; + }; + gomod2nix = { + enable = true; + name = "gomod2nix"; + description = "Import go.mod updates to nix"; + types_or = [ "go-sum" ]; + entry = "${pkgs.gomod2nix}/bin/gomod2nix --outdir nix"; + pass_filenames = false; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock deleted file mode 100644 index 13e0613..0000000 --- a/flake.lock +++ /dev/null @@ -1,193 +0,0 @@ -{ - "nodes": { - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gomod2nix": { - "inputs": { - "flake-utils": [ - "utils" - ], - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1710154385, - "narHash": "sha256-4c3zQ2YY4BZOufaBJB4v9VBBeN2dH7iVdoJw8SDNCfI=", - "owner": "tweag", - "repo": "gomod2nix", - "rev": "872b63ddd28f318489c929d25f1f0a3c6039c971", - "type": "github" - }, - "original": { - "owner": "tweag", - "repo": "gomod2nix", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1715346633, - "narHash": "sha256-A9vSieOHR7B41QoWZcb7fEY7r29E4Vq3liXE0h0edf0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d42c1c8d447a388e1f2776d22c77f5642d703da6", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1710765496, - "narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e367f7a1fb93137af22a3908f00b9a35e2d286a7", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat_2", - "gitignore": "gitignore", - "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1716213921, - "narHash": "sha256-xrsYFST8ij4QWaV6HEokCUNIZLjjLP1bYC60K8XiBVA=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "0e8fcc54b842ad8428c9e705cb5994eaf05c26a0", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "root": { - "inputs": { - "flake-compat": "flake-compat", - "gomod2nix": "gomod2nix", - "nixpkgs": "nixpkgs", - "pre-commit-hooks": "pre-commit-hooks", - "utils": "utils" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/flake.nix b/flake.nix deleted file mode 100644 index ad68d77..0000000 --- a/flake.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - description = "My website, alanpearce.eu"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; - inputs.utils.url = "github:numtide/flake-utils"; - inputs.flake-compat = { - url = "github:edolstra/flake-compat"; - flake = false; - }; - inputs.gomod2nix = { - url = "github:tweag/gomod2nix"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.flake-utils.follows = "utils"; - }; - inputs.pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix"; - - outputs = { self, nixpkgs, utils, gomod2nix, pre-commit-hooks, ... }: - utils.lib.eachDefaultSystem - (system: - let - pkgs = import nixpkgs { - inherit system; - overlays = [ gomod2nix.overlays.default ]; - }; - packages = import ./nix/default.nix { - inherit pkgs self; - }; - commonShellPackages = with pkgs; [ - just - skopeo - flyctl - ]; - in - { - inherit packages; - devShells = { - ci = pkgs.mkShell { - packages = commonShellPackages; - }; - default = pkgs.mkShell { - inputsFrom = [ packages.builder ]; - inherit (self.checks.${system}.pre-commit-check) shellHook; - packages = with pkgs; [ - gopls - gotools - go-tools - gomod2nix.packages.${system}.default - gci - hyperlink - systemfd - modd - nodePackages.vercel - netlify-cli - ] ++ commonShellPackages; - }; - }; - checks = rec { - default = hyperlink; - hyperlink = pkgs.runCommandLocal "hyperlink" { } '' - ${pkgs.hyperlink}/bin/hyperlink ${packages.website}/public - touch $out - ''; - pre-commit-check = pre-commit-hooks.lib.${system}.run { - src = ./.; - hooks = { - go-mod-tidy = { - enable = true; - name = "go-mod-tidy"; - description = "Run `go mod tidy`"; - types_or = [ "go" "go-mod" ]; - entry = "${pkgs.go}/bin/go mod tidy"; - pass_filenames = false; - }; - gomod2nix = { - enable = true; - name = "gomod2nix"; - description = "Import go.mod updates to nix"; - types_or = [ "go-sum" ]; - entry = "${pkgs.gomod2nix}/bin/gomod2nix --outdir nix"; - pass_filenames = false; - }; - }; - }; - }; - }); -} diff --git a/justfile b/justfile index 22503ee..306ef26 100755 --- a/justfile +++ b/justfile @@ -1,9 +1,5 @@ -#! /usr/bin/env -S nix develop . --command just --justfile - -fly-system := "x86_64-linux" -fly-registry := "registry.fly.io/alanpearce-eu" -docker-tag := env_var_or_default("DOCKER_TAG", `date +%Y%m%d%H%M%S` + "-" + `git rev-parse --short HEAD`) -started-at := `date +%s` +#! /usr/bin/env nix-shell +#! nix-shell -i "just --justfile" default: @just --list --justfile {{ justfile() }} --unsorted @@ -11,9 +7,6 @@ default: clean: rm -r website -check: - nix flake check . --print-build-logs - check-licenses: nix run nixpkgs#go-licenses check ./... @@ -21,48 +14,16 @@ check-links: hyperlink website/public update-all: + npin update go get -u all gomod2nix --outdir nix - nix flake update - -watch-flake command: - watchexec --restart -w flake.nix -w flake.lock direnv exec . {{ command }} build: go run ./cmd/build -nix-build what: - nix build .#{{ what }} - dev: systemfd -s http::3000 -- modd -docker-stream system=(arch() + "-linux"): - @nix build --print-out-paths .#docker-stream-{{ system }} | sh - -docker-image system=(arch() + "-linux"): - nix build .#docker-image-{{ system }} - -docker-stream-fly: - just docker-stream {{ fly-system }} - -docker-image-fly: (docker-image fly-system) - -docker-inspect image-path="result": - skopeo inspect docker-archive:{{ image-path }} - -print-docker-tag: - @echo {{ fly-registry }}:{{ docker-tag }} - -stream-to-registry : - just docker-stream-fly | gzip --fast | skopeo copy --dest-precompute-digests docker-archive:/dev/stdin docker://{{ fly-registry }}:{{ docker-tag }} - -push-to-registry: - skopeo copy --dest-precompute-digests docker-archive://`readlink -f result` docker://{{ fly-registry }}:{{ docker-tag }} - -deploy-fly registry-and-tag=(fly-registry + ":" + docker-tag): - fly deploy --image {{ registry-and-tag }} - deploy-vercel-preview: clean build vercel pull --environment=preview vercel deploy diff --git a/nix/default.nix b/nix/default.nix deleted file mode 100644 index 095b3f7..0000000 --- a/nix/default.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ pkgs, self }: -let - version = "unstable"; - shortSHA = self.shortRev or self.dirtyShortRev; - fullSHA = self.rev or self.dirtyRev; - mkDocker = type: { server, website }: - let - PORT = 80; - in - pkgs.dockerTools.${type} { - name = "registry.fly.io/alanpearce-eu"; - tag = fullSHA; - contents = [ - website - ]; - config = { - Cmd = [ "${server}/bin/server" ]; - Env = [ - "PRODUCTION=true" - "LISTEN_ADDRESS=::" - "PORT=${builtins.toString PORT}" - ]; - ExposedPorts = { - "${builtins.toString PORT}/tcp" = { }; - }; - }; - }; - mkDockerStream = mkDocker "streamLayeredImage"; - mkDockerImage = mkDocker "buildLayeredImage"; -in -with pkgs; rec { - default = server; - builder = buildGoApplication { - pname = "website-builder"; - inherit version; - CGO_ENABLED = 0; - src = with lib.fileset; toSource { - root = ./..; - fileset = unions [ - ./../go.mod - ./../go.sum - ./../cmd/build - ./../internal - ]; - }; - modules = ./gomod2nix.toml; - subPackages = [ "cmd/build" ]; - }; - website = runCommandLocal "build" - { - src = with lib.fileset; toSource { - root = ./..; - fileset = unions [ - ./../config.toml - ./../content - ./../static - ./../templates - ]; - }; - } '' - ${builder}/bin/build -s $src -d $out - ''; - server = buildGoApplication { - pname = "server"; - inherit version; - CGO_ENABLED = 0; - src = with lib.fileset; toSource { - root = ./..; - fileset = unions [ - ./../go.mod - ./../go.sum - ./../cmd/server - ./../internal - ]; - }; - modules = ./gomod2nix.toml; - subPackages = [ "cmd/server" ]; - ldflags = [ - "-s" - "-w" - "-X" - "website/internal/server.CommitSHA=${fullSHA}" - "-X" - "website/internal/server.ShortSHA=${shortSHA}" - ]; - }; - docker-stream = mkDockerStream { inherit server website; }; - docker-stream-aarch64-linux = mkDockerStream { - inherit website; server = (self.packages.aarch64-linux.server); - }; - docker-stream-x86_64-linux = mkDockerStream { - inherit website; server = (self.packages.x86_64-linux.server); - }; - docker-image = mkDockerImage { inherit server website; }; - docker-image-aarch64-linux = mkDockerImage { - inherit website; server = (self.packages.aarch64-linux.server); - }; - docker-image-x86_64-linux = mkDockerImage { - inherit website; server = (self.packages.x86_64-linux.server); - }; -} diff --git a/npins/default.nix b/npins/default.nix new file mode 100644 index 0000000..5e7d086 --- /dev/null +++ b/npins/default.nix @@ -0,0 +1,80 @@ +# Generated by npins. Do not modify; will be overwritten regularly +let + data = builtins.fromJSON (builtins.readFile ./sources.json); + version = data.version; + + mkSource = + spec: + assert spec ? type; + let + path = + if spec.type == "Git" then + mkGitSource spec + else if spec.type == "GitRelease" then + mkGitSource spec + else if spec.type == "PyPi" then + mkPyPiSource spec + else if spec.type == "Channel" then + mkChannelSource spec + else + builtins.throw "Unknown source type ${spec.type}"; + in + spec // { outPath = path; }; + + mkGitSource = + { + repository, + revision, + url ? null, + hash, + branch ? null, + ... + }: + assert repository ? type; + # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository + # In the latter case, there we will always be an url to the tarball + if url != null then + (builtins.fetchTarball { + inherit url; + sha256 = hash; # FIXME: check nix version & use SRI hashes + }) + else + assert repository.type == "Git"; + let + urlToName = + url: rev: + let + matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url; + + short = builtins.substring 0 7 rev; + + appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; + in + "${if matched == null then "source" else builtins.head matched}${appendShort}"; + name = urlToName repository.url revision; + in + builtins.fetchGit { + url = repository.url; + rev = revision; + inherit name; + # hash = hash; + }; + + mkPyPiSource = + { url, hash, ... }: + builtins.fetchurl { + inherit url; + sha256 = hash; + }; + + mkChannelSource = + { url, hash, ... }: + builtins.fetchTarball { + inherit url; + sha256 = hash; + }; +in +if version == 3 then + builtins.mapAttrs (_: mkSource) data.pins +else + throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" diff --git a/npins/sources.json b/npins/sources.json new file mode 100644 index 0000000..4aaef0d --- /dev/null +++ b/npins/sources.json @@ -0,0 +1,41 @@ +{ + "pins": { + "gomod2nix": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "tweag", + "repo": "gomod2nix" + }, + "branch": "master", + "revision": "31b6d2e40b36456e792cd6cf50d5a8ddd2fa59a1", + "url": "https://github.com/tweag/gomod2nix/archive/31b6d2e40b36456e792cd6cf50d5a8ddd2fa59a1.tar.gz", + "hash": "0b8cmc8dk34pgcac5s1jvryfcn8kyhbzhh1i22rzv5kf00f09lhb" + }, + "nixpkgs": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "NixOS", + "repo": "nixpkgs" + }, + "branch": "nixpkgs-unstable", + "revision": "e6cea36f83499eb4e9cd184c8a8e823296b50ad5", + "url": "https://github.com/NixOS/nixpkgs/archive/e6cea36f83499eb4e9cd184c8a8e823296b50ad5.tar.gz", + "hash": "13xygz94ax0c63kn59pdlscl2pm6srqn0vfw7r4fvsmassj87mar" + }, + "pre-commit-hooks": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "cachix", + "repo": "pre-commit-hooks.nix" + }, + "branch": "master", + "revision": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "url": "https://github.com/cachix/pre-commit-hooks.nix/archive/cc4d466cb1254af050ff7bdf47f6d404a7c646d1.tar.gz", + "hash": "1gl1bdnv533jyvj12dfyg8q5haprapswnn7hbpikb2qbnnwc2xzd" + } + }, + "version": 3 +} \ No newline at end of file diff --git a/shell.nix b/shell.nix index d2c4c45..17cd5ce 100644 --- a/shell.nix +++ b/shell.nix @@ -1,3 +1,36 @@ -{ system ? builtins.currentSystem }: +{ pkgs ? ( + let + sources = import ./npins; + in + import sources.nixpkgs { + overlays = [ + (import "${sources.gomod2nix}/overlay.nix") + ]; + } + ) +}: +let + goEnv = pkgs.mkGoEnv { pwd = ./.; }; + inherit (import ./.) pre-commit-check; +in +pkgs.mkShell { + inherit (pre-commit-check) shellHook; + packages = with pkgs; [ + goEnv -(builtins.getFlake (toString ./.)).devShells.${system}.default + npins + gopls + gotools + go-tools + gci + hyperlink + systemfd + just + modd + + skopeo + flyctl + nodePackages.vercel + netlify-cli + ]; +} |