You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
143 lines
4.8 KiB
143 lines
4.8 KiB
{ |
|
inputs = |
|
{ nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-21.11"; |
|
blatt.url = "github:nix-community/NixNG"; |
|
}; |
|
|
|
outputs = { nixpkgs, blatt, self }: |
|
let |
|
supportedSystems = [ "x86_64-linux" ]; |
|
forAllSystems' = nixpkgs.lib.genAttrs; |
|
forAllSystems = forAllSystems' supportedSystems; |
|
nixpkgsForSystem = system: |
|
import nixpkgs { inherit system; }; |
|
in |
|
{ |
|
blattConfigurations = |
|
{ example = (blatt.nglib nixpkgs.lib).makeSystem { |
|
system = "x86_64-linux"; |
|
name = "example-system"; |
|
inherit nixpkgs; |
|
config = ({ pkgs, config, ... }: |
|
{ dumb-init = { |
|
enable = true; |
|
type.services = { }; |
|
}; |
|
init.services.apache2 = { |
|
shutdownOnExit = true; |
|
ensureSomething.link."documentRoot" = { |
|
src = "${pkgs.apacheHttpd}/htdocs"; |
|
dst = "/var/www"; |
|
}; |
|
}; |
|
services.apache2 = { |
|
enable = true; |
|
envsubst = true; |
|
configuration = [ |
|
{ |
|
LoadModule = [ |
|
[ "mpm_event_module" "modules/mod_mpm_event.so" ] |
|
[ "log_config_module" "modules/mod_log_config.so" ] |
|
[ "unixd_module" "modules/mod_unixd.so" ] |
|
[ "authz_core_module" "modules/mod_authz_core.so" ] |
|
[ "dir_module" "modules/mod_dir.so" ] |
|
[ "mime_module" "modules/mod_mime.so" ] |
|
]; |
|
} |
|
{ |
|
Listen = "0.0.0.0:80"; |
|
|
|
ServerRoot = "/var/www"; |
|
ServerName = "blowhole"; |
|
PidFile = "/httpd.pid"; |
|
|
|
DocumentRoot = "/var/www"; |
|
|
|
User = "www-data"; |
|
Group = "www-data"; |
|
} |
|
|
|
{ |
|
ErrorLog = "/dev/stderr"; |
|
TransferLog = "/dev/stdout"; |
|
|
|
LogLevel = "info"; |
|
} |
|
|
|
{ |
|
AddType = [ |
|
[ "image/svg+xml" "svg" "svgz" ] |
|
]; |
|
AddEncoding = [ "gzip" "svgz" ]; |
|
|
|
TypesConfig = "${pkgs.apacheHttpd}/conf/mime.types"; |
|
} |
|
|
|
{ |
|
Directory = { |
|
"/" = { |
|
Require = [ "all" "denied" ]; |
|
Options = "SymlinksIfOwnerMatch"; |
|
}; |
|
}; |
|
|
|
VirtualHost = { |
|
"*:80" = { |
|
Directory = { |
|
"/var/www" = { |
|
Require = [ "all" "granted" ]; |
|
Options = [ "-Indexes" "+FollowSymlinks" ]; |
|
DirectoryIndex = "\${DIRECTORY_INDEX:-index.html}"; |
|
}; |
|
}; |
|
}; |
|
}; |
|
} |
|
]; |
|
}; |
|
}); |
|
}; |
|
}; |
|
|
|
haei = |
|
let |
|
config = self.blattConfigurations.example.config; |
|
pkgs = self.blattConfigurations.example._module.args.pkgs; |
|
closureInfo = pkgs.closureInfo |
|
{ rootPaths = [ config.init.script config.system.activationScript ]; }; |
|
in |
|
pkgs.writeShellScript "make-rootfs" '' |
|
target="$1" |
|
|
|
store_paths="$(cat ${closureInfo}/store-paths | tr '\n' ' ')" |
|
|
|
mkdir -p $target |
|
chown root:root $target |
|
for store_path in $store_paths ${config.system.build.toplevel} |
|
do |
|
if [ -d $store_path ] |
|
then |
|
mkdir -p $target/$store_path |
|
else |
|
mkdir -p "$(dirname $target/$store_path)" |
|
touch $target/$store_path |
|
fi |
|
mount -o bind,ro $store_path $target/$store_path |
|
done |
|
''; |
|
|
|
devShell = forAllSystems |
|
(system: |
|
let pkgs = nixpkgsForSystem system; |
|
in |
|
pkgs.mkShell |
|
{ nativeBuildInputs = with pkgs; |
|
[ go |
|
clang |
|
runc |
|
containerd |
|
]; |
|
} |
|
); |
|
}; |
|
}
|
|
|