-
Notifications
You must be signed in to change notification settings - Fork 54
/
flake.nix
118 lines (95 loc) · 3.27 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
{
description = "Constellation";
inputs = {
nixpkgsUnstable = {
url = "github:NixOS/nixpkgs/nixpkgs-unstable";
};
# TODO(msanft): Remove once https://github.com/NixOS/nixpkgs/commit/c429fa2ffa21229eeadbe37c11a47aff35f53ce0
# lands in nixpkgs-unstable.
nixpkgsBazel = {
url = "github:NixOS/nixpkgs/c429fa2ffa21229eeadbe37c11a47aff35f53ce0";
};
flake-utils = {
url = "github:numtide/flake-utils";
};
uplosi = {
url = "github:edgelesssys/uplosi";
inputs.nixpkgs.follows = "nixpkgsUnstable";
inputs.flake-utils.follows = "flake-utils";
};
};
outputs =
{
self,
nixpkgsUnstable,
nixpkgsBazel,
flake-utils,
uplosi,
}:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgsUnstable = import nixpkgsUnstable { inherit system; };
bazelPkgsUnstable = import nixpkgsBazel { inherit system; };
callPackage = pkgsUnstable.callPackage;
mkosiDev = (
pkgsUnstable.mkosi.overrideAttrs (oldAttrs: rec {
propagatedBuildInputs =
oldAttrs.propagatedBuildInputs
++ (with pkgsUnstable; [
# package management
dnf5
rpm
createrepo_c
# filesystem tools
squashfsTools # mksquashfs
dosfstools # mkfs.vfat
mtools # mcopy
cryptsetup # dm-verity
util-linux # flock
kmod # depmod
cpio # cpio
zstd # zstd
xz # xz
# utils
gnused # sed
gnugrep # grep
]);
})
);
uplosiDev = uplosi.outputs.packages."${system}".uplosi;
openssl-static = pkgsUnstable.openssl.override { static = true; };
bazel_7 = bazelPkgsUnstable.callPackage ./nix/packages/bazel.nix {
pkgs = bazelPkgsUnstable;
nixpkgs = nixpkgsBazel;
};
in
{
packages.mkosi = mkosiDev;
packages.uplosi = uplosiDev;
packages.openssl = callPackage ./nix/cc/openssl.nix { pkgs = pkgsUnstable; };
packages.cryptsetup = callPackage ./nix/cc/cryptsetup.nix {
pkgs = pkgsUnstable;
pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; };
};
packages.libvirt = callPackage ./nix/cc/libvirt.nix {
pkgs = pkgsUnstable;
pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; };
};
packages.libvirtd_base = callPackage ./nix/container/libvirtd_base.nix {
pkgs = pkgsUnstable;
pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; };
};
packages.vpn = callPackage ./nix/container/vpn/vpn.nix {
pkgs = pkgsUnstable;
pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; };
};
packages.awscli2 = pkgsUnstable.awscli2;
packages.bazel_7 = bazel_7;
packages.createrepo_c = pkgsUnstable.createrepo_c;
packages.dnf5 = pkgsUnstable.dnf5;
devShells.default = callPackage ./nix/shells/default.nix { inherit bazel_7; };
formatter = nixpkgsUnstable.legacyPackages.${system}.nixpkgs-fmt;
}
);
}