Flake parts with x64 and ARM support for devshell on both Linux and Mac

2023-07-01 18:30:30 -05:00 · 2023-07-01 18:30:30 -05:00 · cfe907101d
commit cfe907101d
parent baf8223799
20 changed files with 137 additions and 96 deletions
--- a/flake.lock
+++ b/flake.lock
@ -75,11 +75,48 @@
        "type": "indirect"
      }
    },
+    "nixpkgs-lib": {
+      "locked": {
+        "dir": "lib",
+        "lastModified": 1685564631,
+        "narHash": "sha256-8ywr3AkblY4++3lIVxmrWZFzac7+f32ZEhH/A8pNscI=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "4f53efe34b3a8877ac923b9350c874e3dcd5dc0a",
+        "type": "github"
+      },
+      "original": {
+        "dir": "lib",
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "parts": {
+      "inputs": {
+        "nixpkgs-lib": "nixpkgs-lib"
+      },
+      "locked": {
+        "lastModified": 1687762428,
+        "narHash": "sha256-DIf7mi45PKo+s8dOYF+UlXHzE0Wl/+k3tXUyAoAnoGE=",
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "rev": "37dd7bb15791c86d55c5121740a1887ab55ee836",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "type": "github"
+      }
+    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "nix-serve-ng": "nix-serve-ng",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs",
+        "parts": "parts"
      }
    },
    "utils": {
--- a/flake.nix
+++ b/flake.nix
@ -3,7 +3,6 @@

  inputs = {
    nixpkgs.url = "nixpkgs/nixos-23.05";
-
    agenix = {
      url = "github:ryantm/agenix";
      inputs.nixpkgs.follows = "nixpkgs";
@ -14,57 +13,67 @@
      url = github:aristanetworks/nix-serve-ng;
      inputs.nixpkgs.follows = "nixpkgs";
    };
+    parts.url = "github:hercules-ci/flake-parts";
  };

-  outputs = { self, nixpkgs, agenix, nix-serve-ng, ... }@attrs:
-    let
-      forEachSystem = nixpkgs.lib.genAttrs systems;
-      pkgs = import nixpkgs { inherit system; };
-      shell = import ./shell.nix { inherit agenix pkgs; };
-      system = "x86_64-linux";
-      systems = [ system ];
-    in
-    {
-      devShell.x86_64-linux = shell.dev;
-      formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
+  outputs = { self, agenix, nix-serve-ng, nixpkgs, parts, ... }@inputs:
+    parts.lib.mkFlake { inherit inputs; } {
+      systems =
+        [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];

