chore(nix): Move files around to conform to new read-tree layout
Broadly speaking, the following things are included: * there is now a uniform `args` struct that is passed to all derivations, package headers have been changed appropriately * overrides are now loaded from a separate `override` folder just using read-tree.nix * third-party packages have moved into the `third_party` attribute set
This commit is contained in:
		
							parent
							
								
									4d852e2ef7
								
							
						
					
					
						commit
						c1c379848a
					
				
					 19 changed files with 109 additions and 99 deletions
				
			
		
							
								
								
									
										82
									
								
								default.nix
									
										
									
									
									
								
							
							
						
						
									
										82
									
								
								default.nix
									
										
									
									
									
								
							|  | @ -14,78 +14,34 @@ let | |||
|     url = "https://github.com/NixOS/nixpkgs-channels/archive/${stableCommit}.tar.gz"; | ||||
|     sha256 = "0243qiivxl3z51biy4f5y5cy81x5bki5dazl9wqwgnmd373gpmxy"; | ||||
|   }; | ||||
|   readTree = import ./read-tree.nix; | ||||
| 
 | ||||
|   localPkgs = self: super: { | ||||
|     # Local projects should be added here: | ||||
|     tazjin = { | ||||
|       blog = self.callPackage ./services/tazblog {}; | ||||
|       blog_cli = self.callPackage ./tools/blog_cli {}; | ||||
|       gemma = self.callPackage ./services/gemma {}; | ||||
|       nixcon = self.naersk.buildPackage ./services/nixcon-demo {}; | ||||
|   localPkgs = self: super: | ||||
|     let config = { | ||||
|       pkgs = self; | ||||
|       upstream = super; | ||||
| 
 | ||||
|       kms_pass = self.callPackage ./tools/kms_pass { | ||||
|       kms = { | ||||
|         project = "tazjins-infrastructure"; | ||||
|         region = "europe-north1"; | ||||
|         keyring = "tazjins-keys"; | ||||
|         key = "kontemplate-key"; | ||||
|       }; | ||||
|     }; | ||||
|     in { | ||||
|       services = readTree ./services config; | ||||
|       tools = readTree ./tools config; | ||||
|       third_party = readTree ./third_party config; | ||||
|     } // (readTree ./overrides config); | ||||
| 
 | ||||
|     # Third-party projects (either vendored or modified from nixpkgs) go here: | ||||
|     nixery = import ./third_party/nixery.nix { pkgs = self; }; | ||||
|     terraform-gcp = self.terraform_0_12.withPlugins(p: [ p.google p.google-beta ]); | ||||
|     ormolu = import (self.fetchFromGitHub { | ||||
|       owner = "tweag"; | ||||
|       repo = "ormolu"; | ||||
|       rev = "a7076c0f83e5c06ea9067b71171859fa2ba8afd9"; | ||||
|       sha256 = "1p4n2ja4ciw3qfskn65ggpy37mvgf2sslxqmqn8s8jjarnqcyfny"; | ||||
|     }) { pkgs = self; }; | ||||
|     naersk = self.callPackage (self.fetchFromGitHub { | ||||
|       owner = "nmattia"; | ||||
|       repo = "naersk"; | ||||
|       rev = "68c1c2b2b661913cdc5ecabea518dfdc4f449027"; | ||||
|       sha256 = "1ll310pl44kdbwfslzwvg2v7khf1y0xkg2j5wcfia4k7sj6bcl28"; | ||||
|     }) {}; | ||||
| 
 | ||||
|     # Gemma needs an older version of Elm to be built. Updating it to | ||||
|     # the newer version is a lot of effort. | ||||
|     elmPackages = (import (self.fetchFromGitHub { | ||||
|       owner = "NixOS"; | ||||
|       repo = "nixpkgs"; | ||||
|       rev = "14f9ee66e63077539252f8b4550049381a082518"; | ||||
|       sha256 = "1wn7nmb1cqfk2j91l3rwc6yhimfkzxprb8wknw5wi57yhq9m6lv1"; | ||||
|     }) {}).elmPackages; | ||||
| 
 | ||||
|     # Wrap kontemplate to inject the Cloud KMS version of 'pass' | ||||
|     kontemplate = | ||||
|       let master = super.kontemplate.overrideAttrs(_: { | ||||
|         src = self.fetchFromGitHub { | ||||
|           owner = "tazjin"; | ||||
|           repo = "kontemplate"; | ||||
|           rev = "v1.8.0"; | ||||
|           sha256 = "123mjmmm4hynraq1fpn3j5i0a1i87l265kkjraxxxbl0zacv74i1"; | ||||
|         }; | ||||
|       }); | ||||
|       in self.writeShellScriptBin "kontemplate" '' | ||||
|         export PATH="${self.tazjin.kms_pass}/bin:$PATH" | ||||
|         exec ${master}/bin/kontemplate $@ | ||||
|       ''; | ||||
| 
 | ||||
|     # One of Gemma's dependencies is missing in nixpkgs' Quicklisp | ||||
|     # package set, it is overlaid locally here. | ||||
|     lispPackages = import ./third_party/common_lisp/quicklisp.nix { | ||||
|       inherit (self) lib; | ||||
|       inherit (super) lispPackages; | ||||
|     }; | ||||
| 
 | ||||
|     # All projects that should be built by CI should be added here: | ||||
|     ciProjects = [ | ||||
|       self.kontemplate | ||||
|       self.nixery | ||||
|       self.ormolu | ||||
|       self.terraform-gcp | ||||
|     ] ++ filter (d: d ? meta.broken && !d.meta.broken) (attrValues self.tazjin); | ||||
|   }; | ||||
|   #   # All projects that should be built by CI should be added here: | ||||
|   #   ciProjects = [ | ||||
|   #     self.kontemplate | ||||
|   #     self.nixery | ||||
|   #     self.ormolu | ||||
|   #     self.terraform-gcp | ||||
|   #   ] ++ filter (d: d ? meta.broken && !d.meta.broken) (attrValues self.tazjin); | ||||
|   # }; | ||||
| 
 | ||||
| in { ... } @ args: import stableSrc (args // { | ||||
|     overlays = [ localPkgs ]; | ||||
|  |  | |||
							
