simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

flake: Specify apps in the way nix expects it

Browse source 
It has to be a flat attribute set of { type = "app"; program = "…"; },
otherwise nix will still run it, but `nix flake show` fails.
This commit is contained in:
Simon Bruder 2021-05-02 18:07:51 +02:00
parent d19bfb9c2c
commit 54610a130a
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
1 changed files with 67 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
flake.nix
View file

@ -69,14 +69,16 @@
}; };
}; };
apps = { apps = lib.mapAttrs
deploy = lib.mapAttrs (name: program: { type = "app"; program = toString program; })
(flake-utils.lib.flattenTree {
deploy = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: (hostname: machine:
let let
inherit (krops.packages.${system}) writeCommand; inherit (krops.packages.${system}) writeCommand;
inherit (krops) lib; inherit (krops) lib;
in in
writeCommand "/bin/deploy-${hostname}" { writeCommand "deploy-${hostname}" {
target = lib.mkTarget "root@${machine.config.deployment.targetHost}" // { target = lib.mkTarget "root@${machine.config.deployment.targetHost}" // {
extraOptions = [ extraOptions = [
# force allocation of tty to allow aborting with ^C and to show build progress # force allocation of tty to allow aborting with ^C and to show build progress
@ -102,17 +104,18 @@
command = targetPath: '' command = targetPath: ''
nixos-rebuild switch --flake ${targetPath}/config -L --keep-going nixos-rebuild switch --flake ${targetPath}/config -L --keep-going
''; '';
}) }
self.nixosConfigurations; )
self.nixosConfigurations);
unlock = lib.mapAttrs unlock = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: (hostname: machine:
let let
inherit (machine.config.deployment) inherit (machine.config.deployment)
targetHost targetHost
unlockOverV4; unlockOverV4;
in in
pkgs.writeShellScriptBin hostname '' pkgs.writeShellScript "unlock-${hostname}" ''
set -exo pipefail set -exo pipefail
# opening luks fails if gpg-agent is not unlocked yet # opening luks fails if gpg-agent is not unlocked yet
pass "devices/${hostname}/luks" >/dev/null pass "devices/${hostname}/luks" >/dev/null
@ -122,9 +125,9 @@
"root@${targetHost}" \ "root@${targetHost}" \
"cat > /crypt-ramfs/passphrase" < <(pass "devices/${hostname}/luks") "cat > /crypt-ramfs/passphrase" < <(pass "devices/${hostname}/luks")
'') '')
self.nixosConfigurations; self.nixosConfigurations);
updateInputs = pkgs.writeShellScriptBin "updateInputs" '' updateInputs = pkgs.writeShellScript "update-inputs" ''
set -e set -e
git diff --exit-code -s flake.lock || (echo "Lockfile has unstaged changes, refusing to update." >&2 && exit 1) git diff --exit-code -s flake.lock || (echo "Lockfile has unstaged changes, refusing to update." >&2 && exit 1)
git diff --cached --exit-code -s flake.lock || (echo "Lockfile has staged changes, refusing to update." >&2 && exit 1) git diff --cached --exit-code -s flake.lock || (echo "Lockfile has staged changes, refusing to update." >&2 && exit 1)
@ -133,10 +136,11 @@
git commit -m "Update flake inputs" flake.lock git commit -m "Update flake inputs" flake.lock
''; '';
showKeyFingerprint = pkgs.writeShellScriptBin "showKeyFingerprint" '' showKeyFingerprint = pkgs.writeShellScript "show-key-fingerprint" ''
gpg --with-fingerprint --with-colons --show-key "keys/''${1}.asc" | awk -F: '$1 == "fpr" { print $10; exit }' gpg --with-fingerprint --with-colons --show-key "keys/''${1}.asc" | awk -F: '$1 == "fpr" { print $10; exit }'
''; '';
};
});
devShell = pkgs.mkShell { devShell = pkgs.mkShell {
buildInputs = (with pkgs; [ buildInputs = (with pkgs; [