Ophestra
2a5e0e1b50
Some checks failed
Test / Create distribution (push) Successful in 43s
Test / Sandbox (push) Successful in 2m27s
Test / Hakurei (push) Successful in 3m24s
Test / ShareFS (push) Successful in 3m25s
Test / Hpkg (push) Successful in 4m7s
Test / Hakurei (race detector) (push) Successful in 5m33s
Test / Sandbox (race detector) (push) Successful in 4m36s
Test / Flake checks (push) Failing after 1m36s
Turns out this did not work because in the vm test harness, virtualisation.fileSystems completely and silently overrides fileSystems, causing its contents to not even be evaluated anymore. This is not documented as far as I can tell, and is not obvious by any stretch of the imagination. The current hack is cargo culted from nix-community/impermanence and hopefully lasts until this project fully replaces nix. Signed-off-by: Ophestra <cat@gensokyo.uk>
270 lines
7.9 KiB
Nix
270 lines
7.9 KiB
Nix
{
|
|
description = "hakurei container tool and nixos module";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
|
|
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager/release-25.11";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
home-manager,
|
|
}:
|
|
let
|
|
supportedSystems = [
|
|
"aarch64-linux"
|
|
"i686-linux"
|
|
"x86_64-linux"
|
|
];
|
|
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
|
|
in
|
|
{
|
|
nixosModules.hakurei = import ./nixos.nix self.packages;
|
|
|
|
buildPackage = forAllSystems (
|
|
system:
|
|
nixpkgsFor.${system}.callPackage (
|
|
import ./cmd/hpkg/build.nix {
|
|
inherit
|
|
nixpkgsFor
|
|
system
|
|
nixpkgs
|
|
home-manager
|
|
;
|
|
}
|
|
)
|
|
);
|
|
|
|
checks = forAllSystems (
|
|
system:
|
|
let
|
|
pkgs = nixpkgsFor.${system};
|
|
|
|
inherit (pkgs)
|
|
runCommandLocal
|
|
callPackage
|
|
nixfmt-rfc-style
|
|
deadnix
|
|
statix
|
|
;
|
|
in
|
|
{
|
|
hakurei = callPackage ./test { inherit system self; };
|
|
race = callPackage ./test {
|
|
inherit system self;
|
|
withRace = true;
|
|
};
|
|
|
|
sandbox = callPackage ./test/sandbox { inherit self; };
|
|
sandbox-race = callPackage ./test/sandbox {
|
|
inherit self;
|
|
withRace = true;
|
|
};
|
|
|
|
sharefs = callPackage ./cmd/sharefs/test { inherit system self; };
|
|
|
|
hpkg = callPackage ./cmd/hpkg/test { inherit system self; };
|
|
|
|
formatting = runCommandLocal "check-formatting" { nativeBuildInputs = [ nixfmt-rfc-style ]; } ''
|
|
cd ${./.}
|
|
|
|
echo "running nixfmt..."
|
|
nixfmt --width=256 --check .
|
|
|
|
touch $out
|
|
'';
|
|
|
|
lint =
|
|
runCommandLocal "check-lint"
|
|
{
|
|
nativeBuildInputs = [
|
|
deadnix
|
|
statix
|
|
];
|
|
}
|
|
''
|
|
cd ${./.}
|
|
|
|
echo "running deadnix..."
|
|
deadnix --fail
|
|
|
|
echo "running statix..."
|
|
statix check .
|
|
|
|
touch $out
|
|
'';
|
|
}
|
|
);
|
|
|
|
packages = forAllSystems (
|
|
system:
|
|
let
|
|
inherit (self.packages.${system}) hakurei hsu;
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = hakurei;
|
|
hakurei = pkgs.pkgsStatic.callPackage ./package.nix {
|
|
inherit (pkgs)
|
|
# passthru.buildInputs
|
|
go
|
|
clang
|
|
|
|
# nativeBuildInputs
|
|
pkg-config
|
|
wayland-scanner
|
|
makeBinaryWrapper
|
|
|
|
# appPackages
|
|
glibc
|
|
xdg-dbus-proxy
|
|
|
|
# hpkg
|
|
zstd
|
|
gnutar
|
|
coreutils
|
|
|
|
# for check
|
|
util-linux
|
|
nettools
|
|
;
|
|
};
|
|
hsu = pkgs.callPackage ./cmd/hsu/package.nix { inherit (self.packages.${system}) hakurei; };
|
|
sharefs = pkgs.linkFarm "sharefs" {
|
|
"bin/sharefs" = "${hakurei}/libexec/sharefs";
|
|
"bin/mount.fuse.sharefs" = "${hakurei}/libexec/sharefs";
|
|
};
|
|
|
|
dist = pkgs.runCommand "${hakurei.name}-dist" { buildInputs = hakurei.targetPkgs ++ [ pkgs.pkgsStatic.musl ]; } ''
|
|
# go requires XDG_CACHE_HOME for the build cache
|
|
export XDG_CACHE_HOME="$(mktemp -d)"
|
|
|
|
# get a different workdir as go does not like /build
|
|
cd $(mktemp -d) \
|
|
&& cp -r ${hakurei.src}/. . \
|
|
&& chmod +w cmd && cp -r ${hsu.src}/. cmd/hsu/ \
|
|
&& chmod -R +w .