-      packages = shell.packages;
-
-      nixosConfigurations = {
-        eve-psr-nix0 = nixpkgs.lib.nixosSystem {
-          inherit system;
-          specialArgs = attrs;
-          modules = [
-            ({ modulesPath, ... }: {
-
-              imports = [
-                agenix.nixosModules.default
-                nix-serve-ng.nixosModules.default
-
-                ./application/containers.nix
-                ./application/nginx.nix
-
-                ./monitoring/nginx.nix
-                ./monitoring/grafana.nix
-                ./monitoring/prometheus.nix
-                ./monitoring/loki.nix
-                ./monitoring/promtail.nix
-
-                ./system/age.nix
-                ./system/dns.nix
-                ./system/hardware.nix
-                ./system/nix-conf.nix
-                ./system/security.nix
-                ./system/system.nix
-                ./system/virtualisation.nix
-
-                ./user/users.nix
-              ];
-
-              system.stateVersion = "22.11";
-            })
-          ];
+      perSystem = { config, self', inputs', pkgs, system, ... }:
+        let
+          shell = import ./nix/shell.nix { inherit inputs' agenix pkgs; };
+        in
+        {
+          devShells.default = shell.dev;
+          formatter = pkgs.nixpkgs-fmt;
+        };
+
+      flake =
+        let
+          pkgs = import nixpkgs { inherit system; };
+          system = "x86_64-linux";
+        in
+        {
+          inherit system;
+
+          nixosConfigurations = {
+            eve-psr-nix0 = nixpkgs.lib.nixosSystem {
+              inherit system;
+              specialArgs = inputs;
+              modules = [
+                ({ modulesPath, ... }: {
+
+                  imports = [
+                    agenix.nixosModules.default
+                    nix-serve-ng.nixosModules.default
+
+                    ./nix/application/containers.nix
+                    ./nix/application/nginx.nix
+
+                    ./nix/monitoring/nginx.nix
+                    ./nix/monitoring/grafana.nix
+                    ./nix/monitoring/prometheus.nix
+                    ./nix/monitoring/loki.nix
+                    ./nix/monitoring/promtail.nix
+
+                    ./nix/system/age.nix
+                    ./nix/system/dns.nix
+                    ./nix/system/hardware.nix
+                    ./nix/system/nix-conf.nix
+                    ./nix/system/security.nix
+                    ./nix/system/system.nix
+                    ./nix/system/virtualisation.nix
+
+                    ./nix/user/users.nix
+                  ];
+
+                  system.stateVersion = "22.11";
+                })
+              ];
+            };
+          };
        };
-      };
    };
 }
--- a/nix/application/containers.nix
+++ b/nix/application/containers.nix
--- a/nix/application/nginx.nix
+++ b/nix/application/nginx.nix
--- a/nix/monitoring/grafana.nix
+++ b/nix/monitoring/grafana.nix
--- a/nix/monitoring/loki.nix
+++ b/nix/monitoring/loki.nix
--- a/nix/monitoring/nginx.nix
+++ b/nix/monitoring/nginx.nix
--- a/nix/monitoring/prometheus.nix
+++ b/nix/monitoring/prometheus.nix
--- a/nix/monitoring/promtail.nix
+++ b/nix/monitoring/promtail.nix
--- a/nix/shell.nix
+++ b/nix/shell.nix
@ -0,0 +1,22 @@
+{ agenix, inputs', pkgs, ... }: rec {
+  dev = pkgs.mkShell {
+    buildInputs = [
+      inputs'.agenix.packages.default
+      (pkgs.nixos { }).nixos-rebuild
+      pkgs.terraform
+      packages.deploy
+      packages.format
+    ];
+    shellHook = ''
+    '';
+  };
+
+  packages = {
+    deploy = pkgs.writeShellScriptBin "deploy" ''
+      nixos-rebuild switch --target-host root@192.168.0.130 --build-host root@192.168.0.130 --flake .#eve-psr-nix0 ;
+    '';
+    format = pkgs.writeShellScriptBin "format" ''
+      find . -type f -name "*.nix" -exec sh -c 'echo "Formatting: $1"; nix fmt $1' _ {} \;
+    '';
+  };
+}
--- a/nix/system/age.nix
+++ b/nix/system/age.nix
@ -0,0 +1,19 @@
+{ ... }: {
+  age = {
+    secrets = {
+      cache-key.file = ../../secrets/cache-key.age;
+      gitlab-runner.file = ../../secrets/gitlab-runner.age;
+      graf-email = {
+        file = ../../secrets/graf-email.age;
+        mode = "770";
+        owner = "grafana";
+        group = "grafana";
+      };
+      htpasswd-dock.file = ../../secrets/htpasswd-dock.age;
+      keys.file = ../../secrets/keys.age;
+      sezycei.file = ../../secrets/sezycei.age;
+      transmission-env.file = ../../secrets/transmission-env.age;
+    };
+    identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  };
+}
--- a/nix/system/dns.nix
+++ b/nix/system/dns.nix
--- a/nix/system/hardware.nix
+++ b/nix/system/hardware.nix
--- a/nix/system/nix-conf.nix
+++ b/nix/system/nix-conf.nix
--- a/nix/system/security.nix
+++ b/nix/system/security.nix
--- a/nix/system/system.nix
+++ b/nix/system/system.nix
--- a/nix/system/virtualisation.nix
+++ b/nix/system/virtualisation.nix
--- a/nix/user/users.nix
+++ b/nix/user/users.nix
--- a/shell.nix
+++ b/shell.nix
@ -1,27 +0,0 @@
-{ agenix, pkgs, ... }: rec {
-  dev = pkgs.mkShell {
-    buildInputs = [
-      agenix.packages.x86_64-linux.default
-      (pkgs.nixos { }).nixos-rebuild
-      pkgs.terraform
-      packages.x86_64-linux.deploy
-      packages.x86_64-linux.format
-    ];
-    shellHook = ''
-    '';
-  };
-
-  packages = {
-    x86_64-linux = {
-      deploy = pkgs.writeShellScriptBin "deploy" ''                                                                                                                                                                  
-        nixos-rebuild switch --target-host root@192.168.0.130 --build-host root@192.168.0.130 --flake .#eve-psr-nix0 ;
-      '';
-      format = pkgs.writeShellScriptBin "format" ''                                                                                                                                                                  
-        nix fmt ./*.nix;                                                                                                                                                                                             
-        for i in */; do                                                                                                                                                                                              
-          nix fmt $i/*.nix;                                                                                                                                                                                          
-        done;                                                                                                                                                                                                        
-      '';
-    };
-  };
-}
--- a/system/age.nix
+++ b/system/age.nix
@ -1,19 +0,0 @@
-{ ... }: {
-  age = {
-    secrets = {
-      cache-key.file = ../secrets/cache-key.age;
-      gitlab-runner.file = ../secrets/gitlab-runner.age;
-      graf-email = {
-        file = ../secrets/graf-email.age;
-        mode = "770";
-        owner = "grafana";
-        group = "grafana";
-      };
-      htpasswd-dock.file = ../secrets/htpasswd-dock.age;
-      keys.file = ../secrets/keys.age;
-      sezycei.file = ../secrets/sezycei.age;
-      transmission-env.file = ../secrets/transmission-env.age;
-    };
-    identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
-  };
-}