								
								
									
										10
									
								
								overrides/elmPackages.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								overrides/elmPackages.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,10 @@ | |||
| # Gemma needs an older version of Elm to be built. Updating it to | ||||
| # the newer version is a lot of effort. | ||||
| { pkgs, ... }: | ||||
| 
 | ||||
| (import (pkgs.fetchFromGitHub { | ||||
|   owner = "NixOS"; | ||||
|   repo = "nixpkgs"; | ||||
|   rev = "14f9ee66e63077539252f8b4550049381a082518"; | ||||
|   sha256 = "1wn7nmb1cqfk2j91l3rwc6yhimfkzxprb8wknw5wi57yhq9m6lv1"; | ||||
| }) {}).elmPackages | ||||
							
								
								
									
										14
									
								
								overrides/kontemplate.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								overrides/kontemplate.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | |||
| { pkgs, upstream, ... }: | ||||
| 
 | ||||
| let master = upstream.kontemplate.overrideAttrs(_: { | ||||
|   src = pkgs.fetchFromGitHub { | ||||
|     owner = "tazjin"; | ||||
|     repo = "kontemplate"; | ||||
|     rev = "v1.8.0"; | ||||
|     sha256 = "123mjmmm4hynraq1fpn3j5i0a1i87l265kkjraxxxbl0zacv74i1"; | ||||
|   }; | ||||
| }); | ||||
| in pkgs.writeShellScriptBin "kontemplate" '' | ||||
|   export PATH="${pkgs.tools.kms_pass}/bin:$PATH" | ||||
|   exec ${master}/bin/kontemplate $@ | ||||
| '' | ||||
							
								
								
