diff options
19 files changed, 112 insertions, 102 deletions
diff --git a/default.nix b/default.nix index 93e2d9fc5457..789098667a11 100644 --- a/default.nix +++ b/default.nix @@ -14,78 +14,34 @@ let url = "https://github.com/NixOS/nixpkgs-channels/archive/${stableCommit}.tar.gz"; sha256 = "0243qiivxl3z51biy4f5y5cy81x5bki5dazl9wqwgnmd373gpmxy"; }; + readTree = import ./read-tree.nix; - localPkgs = self: super: { - # Local projects should be added here: - tazjin = { - blog = self.callPackage ./services/tazblog {}; - blog_cli = self.callPackage ./tools/blog_cli {}; - gemma = self.callPackage ./services/gemma {}; - nixcon = self.naersk.buildPackage ./services/nixcon-demo {}; + localPkgs = self: super: + let config = { + pkgs = self; + upstream = super; - kms_pass = self.callPackage ./tools/kms_pass { + kms = { project = "tazjins-infrastructure"; region = "europe-north1"; keyring = "tazjins-keys"; key = "kontemplate-key"; }; }; - - # Third-party projects (either vendored or modified from nixpkgs) go here: - nixery = import ./third_party/nixery.nix { pkgs = self; }; - terraform-gcp = self.terraform_0_12.withPlugins(p: [ p.google p.google-beta ]); - ormolu = import (self.fetchFromGitHub { - owner = "tweag"; - repo = "ormolu"; - rev = "a7076c0f83e5c06ea9067b71171859fa2ba8afd9"; - sha256 = "1p4n2ja4ciw3qfskn65ggpy37mvgf2sslxqmqn8s8jjarnqcyfny"; - }) { pkgs = self; }; - naersk = self.callPackage (self.fetchFromGitHub { - owner = "nmattia"; - repo = "naersk"; - rev = "68c1c2b2b661913cdc5ecabea518dfdc4f449027"; - sha256 = "1ll310pl44kdbwfslzwvg2v7khf1y0xkg2j5wcfia4k7sj6bcl28"; - }) {}; - - # Gemma needs an older version of Elm to be built. Updating it to - # the newer version is a lot of effort. - elmPackages = (import (self.fetchFromGitHub { - owner = "NixOS"; - repo = "nixpkgs"; - rev = "14f9ee66e63077539252f8b4550049381a082518"; - sha256 = "1wn7nmb1cqfk2j91l3rwc6yhimfkzxprb8wknw5wi57yhq9m6lv1"; - }) {}).elmPackages; - - # Wrap kontemplate to inject the Cloud KMS version of 'pass' - kontemplate = - let master = super.kontemplate.overrideAttrs(_: { - src = self.fetchFromGitHub { - owner = "tazjin"; - repo = "kontemplate"; - rev = "v1.8.0"; - sha256 = "123mjmmm4hynraq1fpn3j5i0a1i87l265kkjraxxxbl0zacv74i1"; - }; - }); - in self.writeShellScriptBin "kontemplate" '' - export PATH="${self.tazjin.kms_pass}/bin:$PATH" - exec ${master}/bin/kontemplate $@ - ''; - - # One of Gemma's dependencies is missing in nixpkgs' Quicklisp - # package set, it is overlaid locally here. - lispPackages = import ./third_party/common_lisp/quicklisp.nix { - inherit (self) lib; - inherit (super) lispPackages; - }; - - # All projects that should be built by CI should be added here: - ciProjects = [ - self.kontemplate - self.nixery - self.ormolu - self.terraform-gcp - ] ++ filter (d: d ? meta.broken && !d.meta.broken) (attrValues self.tazjin); - }; + in { + services = readTree ./services config; + tools = readTree ./tools config; + third_party = readTree ./third_party config; + } // (readTree ./overrides