diff --git a/checks/deploy/default.nix b/checks/deploy/default.nix deleted file mode 100644 index 84b64a8b4..000000000 --- a/checks/deploy/default.nix +++ /dev/null @@ -1,2 +0,0 @@ -{ inputs, ... }: -builtins.mapAttrs (_: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib diff --git a/flake-modules/default.nix b/flake-modules/default.nix new file mode 100644 index 000000000..7e056c7cd --- /dev/null +++ b/flake-modules/default.nix @@ -0,0 +1,20 @@ +{ inputs, ... }: +{ + imports = [ + ./dev + ./lib.nix + ./packages.nix + ./templates.nix + ]; + + perSystem = + { system, ... }: + { + _module.args = { + pkgs = import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; + }; + }; + }; +} diff --git a/flake-modules/dev/default.nix b/flake-modules/dev/default.nix new file mode 100644 index 000000000..dcbf6db1a --- /dev/null +++ b/flake-modules/dev/default.nix @@ -0,0 +1,88 @@ +{ lib, inputs, ... }: +{ + imports = + [ ./devshell.nix ] + ++ lib.optional (inputs.git-hooks-nix ? flakeModule) inputs.git-hooks-nix.flakeModule + ++ lib.optional (inputs.treefmt-nix ? flakeModule) inputs.treefmt-nix.flakeModule; + + perSystem = + { + lib, + pkgs, + ... + }: + lib.optionalAttrs (inputs.treefmt-nix ? flakeModule) { + treefmt.config = { + projectRootFile = "flake.nix"; + flakeCheck = true; + + programs = { + actionlint.enable = true; + clang-format.enable = true; + isort.enable = true; + nixfmt = { + enable = true; + package = pkgs.nixfmt-rfc-style; + }; + prettier = { + enable = true; + + excludes = [ "**.md" ]; + }; + ruff = { + check = true; + format = true; + }; + statix.enable = true; + stylua.enable = true; + shfmt.enable = true; + taplo.enable = true; + }; + + settings = { + global.excludes = [ + ".editorconfig" + ".envrc" + ".git-blame-ignore-revs" + ".gitignore" + "LICENSE" + "flake.lock" + "**.md" + "**.scm" + "**.svg" + "**/man/*.5" + ]; + formatter.ruff-format.options = [ "--isolated" ]; + }; + }; + } + // lib.optionalAttrs (inputs.pre-commit-hooks-nix ? flakeModule) { + pre-commit = { + check.enable = false; + + settings.hooks = { + actionlint.enable = true; + clang-tidy.enable = true; + deadnix = { + enable = true; + + settings = { + edit = true; + }; + }; + eslint = { + enable = true; + package = pkgs.eslint_d; + }; + luacheck.enable = true; + pre-commit-hook-ensure-sops.enable = true; + statix.enable = true; + treefmt.enable = true; + typos = { + enable = true; + excludes = [ "generated/*" ]; + }; + }; + }; + }; +} diff --git a/flake-modules/dev/devshell.nix b/flake-modules/dev/devshell.nix new file mode 100644 index 000000000..5cc675fc9 --- /dev/null +++ b/flake-modules/dev/devshell.nix @@ -0,0 +1,60 @@ +{ lib, inputs, ... }: +{ + imports = lib.optional (inputs.devshell ? flakeModule) inputs.devshell.flakeModule; + + perSystem = + { + lib, + pkgs, + config, + self', + system, + ... + }: + lib.optionalAttrs (inputs.devshell ? flakeModule) { + devshells.default = { + devshell.startup.pre-commit.text = config.pre-commit.installationScript; + + commands = [ + { + name = "checks"; + help = "Run all checks"; + command = '' + echo "=> Running all checks..." + + nix flake check "$@" + ''; + } + { + name = "format"; + help = "Format the entire codebase"; + command = "nix fmt"; + } + { + name = "docs"; + help = "Build khanelinix documentation"; + command = '' + echo "=> Building khanelinix documentation..." + + ${pkgs.lib.getExe pkgs.nix-output-monitor} build .#docs "$@" + ''; + } + { + name = "serve-docs"; + help = "Build and serve documentation locally"; + command = '' + echo -e "=> Building khanelinix documentation...\n" + + doc_derivation=$(${pkgs.lib.getExe pkgs.nix-output-monitor} build .