									
										8
									
								
								overrides/lispPackages/default.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								overrides/lispPackages/default.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | |||
| # One of Gemma's dependencies is missing in nixpkgs' Quicklisp | ||||
| # package set, it is overlaid locally here. | ||||
| { pkgs, upstream, ... }: | ||||
| 
 | ||||
| import ./quicklisp.nix { | ||||
|   inherit (pkgs) lib; | ||||
|   inherit (upstream) lispPackages; | ||||
| } | ||||
|  | @ -1,6 +1,3 @@ | |||
| # Overlay over `pkgs.lispPackages` that adds additional packages which | ||||
| # are missing from the imported Quicklisp package set in nixpkgs. | ||||
| 
 | ||||
| { lib, lispPackages }: | ||||
| 
 | ||||
| let inherit (lispPackages) buildLispPackage qlOverrides fetchurl; | ||||
|  | @ -1,4 +1,4 @@ | |||
| path: self: super: | ||||
| path: { pkgs, ... } @ args: | ||||
| 
 | ||||
| let | ||||
|   inherit (builtins) | ||||
|  | @ -15,8 +15,6 @@ let | |||
|     toPath | ||||
|     toString; | ||||
| 
 | ||||
|   args = { pkgs = self; }; | ||||
| 
 | ||||
|   zipAttrs = names: values: | ||||
|     if (names == []) || (values == []) | ||||
|     then [] | ||||
|  |  | |||
|  | @ -1,17 +1,20 @@ | |||
| { stdenv, sbcl, lispPackages, elmPackages, makeWrapper, openssl }: | ||||
| { pkgs, ... }: | ||||
| 
 | ||||
| let frontend = stdenv.mkDerivation { | ||||
|   name = "gemma-frontend"; | ||||
|   src = ./frontend; | ||||
|   buildInputs = [ elmPackages.elm ]; | ||||
| let | ||||
|   inherit (pkgs) stdenv sbcl lispPackages elmPackages makeWrapper openssl; | ||||
| 
 | ||||
|   phases = [ "unpackPhase" "buildPhase" ]; | ||||
|   buildPhase = '' | ||||
|     mkdir .home && export HOME="$PWD/.home" | ||||
|     mkdir -p $out | ||||
|     elm-make --yes Main.elm --output $out/index.html | ||||
|   ''; | ||||
| }; | ||||
|   frontend = stdenv.mkDerivation { | ||||
|     name = "gemma-frontend"; | ||||
|     src = ./frontend; | ||||
|     buildInputs = [ elmPackages.elm ]; | ||||
| 
 | ||||
|     phases = [ "unpackPhase" "buildPhase" ]; | ||||
|     buildPhase = '' | ||||
|       mkdir .home && export HOME="$PWD/.home" | ||||
|       mkdir -p $out | ||||
|       elm-make --yes Main.elm --output $out/index.html | ||||
|     ''; | ||||
|   }; | ||||
| in stdenv.mkDerivation rec { | ||||
|   name = "gemma"; | ||||
|   src = ./.; | ||||
|  |  | |||
|  | @ -0,0 +1,3 @@ | |||
| { pkgs, ... }: | ||||
| 
 | ||||
| pkgs.third_party.naersk.buildPackage ./. {} | ||||
|  | @ -2,9 +2,10 @@ | |||
| # | ||||
| # tazblog.nix was generated using cabal2nix. | ||||
| 
 | ||||
| { writeShellScriptBin, haskell }: | ||||
| { pkgs, ... }: | ||||
| 
 | ||||
| let | ||||
|   inherit (pkgs) writeShellScriptBin haskell; | ||||
|   tazblog = haskell.packages.ghc865.callPackage ./tazblog.nix {}; | ||||
|   wrapper =  writeShellScriptBin "tazblog" '' | ||||
|     export PORT=8000 | ||||
|  |  | |||
							
								
								
									
										9
									
								
								third_party/naersk.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								third_party/naersk.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,9 @@ | |||
| { pkgs, ... }: | ||||
| 
 | ||||
| let inherit (pkgs) callPackage fetchFromGitHub; | ||||
| in callPackage (fetchFromGitHub { | ||||
|   owner = "nmattia"; | ||||
|   repo = "naersk"; | ||||
|   rev = "68c1c2b2b661913cdc5ecabea518dfdc4f449027"; | ||||
|   sha256 = "1ll310pl44kdbwfslzwvg2v7khf1y0xkg2j5wcfia4k7sj6bcl28"; | ||||
| }) {} | ||||
							
								
								
									
										2
									
								
								third_party/nixery.nix
									
										
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								third_party/nixery.nix
									
										
									
									
										vendored
									
									
								
							|  | @ -1,6 +1,6 @@ | |||
| # Technically I suppose Nixery is not a third-party program, but it's | ||||
| # outside of this repository ... | ||||
| { pkgs }: | ||||
| { pkgs, ... }: | ||||
| 
 | ||||
| let src = pkgs.fetchFromGitHub { | ||||
|   owner = "google"; | ||||
|  |  | |||
							