|
|
|
|
export HAKUREI_VERSION="v${hakurei.version}"
|
|
CC="clang -O3 -Werror" ./dist/release.sh && mkdir $out && cp -v "dist/hakurei-$HAKUREI_VERSION.tar.gz"* $out
|
|
'';
|
|
}
|
|
);
|
|
|
|
devShells = forAllSystems (
|
|
system:
|
|
let
|
|
inherit (self.packages.${system}) hakurei;
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = pkgs.mkShell {
|
|
buildInputs = hakurei.targetPkgs;
|
|
hardeningDisable = [ "fortify" ];
|
|
};
|
|
withPackage = pkgs.mkShell { buildInputs = [ hakurei ] ++ hakurei.targetPkgs; };
|
|
|
|
vm =
|
|
let
|
|
nixos = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
{
|
|
environment = {
|
|
systemPackages = [
|
|
(pkgs.buildFHSEnv {
|
|
pname = "hakurei-fhs";
|
|
inherit (hakurei) version;
|
|
targetPkgs = _: hakurei.targetPkgs;
|
|
extraOutputsToInstall = [ "dev" ];
|
|
profile = ''
|
|
export PKG_CONFIG_PATH="/usr/share/pkgconfig:$PKG_CONFIG_PATH"
|
|
'';
|
|
})
|
|
];
|
|
|
|
hakurei =
|
|
let
|
|
# this is used for interactive vm testing during development, where tests might be broken
|
|
package = self.packages.${pkgs.stdenv.hostPlatform.system}.hakurei.override {
|
|
buildGoModule = previousArgs: pkgs.pkgsStatic.buildGoModule (previousArgs // { doCheck = false; });
|
|
};
|
|
in
|
|
{
|
|
inherit package;
|
|
hsuPackage = self.packages.${pkgs.stdenv.hostPlatform.system}.hsu.override { hakurei = package; };
|
|
};
|
|
};
|
|
}
|
|
|
|
./test/interactive/configuration.nix
|
|
./test/interactive/vm.nix
|
|
./test/interactive/hakurei.nix
|
|
./test/interactive/trace.nix
|
|
|
|
self.nixosModules.hakurei
|
|
self.inputs.home-manager.nixosModules.home-manager
|
|
];
|
|
};
|
|
in
|
|
pkgs.mkShell {
|
|
buildInputs = [ nixos.config.system.build.vm ];
|
|
shellHook = "exec run-nixos-vm $@";
|
|
};
|
|
|
|
generateDoc =
|
|
let
|
|
inherit (pkgs) lib;
|
|
|
|
doc =
|
|
let
|
|
eval = lib.evalModules {
|
|
specialArgs = {
|
|
inherit pkgs;
|
|
};
|
|
modules = [ (import ./options.nix self.packages) ];
|
|
};
|
|
cleanEval = lib.filterAttrsRecursive (n: _: n != "_module") eval;
|
|
in
|
|
pkgs.nixosOptionsDoc { inherit (cleanEval) options; };
|
|
docText = pkgs.runCommand "hakurei-module-docs.md" { } ''
|
|
cat ${doc.optionsCommonMark} > $out
|
|
sed -i '/*Declared by:*/,+1 d' $out
|
|
'';
|
|
in
|
|
pkgs.mkShell {
|
|
shellHook = ''
|
|
exec cat ${docText} > options.md
|
|
'';
|
|
};
|
|
|
|
generateSyscallTable =
|
|
let
|
|
GOARCH = {
|
|
x86_64-linux = "amd64";
|
|
aarch64-linux = "arm64";
|
|
};
|
|
in
|
|
pkgs.mkShell {
|
|
shellHook = "exec ${pkgs.writeShellScript "generate-syscall-table" ''
|
|
set -e
|
|
${pkgs.perl}/bin/perl \
|
|
container/std/mksysnum_linux.pl \
|
|
${pkgs.linuxHeaders}/include/asm/unistd_64.h | \
|
|
${pkgs.go}/bin/gofmt > \
|
|
container/std/syscall_linux_${GOARCH.${system}}.go
|
|
''}";
|
|
};
|
|
}
|
|
);
|
|
};
|
|
}
|