config); + + # # All projects that should be built by CI should be added here: + # ciProjects = [ + # self.kontemplate + # self.nixery + # self.ormolu + # self.terraform-gcp + # ] ++ filter (d: d ? meta.broken && !d.meta.broken) (attrValues self.tazjin); + # }; in { ... } @ args: import stableSrc (args // { overlays = [ localPkgs ]; diff --git a/overrides/elmPackages.nix b/overrides/elmPackages.nix new file mode 100644 index 000000000000..3df44420a6bb --- /dev/null +++ b/overrides/elmPackages.nix @@ -0,0 +1,10 @@ +# Gemma needs an older version of Elm to be built. Updating it to +# the newer version is a lot of effort. +{ pkgs, ... }: + +(import (pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + rev = "14f9ee66e63077539252f8b4550049381a082518"; + sha256 = "1wn7nmb1cqfk2j91l3rwc6yhimfkzxprb8wknw5wi57yhq9m6lv1"; +}) {}).elmPackages diff --git a/overrides/kontemplate.nix b/overrides/kontemplate.nix new file mode 100644 index 000000000000..28381b0137f8 --- /dev/null +++ b/overrides/kontemplate.nix @@ -0,0 +1,14 @@ +{ pkgs, upstream, ... }: + +let master = upstream.kontemplate.overrideAttrs(_: { + src = pkgs.fetchFromGitHub { + owner = "tazjin"; + repo = "kontemplate"; + rev = "v1.8.0"; + sha256 = "123mjmmm4hynraq1fpn3j5i0a1i87l265kkjraxxxbl0zacv74i1"; + }; +}); +in pkgs.writeShellScriptBin "kontemplate" '' + export PATH="${pkgs.tools.kms_pass}/bin:$PATH" + exec ${master}/bin/kontemplate $@ +'' diff --git a/overrides/lispPackages/default.nix b/overrides/lispPackages/default.nix new file mode 100644 index 000000000000..da8f3c893ae7 --- /dev/null +++ b/overrides/lispPackages/default.nix @@ -0,0 +1,8 @@ +# One of Gemma's dependencies is missing in nixpkgs' Quicklisp +# package set, it is overlaid locally here. +{ pkgs, upstream, ... }: + +import ./quicklisp.nix { + inherit (pkgs) lib; + inherit (upstream) lispPackages; +} diff --git a/third_party/common_lisp/quicklisp-to-nix-output/cl-prevalence.nix b/overrides/lispPackages/quicklisp-to-nix-output/cl-prevalence.nix index 4e5e3ec5d6e8..4e5e3ec5d6e8 100644 --- a/third_party/common_lisp/quicklisp-to-nix-output/cl-prevalence.nix +++ b/overrides/lispPackages/quicklisp-to-nix-output/cl-prevalence.nix diff --git a/third_party/common_lisp/quicklisp-to-nix-output/s-sysdeps.nix b/overrides/lispPackages/quicklisp-to-nix-output/s-sysdeps.nix index 1c28ec6e2afd..1c28ec6e2afd 100644 --- a/third_party/common_lisp/quicklisp-to-nix-output/s-sysdeps.nix +++ b/overrides/lispPackages/quicklisp-to-nix-output/s-sysdeps.nix diff --git a/third_party/common_lisp/quicklisp-to-nix-output/s-xml.nix b/overrides/lispPackages/quicklisp-to-nix-output/s-xml.nix index ec12dde52231..ec12dde52231 100644 --- a/third_party/common_lisp/quicklisp-to-nix-output/s-xml.nix +++ b/overrides/lispPackages/quicklisp-to-nix-output/s-xml.nix diff --git a/third_party/common_lisp/quicklisp.nix b/overrides/lispPackages/quicklisp.nix index a0040f1d6f7e..1d23db762d34 100644 --- a/third_party/common_lisp/quicklisp.nix +++ b/overrides/lispPackages/quicklisp.nix @@ -1,6 +1,3 @@ -# Overlay over `pkgs.lispPackages` that adds additional packages which -# are missing from the imported Quicklisp package set in nixpkgs. - { lib, lispPackages }: let inherit (lispPackages) buildLispPackage qlOverrides fetchurl; diff --git a/read-tree.nix b/read-tree.nix index 00a2e738bd9d..d883d12c8171 100644 --- a/read-tree.nix +++ b/read-tree.nix @@ -1,4 +1,4 @@ -path: self: super: +path: { pkgs, ... } @ args: let inherit (builtins) @@ -15,8 +15,6 @@ let toPath toString; - args = { pkgs = self; }; - zipAttrs = names: values: if (names == []) || (values == []) then [] diff --git a/services/gemma/default.nix b/services/gemma/default.nix index 409d8eef381a..ea10a4c7d02e 100644 --- a/services/gemma/default.nix +++ b/services/gemma/default.nix @@ -1,17 +1,20 @@ -{ stdenv, sbcl, lispPackages, elmPackages, makeWrapper, openssl }: - -let frontend = stdenv.mkDerivation { - name = "gemma-frontend"; - src = ./frontend; - buildInputs = [ elmPackages.elm ]; - - phases = [ "unpackPhase" "buildPhase" ]; - buildPhase = '' - mkdir .home && export HOME="$PWD/.home" - mkdir -p $out - elm-make --yes Main.elm --output $out/index.html - ''; -}; +{ pkgs, ... }: + +let + inherit (pkgs) stdenv sbcl lispPackages elmPackages makeWrapper openssl; + + frontend = stdenv.mkDerivation { + name = "gemma-frontend"; + src = ./frontend; + buildInputs = [ elmPackages.elm ]; + + phases = [ "unpackPhase" "buildPhase" ]; + buildPhase = '' + mkdir .home && export HOME="$PWD/.home" + mkdir -p $out + elm-make --yes Main.elm --output $out/index.html + ''; + }; in stdenv.mkDerivation rec { name = "gemma"; src = ./.; diff --git a/services/nixcon-demo/default.nix b/services/nixcon-demo/default.nix index e69de29bb2d1..0f4a330f7f74 100644 --- a/services/nixcon-demo/default.nix +++ b/services/nixcon-demo/default.nix @@ -0,0 +1,3 @@ +{ pkgs, ... }: + +pkgs.third_party.naersk.buildPackage ./. {} diff --git a/services/tazblog/default.nix b/services/tazblog/default.nix index 5dc3bdaf3eda..2e75c3c2dce1 100644 --- a/services/tazblog/default.nix +++ b/services/tazblog/default.nix @@ -2,9 +2,10 @@ # # tazblog.nix was generated using cabal2nix. -{ writeShellScriptBin, haskell }: +{ pkgs, ... }: let + inherit (pkgs) writeShellScriptBin haskell; tazblog = haskell.packages.ghc865.callPackage ./tazblog.nix {}; wrapper = writeShellScriptBin "tazblog" '' export PORT=8000 diff --git a/third_party/naersk.nix b/third_party/naersk.nix new file mode 100644 index 000000000000..c12c1abbbfa0 --- /dev/null +++ b/third_party/naersk.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: + +let inherit (pkgs) callPackage fetchFromGitHub; +in callPackage (fetchFromGitHub { + owner = "nmattia"; + repo = "naersk"; + rev = "68c1c2b2b661913cdc5ecabea518dfdc4f449027"; + sha256 = "1ll310pl44kdbwfslzwvg2v7khf1y0xkg2j5wcfia4k7sj6bcl28"; +}) {} diff --git a/third_party/nixery.nix b/third_party/nixery.nix index cb10e0b913b1..f778e5da13f9 100644 --- a/third_party/nixery.nix +++ b/third_party/nixery.nix @@ -1,6 +1,6 @@ # Technically I suppose Nixery is not a third-party program, but it's # outside of this repository ... -{ pkgs }: +{ pkgs, ... }: let src = pkgs.fetchFromGitHub { owner = "google"; diff --git a/third_party/ormolu.nix b/third_party/ormolu.nix new file mode 100644 index 000000000000..3175e25ff138 --- /dev/null +++ b/third_party/ormolu.