								
								
									
										8
									
								
								third_party/ormolu.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								third_party/ormolu.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | |||
| { pkgs, ... }: | ||||
| 
 | ||||
| import (pkgs.fetchFromGitHub { | ||||
|   owner = "tweag"; | ||||
|   repo = "ormolu"; | ||||
|   rev = "a7076c0f83e5c06ea9067b71171859fa2ba8afd9"; | ||||
|   sha256 = "1p4n2ja4ciw3qfskn65ggpy37mvgf2sslxqmqn8s8jjarnqcyfny"; | ||||
| }) { inherit pkgs; } | ||||
							
								
								
									
										3
									
								
								third_party/terraform-gcp.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								third_party/terraform-gcp.nix
									
										
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | |||
| { pkgs, ... }: | ||||
| 
 | ||||
| pkgs.terraform_0_12.withPlugins(p: [ p.google p.google-beta ]) | ||||
|  | @ -11,19 +11,19 @@ readonly TARGET_TOOL=$(basename $0) | |||
| 
 | ||||
| case "${TARGET_TOOL}" in | ||||
|   terraform) | ||||
|     attr="terraform-gcp" | ||||
|     attr="third_party.terraform-gcp" | ||||
|     ;; | ||||
|   kontemplate) | ||||
|     attr="kontemplate" | ||||
|     ;; | ||||
|   blog_cli) | ||||
|     attr="tazjin.blog_cli" | ||||
|     attr="tools.blog_cli" | ||||
|     ;; | ||||
|   stern) | ||||
|     attr="stern" | ||||
|     ;; | ||||
|   pass) | ||||
|     attr="tazjin.kms_pass" | ||||
|     attr="tools.kms_pass" | ||||
|     ;; | ||||
|   *) | ||||
|     echo "The tool '${TARGET_TOOL}' is currently not installed in this repository." | ||||
|  |  | |||
|  | @ -1,6 +1,6 @@ | |||
| { buildGoPackage }: | ||||
| { pkgs, ... }: | ||||
| 
 | ||||
| buildGoPackage { | ||||
| pkgs.buildGoPackage { | ||||
|   name = "blog_cli"; | ||||
|   goPackagePath = "github.com/tazjin/personal/blog_cli"; | ||||
|   src = ./.; | ||||
|  |  | |||
|  | @ -6,10 +6,10 @@ | |||
| # | ||||
| # Only the 'show' and 'insert' commands are supported. | ||||
| 
 | ||||
| { google-cloud-sdk, tree, writeShellScriptBin | ||||
| , project, region, keyring, key }: | ||||
| { pkgs, kms, ... }: | ||||
| 
 | ||||
| writeShellScriptBin "pass" '' | ||||
| let inherit (pkgs) google-cloud-sdk tree writeShellScriptBin; | ||||
| in writeShellScriptBin "pass" '' | ||||
|   set -eo pipefail | ||||
| 
 | ||||
|   CMD="$1" | ||||
|  | @ -34,20 +34,20 @@ writeShellScriptBin "pass" '' | |||
|     show) | ||||
|       secret_check | ||||
|       ${google-cloud-sdk}/bin/gcloud kms decrypt \ | ||||
|         --project ${project} \ | ||||
|         --location ${region} \ | ||||
|         --keyring ${keyring} \ | ||||
|         --key ${key} \ | ||||
|         --project ${kms.project} \ | ||||
|         --location ${kms.region} \ | ||||
|         --keyring ${kms.keyring} \ | ||||
|         --key ${kms.key} \ | ||||
|         --ciphertext-file $SECRET_PATH \ | ||||
|         --plaintext-file - | ||||
|       ;; | ||||
|     insert) | ||||
|       secret_check | ||||
|       ${google-cloud-sdk}/bin/gcloud kms encrypt \ | ||||
|         --project ${project} \ | ||||
|         --location ${region} \ | ||||
|         --keyring ${keyring} \ | ||||
|         --key ${key} \ | ||||
|         --project ${kms.project} \ | ||||
|         --location ${kms.region} \ | ||||
|         --keyring ${kms.keyring} \ | ||||
|         --key ${kms.key} \ | ||||
|         --ciphertext-file $SECRET_PATH \ | ||||
|         --plaintext-file - | ||||
|       echo "Inserted secret '$SECRET'" | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue