summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-11-14 21:55:46 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-11-14 21:55:46 +0100
commit9865e974f51cfca8ce02d434f7f47fc238fc2d08 (patch)
tree274b297267fee48ccdc4ab6cccf0026a10108039
parent430d2d0a1ff89ef6dbbab85bf55956c678acfebf (diff)
downloadnixos-9865e974f51cfca8ce02d434f7f47fc238fc2d08.tar
nixos-9865e974f51cfca8ce02d434f7f47fc238fc2d08.tar.gz
nixos-9865e974f51cfca8ce02d434f7f47fc238fc2d08.tar.bz2
nixos-9865e974f51cfca8ce02d434f7f47fc238fc2d08.tar.xz
nixos-9865e974f51cfca8ce02d434f7f47fc238fc2d08.zip
modularize tools
-rw-r--r--shell.nix32
-rw-r--r--tools/ca/default.nix25
2 files changed, 31 insertions, 26 deletions
diff --git a/shell.nix b/shell.nix
index 14125d02..5d8e2c5a 100644
--- a/shell.nix
+++ b/shell.nix
@@ -1,32 +1,13 @@
1{ system, self, deploy-rs, nvfetcher, mach-nix, leapseconds, ... }: 1inputs@{ system, self, deploy-rs, nvfetcher, nixpkgs, ... }:
2let 2let
3 pkgs = self.legacyPackages.${system}; 3 pkgs = self.legacyPackages.${system};
4 utils = import ./utils { inherit (nixpkgs) lib; };
5 inherit (utils) nixImport;
4 6
5 ca = mach-nix.lib.${system}.buildPythonPackage { 7 tools = nixImport rec { dir = ./tools; _import = _path: name: import "${toString dir}/${name}" inputs; };
6 pname = "ca";
7 src = ./tools/ca;
8 version = "0.0.0";
9 ignoreDataOutdated = true;
10
11 requirements = ''
12 cryptography >=38.0.0
13 fqdn
14 atomicwrites
15 leapseconddata
16 xkcdpass
17 '';
18
19 _.cryptography.buildInputs = with pkgs; [ openssl ];
20
21 postInstall = ''
22 wrapProgram $out/bin/ca \
23 --set-default LEAPSECONDS_FILE ${leapseconds} \
24 --prefix PATH : ${pkgs.lib.makeBinPath (with pkgs; [sops])}
25 '';
26 };
27in pkgs.mkShell { 8in pkgs.mkShell {
28 name = "nixos"; 9 name = "nixos";
29 nativeBuildInputs = with pkgs; [ 10 nativeBuildInputs = builtins.attrValues tools ++ (with pkgs; [
30 sops 11 sops
31 wireguard-tools 12 wireguard-tools
32 gup 13 gup
@@ -35,6 +16,5 @@ in pkgs.mkShell {
35 knot-dns 16 knot-dns
36 yq 17 yq
37 nvfetcher.defaultPackage.${system} 18 nvfetcher.defaultPackage.${system}
38 ca 19 ]);
39 ];
40} 20}
diff --git a/tools/ca/default.nix b/tools/ca/default.nix
new file mode 100644
index 00000000..c5fe0cea
--- /dev/null
+++ b/tools/ca/default.nix
@@ -0,0 +1,25 @@
1{ system, self, mach-nix, leapseconds, ... }:
2let
3 pkgs = self.legacyPackages.${system};
4in mach-nix.lib.${system}.buildPythonPackage {
5 pname = "ca";
6 src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^ca(/[^/]+.*)?$"];
7 version = "0.0.0";
8 ignoreDataOutdated = true;
9
10 requirements = ''
11 cryptography >=38.0.0
12 fqdn
13 atomicwrites
14 leapseconddata
15 xkcdpass
16 '';
17
18 _.cryptography.buildInputs = with pkgs; [ openssl ];
19
20 postInstall = ''
21 wrapProgram $out/bin/ca \
22 --set-default LEAPSECONDS_FILE ${leapseconds} \
23 --prefix PATH : ${pkgs.lib.makeBinPath (with pkgs; [sops])}
24 '';
25}