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: + +import (pkgs.fetchFromGitHub { + owner = "tweag"; + repo = "ormolu"; + rev = "a7076c0f83e5c06ea9067b71171859fa2ba8afd9"; + sha256 = "1p4n2ja4ciw3qfskn65ggpy37mvgf2sslxqmqn8s8jjarnqcyfny"; +}) { inherit pkgs; } diff --git a/third_party/terraform-gcp.nix b/third_party/terraform-gcp.nix new file mode 100644 index 000000000000..3332c12e41bc --- /dev/null +++ b/third_party/terraform-gcp.nix @@ -0,0 +1,3 @@ +{ pkgs, ... }: + +pkgs.terraform_0_12.withPlugins(p: [ p.google p.google-beta ]) diff --git a/tools/bin/__dispatch.sh b/tools/bin/__dispatch.sh index 20848bd5118c..c22b0339fd9e 100755 --- a/tools/bin/__dispatch.sh +++ b/tools/bin/__dispatch.sh @@ -11,19 +11,19 @@ readonly TARGET_TOOL=$(basename $0) case "${TARGET_TOOL}" in terraform) - attr="terraform-gcp" + attr="third_party.terraform-gcp" ;; kontemplate) attr="kontemplate" ;; blog_cli) - attr="tazjin.blog_cli" + attr="tools.blog_cli" ;; stern) attr="stern" ;; pass) - attr="tazjin.kms_pass" + attr="tools.kms_pass" ;; *) echo "The tool '${TARGET_TOOL}' is currently not installed in this repository." diff --git a/tools/blog_cli/default.nix b/tools/blog_cli/default.nix index c755d273a2b0..8113c933601e 100644 --- a/tools/blog_cli/default.nix +++ b/tools/blog_cli/default.nix @@ -1,6 +1,6 @@ -{ buildGoPackage }: +{ pkgs, ... }: -buildGoPackage { +pkgs.buildGoPackage { name = "blog_cli"; goPackagePath = "github.com/tazjin/personal/blog_cli"; src = ./.; diff --git a/tools/kms_pass/default.nix b/tools/kms_pass/default.nix index fbc17650a948..113db30224de 100644 --- a/tools/kms_pass/default.nix +++ b/tools/kms_pass/default.nix @@ -6,10 +6,10 @@ # # Only the 'show' and 'insert' commands are supported. -{ google-cloud-sdk, tree, writeShellScriptBin -, project, region, keyring, key }: +{ pkgs, kms, ... }: -writeShellScriptBin "pass" '' +let inherit (pkgs) google-cloud-sdk tree writeShellScriptBin; +in writeShellScriptBin "pass" '' set -eo pipefail CMD="$1" @@ -34,20 +34,20 @@ writeShellScriptBin "pass" '' show) secret_check ${google-cloud-sdk}/bin/gcloud kms decrypt \ - --project ${project} \ - --location ${region} \ - --keyring ${keyring} \ - --key ${key} \ + --project ${kms.project} \ + --location ${kms.region} \ + --keyring ${kms.keyring} \ + --key ${kms.key} \ --ciphertext-file $SECRET_PATH \ --plaintext-file - ;; insert) secret_check ${google-cloud-sdk}/bin/gcloud kms encrypt \ - --project ${project} \ - --location ${region} \ - --keyring ${keyring} \ - --key ${key} \ + --project ${kms.project} \ + --location ${kms.region} \ + --keyring ${kms.keyring} \ + --key ${kms.key} \ --ciphertext-file $SECRET_PATH \ --plaintext-file - echo "Inserted secret '$SECRET'" |