Ophestra
9b3eb58a3f
For the upcoming rename of security org to rosa. Signed-off-by: Ophestra <cat@gensokyo.uk>
94 lines
2.1 KiB
Nix
94 lines
2.1 KiB
Nix
{
|
|
description = "hakurei.app website, based on grapheneos.org";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
}:
|
|
let
|
|
supportedSystems = [
|
|
"aarch64-linux"
|
|
"x86_64-linux"
|
|
];
|
|
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
|
|
in
|
|
{
|
|
checks = forAllSystems (
|
|
system:
|
|
let
|
|
pkgs = nixpkgsFor.${system};
|
|
|
|
inherit (pkgs)
|
|
runCommandLocal
|
|
nixfmt-rfc-style
|
|
deadnix
|
|
statix
|
|
;
|
|
in
|
|
{
|
|
formatting = runCommandLocal "check-formatting" { nativeBuildInputs = [ nixfmt-rfc-style ]; } ''
|
|
cd ${./.}
|
|
|
|
echo "running nixfmt..."
|
|
nixfmt --check .
|
|
|
|
touch $out
|
|
'';
|
|
|
|
lint =
|
|
runCommandLocal "check-lint"
|
|
{
|
|
nativeBuildInputs = [
|
|
deadnix
|
|
statix
|
|
];
|
|
}
|
|
''
|
|
cd ${./.}
|
|
|
|
echo "running deadnix..."
|
|
deadnix --fail
|
|
|
|
echo "running statix..."
|
|
statix check .
|
|
|
|
touch $out
|
|
'';
|
|
}
|
|
);
|
|
|
|
packages = forAllSystems (
|
|
system:
|
|
let
|
|
inherit (self.packages.${system}) static caddy;
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = caddy;
|
|
static = pkgs.callPackage ./package.nix { };
|
|
dist = pkgs.runCommand "hakurei-static-${static.version}.tar.zst" { } ''
|
|
PATH="${pkgs.zstd}/bin:$PATH" \
|
|
${pkgs.gnutar}/bin/tar \
|
|
-C '${static}' \
|
|
--zstd \
|
|
-cf \
|
|
"$out" .
|
|
'';
|
|
caddy = pkgs.writeShellScriptBin "caddy-hakurei-static" ''
|
|
exec ${pkgs.caddy}/bin/caddy \
|
|
file-server \
|
|
-a -l ":49151" \
|
|
-r ${static}
|
|
'';
|
|
}
|
|
);
|
|
};
|
|
}
|