#docs --no-link --print-out-paths) + + echo -e "\n=> Documentation successfully built ('$doc_derivation')" + + echo -e "\n=> You can then open your browser to view the doc\n" + + (cd "$doc_derivation"/share/doc && ${pkgs.lib.getExe pkgs.python3} ${./server.py}) + ''; + } + ]; + }; + }; +} diff --git a/flake-modules/dev/server.py b/flake-modules/dev/server.py new file mode 100644 index 000000000..5300c916c --- /dev/null +++ b/flake-modules/dev/server.py @@ -0,0 +1,16 @@ +import http.server + +PORT = 8000 + + +class UncachedHTTPHandler(http.server.SimpleHTTPRequestHandler): + def end_headers(self): + self.send_header("Cache-Control", "no-cache, no-store, must-revalidate") + self.send_header("Pragma", "no-cache") + self.send_header("Expires", "0") + super().end_headers() + + +with http.server.HTTPServer(("", PORT), UncachedHTTPHandler) as httpd: + print(f"Serving documentation at http://localhost:{PORT}/nixvim") + httpd.serve_forever() diff --git a/flake-modules/lib.nix b/flake-modules/lib.nix new file mode 100644 index 000000000..44a637e2b --- /dev/null +++ b/flake-modules/lib.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + withSystem, + ... +}: +{ + _module.args.helpers = import ../lib { inherit lib; }; + + flake.lib = lib.genAttrs config.systems ( + lib.flip withSystem ( + { pkgs, ... }: + { + check = import ../lib/tests.nix { inherit lib pkgs; }; + helpers = import ../lib { inherit lib pkgs; }; + } + ) + ); +} diff --git a/flake-modules/packages.nix b/flake-modules/packages.nix new file mode 100644 index 000000000..04b394c2b --- /dev/null +++ b/flake-modules/packages.nix @@ -0,0 +1,19 @@ +{ inputs, ... }: +{ + perSystem = + { + config, + inputs', + system, + ... + }: + { + # packages = import ../docs { + # inherit system; + # inherit (inputs) nixpkgs; + # }; + + # Test that all packages build fine when running `nix flake check`. + checks = config.packages; + }; +} diff --git a/flake-modules/templates.nix b/flake-modules/templates.nix new file mode 100644 index 000000000..e109acf1b --- /dev/null +++ b/flake-modules/templates.nix @@ -0,0 +1,66 @@ +{ self, inputs, ... }: +let + templatesDir = ../templates; + templates = builtins.attrNames (builtins.readDir templatesDir); + generateTemplate = name: { + description = "${name} template"; + path = "${templatesDir}/${name}"; + }; +in +{ + flake.templates = builtins.listToAttrs ( + map (name: { + name = name; + value = generateTemplate name; + }) templates + ); + + # The following adds the template flake's checks to the main (current) flake's checks. + # It ensures that the template's own checks are successful. + perSystem = + { + pkgs, + system, + lib, + ... + }: + { + checks = + let + callFlake = + args@{ + inputs, + outputs, + sourceInfo, + }: + let + result = { + outputs = args.outputs (inputs // { self = result; }); + }; + in + result; + + templateFlakeOutputs = map ( + template: + callFlake { + inputs = { + inherit (inputs) flake-parts nixpkgs; + }; + # Import and read the `outputs` field of the template flake. + outputs = import (templatesDir + "/${template}/flake.nix"); + sourceInfo = { }; + } + ) templates; + + templateChecks = lib.concatMap ( + templateOutput: templateOutput.checks.${system} or [ ] + ) templateFlakeOutputs; + in + lib.listToAttrs ( + map (check: { + name = "template-${check.name}"; + value = check; + }) templateChecks + ); + }; +} diff --git a/flake.lock b/flake.lock index 7779840cf..fb6c2f89f 100644 --- a/flake.lock +++ b/flake.lock @@ -75,7 +75,7 @@ "blink-cmp": { "inputs": { "fenix": "fenix", - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_4", "nixpkgs": "nixpkgs_12" }, "locked": { @@ -522,6 +522,24 @@ "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, + "locked": { + "lastModified": 1735774679, + "narHash": "sha256-soePLBazJk0qQdDVhdbM98vYdssfs3WFedcq+raipRI=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f2f7418ce0ab4a5309a4596161d154cfc877af66", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, "locked": { "lastModified": 1733312601, "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", @@ -536,7 +554,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_5": { "inputs": { "nixpkgs-lib": [ "khanelivim", @@ -558,7 +576,7 @@ "type": "github" } }, - "flake-parts_5": { + "flake-parts_6": { "inputs": { "nixpkgs-lib": [ "lanzaboote", @@ -579,7 +597,7 @@ "type": "github" } }, - "flake-parts_6": { + "flake-parts_7": { "inputs": { "nixpkgs-lib": [ "nur", @@ -1373,7 +1391,7 @@ "inputs": { "crane": "crane", "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_5", + "flake-parts": "flake-parts_6", "flake-utils": "flake-utils_4", "nixpkgs": "nixpkgs_15", "pre-commit-hooks-nix": "pre-commit-hooks-nix", @@ -1523,6 +1541,18 @@ } }, "nixpkgs-lib_2": { + "locked": { + "lastModified": 1735774519, + "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + } + }, + "nixpkgs-lib_3": { "locked": { "lastModified": 1733096140, "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", @@ -2013,7 +2043,7 @@ "inputs": { "devshell": "devshell", "flake-compat": "flake-compat_4", - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_5", "git-hooks": "git-hooks", "home-manager": "home-manager_3", "nix-darwin": "nix-darwin", @@ -2037,7 +2067,7 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts_6", + "flake-parts": "flake-parts_7", "nixpkgs": "nixpkgs_18", "treefmt-nix": "treefmt-nix_2" }, @@ -2162,6 +2192,7 @@ "darwin": "darwin", "deploy-rs": "deploy-rs", "disko": "disko", + "flake-parts": "flake-parts_3", "git-hooks-nix": "git-hooks-nix", "home-manager": "home-manager_2", "hypr-socket-watch": "hypr-socket-watch", diff --git a/flake.nix b/flake.nix index 733ea2a03..6b409e652 100644 --- a/flake.nix +++ b/flake.nix @@ -1,8 +1,49 @@ { description = "KhaneliNix"; - inputs = { + outputs = + inputs@{ flake-parts, self, ... }: + flake-parts.lib.mkFlake { inherit inputs; } { + imports = [ ./flake-modules ]; + + systems = [ + "x86_64-linux" + "aarch64-darwin" + ]; + flake = { + # channels-config = { + # allowUnfree = true; + # permittedInsecurePackages = [ + # "freeimage-unstable-2021-11-01" + # ]; + # }; + # + homes.modules = with inputs; [ + anyrun.homeManagerModules.default + catppuccin.homeManagerModules.catppuccin + hypr-socket-watch.homeManagerModules.default + nix-index-database.hmModules.nix-index + nur.hmModules.nur + sops-nix.homeManagerModules.sops + ]; + + systems = { + modules = { + darwin = with inputs; [ sops-nix.darwinModules.sops ]; + nixos = with inputs; [ + lanzaboote.nixosModules.lanzaboote + sops-nix.nixosModules.sops + ]; + }; + }; + + deploy = { + inherit self; + }; + }; + }; + inputs = { # ╭──────────────────────────────────────────────────────────╮ # │ Core System │ # ╰──────────────────────────────────────────────────────────╯ @@ -14,16 +55,14 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; + flake-parts.url = "github:hercules-ci/flake-parts"; git-hooks-nix.url = "github:cachix/git-hooks.nix"; - home-manager.url = "github:nix-community/home-manager"; # home-manager.url = "github:khaneliman/home-manager/thunderbird"; # home-manager.url = "git+file:///home/khaneliman/Documents/github/home-manager"; # home-manager.url = "git+file:///Users/khaneliman/Documents/github/home-manager"; - # Secure boot - lanzaboote.url = "github:nix-community/lanzaboote/v0.4.1"; - + lanzaboote.url = "github:nix-community/lanzaboote/v0.4.1"; # Secure boot nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; # FIXME: remove after upstream PRs are available @@ -40,11 +79,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # Secrets management - sops-nix = { - url = "github:Mic92/sops-nix"; - }; - + sops-nix.url = "github:Mic92/sops-nix"; # Secrets management treefmt-nix.url = "github:numtide/treefmt-nix"; # ╭──────────────────────────────────────────────────────────╮ @@ -90,99 +125,99 @@ }; }; - outputs = - inputs: - let - inherit (inputs) snowfall-lib; - - lib = snowfall-lib.mkLib { - inherit inputs; - src = ./.; - - snowfall = { - meta = { - name = "khanelinix"; - title = "KhaneliNix"; - }; - - namespace = "khanelinix"; - }; - }; - in - lib.mkFlake { - channels-config = { - # allowBroken = true; - allowUnfree = true; - # showDerivationWarnings = [ "maintainerless" ]; - - # TODO: cleanup when available - permittedInsecurePackages = [ - # NOTE: needed by emulationstation - "freeimage-unstable-2021-11-01" - # dev shells - "aspnetcore-runtime-6.0.36" - "aspnetcore-runtime-7.0.20" - "aspnetcore-runtime-wrapped-7.0.20" - "aspnetcore-runtime-wrapped-6.0.36" - "dotnet-combined" - "dotnet-core-combined" - "dotnet-runtime-6.0.36" - "dotnet-runtime-7.0.20" - "dotnet-runtime-wrapped-6.0.36" - "dotnet-runtime-wrapped-7.0.20" - "dotnet-sdk-6.0.428" - "dotnet-sdk-7.0.410" - "dotnet-sdk-wrapped-6.0.428" - "dotnet-sdk-wrapped-7.0.410" - "dotnet-wrapped-combined" - ]; - }; - - overlays = [ ]; - - homes.modules = with inputs; [ - anyrun.homeManagerModules.default - catppuccin.homeManagerModules.catppuccin - hypr-socket-watch.homeManagerModules.default - nix-index-database.hmModules.nix-index - # FIXME: - # nur.modules.homeManager.default - sops-nix.homeManagerModules.sops - ]; - - systems = { - modules = { - darwin = with inputs; [ - sops-nix.darwinModules.sops - ]; - nixos = with inputs; [ - disko.nixosModules.disko - lanzaboote.nixosModules.lanzaboote - nix-flatpak.nixosModules.nix-flatpak - sops-nix.nixosModules.sops - ]; - }; - }; - - templates = { - angular.description = "Angular template"; - c.description = "C flake template."; - container.description = "Container template"; - cpp.description = "CPP flake template"; - dotnetf.description = "Dotnet FSharp template"; - flake-compat.description = "Flake-compat shell and default files."; - go.description = "Go template"; - node.description = "Node template"; - python.description = "Python template"; - rust.description = "Rust template"; - rust-web-server.description = "Rust web server template"; - snowfall.description = "Snowfall-lib template"; - }; - - deploy = lib.mkDeploy { inherit (inputs) self; }; - - outputs-builder = channels: { - formatter = inputs.treefmt-nix.lib.mkWrapper channels.nixpkgs ./treefmt.nix; - }; - }; + # outputs = + # inputs: + # let + # inherit (inputs) snowfall-lib; + # + # lib = snowfall-lib.mkLib { + # inherit inputs; + # src = ./.; + # + # snowfall = { + # meta = { + # name = "khanelinix"; + # title = "KhaneliNix"; + # }; + # + # namespace = "khanelinix"; + # }; + # }; + # in + # lib.mkFlake { + # channels-config = { + # # allowBroken = true; + # allowUnfree = true; + # # showDerivationWarnings = [ "maintainerless" ]; + # + # # TODO: cleanup when available + # permittedInsecurePackages = [ + # # NOTE: needed by emulationstation + # "freeimage-unstable-2021-11-01" + # # dev shells + # "aspnetcore-runtime-6.0.36" + # "aspnetcore-runtime-7.0.20" + # "aspnetcore-runtime-wrapped-7.0.20" + # "aspnetcore-runtime-wrapped-6.0.36" + # "dotnet-combined" + # "dotnet-core-combined" + # "dotnet-runtime-6.0.36" + # "dotnet-runtime-7.0.20" + # "dotnet-runtime-wrapped-6.0.36" + # "dotnet-runtime-wrapped-7.0.20" + # "dotnet-sdk-6.0.428" + # "dotnet-sdk-7.0.410" + # "dotnet-sdk-wrapped-6.0.428" + # "dotnet-sdk-wrapped-7.0.410" + # "dotnet-wrapped-combined" + # ]; + # }; + # + # overlays = [ ]; + # + # homes.modules = with inputs; [ + # anyrun.homeManagerModules.default + # catppuccin.homeManagerModules.catppuccin + # hypr-socket-watch.homeManagerModules.default + # nix-index-database.hmModules.nix-index + # # FIXME: + # # nur.modules.homeManager.default + # sops-nix.homeManagerModules.sops + # ]; + # + # systems = { + # modules = { + # darwin = with inputs; [ + # sops-nix.darwinModules.sops + # ]; + # nixos = with inputs; [ + # disko.nixosModules.disko + # lanzaboote.nixosModules.lanzaboote + # nix-flatpak.nixosModules.nix-flatpak + # sops-nix.nixosModules.sops + # ]; + # }; + # }; + # + # templates = { + # angular.description = "Angular template"; + # c.description = "C flake template."; + # container.description = "Container template"; + # cpp.description = "CPP flake template"; + # dotnetf.description = "Dotnet FSharp template"; + # flake-compat.description = "Flake-compat shell and default files."; + # go.description = "Go template"; + # node.description = "Node template"; + # python.description = "Python template"; + # rust.description = "Rust template"; + # rust-web-server.description = "Rust web server template"; + # snowfall.description = "Snowfall-lib template"; + # }; + # + # deploy = lib.mkDeploy { inherit (inputs) self; }; + # + # outputs-builder = channels: { + # formatter = inputs.treefmt-nix.lib.mkWrapper channels.nixpkgs ./treefmt.nix; + # }; + # }; } diff --git a/templates/angular/flake.nix b/templates/angular/flake.nix index c152f6a1d..5af48c50d 100644 --- a/templates/angular/flake.nix +++ b/templates/angular/flake.nix @@ -5,7 +5,7 @@ }; outputs = - { nixpkgs }: + { self, nixpkgs }: let systems = [ "x86_64-linux" @@ -25,5 +25,11 @@ }); hydraJobs = packages; + + checks = forEachSystem (system: { + default = pkgsForEach.${system}.runCommand "check" { } '' + echo "Running checks for ${system}" + ''; + }); }; } diff --git a/templates/cpp/flake.nix b/templates/cpp/flake.nix index 88544b8ad..3ef888075 100644 --- a/templates/cpp/flake.nix +++ b/templates/cpp/flake.nix @@ -5,7 +5,7 @@ }; outputs = - { nixpkgs, ... }: + { self, nixpkgs, ... }: let systems = [ "x86_64-linux" diff --git a/templates/dotnetf/flake.nix b/templates/dotnetf/flake.nix index 2a64433cf..e5392805b 100644 --- a/templates/dotnetf/flake.nix +++ b/templates/dotnetf/flake.nix @@ -5,7 +5,12 @@ flake-utils.url = "github:numtide/flake-utils"; }; outputs = - { nixpkgs, flake-utils, ... }: + { + self, + nixpkgs, + flake-utils, + ... + }: flake-utils.lib.eachDefaultSystem ( system: let diff --git a/templates/go/flake.nix b/templates/go/flake.nix index d08f4673c..215673549 100644 --- a/templates/go/flake.nix +++ b/templates/go/flake.nix @@ -5,7 +5,7 @@ }; outputs = - { nixpkgs }: + { self, nixpkgs }: let systems = [ "x86_64-linux" diff --git a/templates/node/flake.nix b/templates/node/flake.nix index c811bf749..30eb2a3bf 100644 --- a/templates/node/flake.nix +++ b/templates/node/flake.nix @@ -5,7 +5,7 @@ }; outputs = - { nixpkgs }: + { self, nixpkgs }: let systems = [ "x86_64-linux" diff --git a/templates/rust/flake.nix b/templates/rust/flake.nix index 3a0b9a99d..b3f1a093f 100644 --- a/templates/rust/flake.nix +++ b/templates/rust/flake.nix @@ -5,7 +5,7 @@ }; outputs = - { nixpkgs }: + { self, nixpkgs }: let systems = [ "x86_64-linux"