Ophestra
e42ea32dbe
All checks were successful
Test / ShareFS (push) Successful in 41s
Test / Sandbox (race detector) (push) Successful in 45s
Test / Create distribution (push) Successful in 42s
Test / Sandbox (push) Successful in 47s
Test / Hpkg (push) Successful in 50s
Test / Hakurei (push) Successful in 56s
Test / Hakurei (race detector) (push) Successful in 56s
Test / Flake checks (push) Successful in 1m35s
Turns out this did not work because in the vm test harness, virtualisation.fileSystems completely and silently overrides fileSystems, causing its contents to not even be evaluated anymore. This is not documented as far as I can tell, and is not obvious by any stretch of the imagination. The current hack is cargo culted from nix-community/impermanence and hopefully lasts until this project fully replaces nix. Signed-off-by: Ophestra <cat@gensokyo.uk>
270 lines
7.9 KiB
Nix
270 lines
7.9 KiB
Nix
{
|
|
description = "hakurei container tool and nixos module";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
|
|
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager/release-25.11";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
home-manager,
|
|
}:
|
|
let
|
|
supportedSystems = [
|
|
"aarch64-linux"
|
|
"i686-linux"
|
|
"x86_64-linux"
|
|
];
|
|
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
|
|
in
|
|
{
|
|
nixosModules.hakurei = import ./nixos.nix self.packages;
|
|
|
|
buildPackage = forAllSystems (
|
|
system:
|
|
nixpkgsFor.${system}.callPackage (
|
|
import ./cmd/hpkg/build.nix {
|
|
inherit
|
|
nixpkgsFor
|
|
system
|
|
nixpkgs
|
|
home-manager
|
|
;
|
|
}
|
|
)
|
|
);
|
|
|
|
checks = forAllSystems (
|
|
system:
|
|
let
|
|
pkgs = nixpkgsFor.${system};
|
|
|
|
inherit (pkgs)
|
|
runCommandLocal
|
|
callPackage
|
|
nixfmt-rfc-style
|
|
deadnix
|
|
statix
|
|
;
|
|
in
|
|
{
|
|
hakurei = callPackage ./test { inherit system self; };
|
|
race = callPackage ./test {
|
|
inherit system self;
|
|
withRace = true;
|
|
};
|
|
|
|
sandbox = callPackage ./test/sandbox { inherit self; };
|
|
sandbox-race = callPackage ./test/sandbox {
|
|
inherit self;
|
|
withRace = true;
|
|
};
|
|
|
|
sharefs = callPackage ./cmd/sharefs/test { inherit system self; };
|
|
|
|
hpkg = callPackage ./cmd/hpkg/test { inherit system self; };
|
|
|
|
formatting = runCommandLocal "check-formatting" { nativeBuildInputs = [ nixfmt-rfc-style ]; } ''
|
|
cd ${./.}
|
|
|
|
echo "running nixfmt..."
|
|
nixfmt --width=256 --check .
|
|
|
|
touch $out
|
|
'';
|
|
|
|
lint =
|
|
runCommandLocal "check-lint"
|
|
{
|
|
nativeBuildInputs = [
|
|
deadnix
|
|
statix
|
|
];
|
|
}
|
|
''
|
|
cd ${./.}
|
|
|
|
echo "running deadnix..."
|
|
deadnix --fail
|
|
|
|
echo "running statix..."
|
|
statix check .
|
|
|
|
touch $out
|
|
'';
|
|
}
|
|
);
|
|
|
|
packages = forAllSystems (
|
|
system:
|
|
let
|
|
inherit (self.packages.${system}) hakurei hsu;
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = hakurei;
|
|
hakurei = pkgs.pkgsStatic.callPackage ./package.nix {
|
|
inherit (pkgs)
|
|
# passthru.buildInputs
|
|
go
|
|
clang
|
|
|
|
# nativeBuildInputs
|
|
pkg-config
|
|
wayland-scanner
|
|
makeBinaryWrapper
|
|
|
|
# appPackages
|
|
glibc
|
|
xdg-dbus-proxy
|
|
|
|
# hpkg
|
|
zstd
|
|
gnutar
|
|
coreutils
|
|
|
|
# for check
|
|
util-linux
|
|
nettools
|
|
;
|
|
};
|
|
hsu = pkgs.callPackage ./cmd/hsu/package.nix { inherit (self.packages.${system}) hakurei; };
|
|
sharefs = pkgs.linkFarm "sharefs" {
|
|
"bin/sharefs" = "${hakurei}/libexec/sharefs";
|
|
"bin/mount.fuse.sharefs" = "${hakurei}/libexec/sharefs";
|
|
};
|
|
|
|
dist = pkgs.runCommand "${hakurei.name}-dist" { buildInputs = hakurei.targetPkgs ++ [ pkgs.pkgsStatic.musl ]; } ''
|
|
# go requires XDG_CACHE_HOME for the build cache
|
|
export XDG_CACHE_HOME="$(mktemp -d)"
|
|
|
|
# get a different workdir as go does not like /build
|
|
cd $(mktemp -d) \
|
|
&& cp -r ${hakurei.src}/. . \
|
|
&& chmod +w cmd && cp -r ${hsu.src}/. cmd/hsu/ \
|
|
&& chmod -R +w .
|
|
|
|
export HAKUREI_VERSION="v${hakurei.version}"
|
|
CC="clang -O3 -Werror" ./dist/release.sh && mkdir $out && cp -v "dist/hakurei-$HAKUREI_VERSION.tar.gz"* $out
|
|
'';
|
|
}
|
|
);
|
|
|
|
devShells = forAllSystems (
|
|
system:
|
|
let
|
|
inherit (self.packages.${system}) hakurei;
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = pkgs.mkShell {
|
|
buildInputs = hakurei.targetPkgs;
|
|
hardeningDisable = [ "fortify" ];
|
|
};
|
|
withPackage = pkgs.mkShell { buildInputs = [ hakurei ] ++ hakurei.targetPkgs; };
|
|
|
|
vm =
|
|
let
|
|
nixos = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
{
|
|
environment = {
|
|
systemPackages = [
|
|
(pkgs.buildFHSEnv {
|
|
pname = "hakurei-fhs";
|
|
inherit (hakurei) version;
|
|
targetPkgs = _: hakurei.targetPkgs;
|
|
extraOutputsToInstall = [ "dev" ];
|
|
profile = ''
|
|
export PKG_CONFIG_PATH="/usr/share/pkgconfig:$PKG_CONFIG_PATH"
|
|
'';
|
|
})
|
|
];
|
|
|
|
hakurei =
|
|
let
|
|
# this is used for interactive vm testing during development, where tests might be broken
|
|
package = self.packages.${pkgs.stdenv.hostPlatform.system}.hakurei.override {
|
|
buildGoModule = previousArgs: pkgs.pkgsStatic.buildGoModule (previousArgs // { doCheck = false; });
|
|
};
|
|
in
|
|
{
|
|
inherit package;
|
|
hsuPackage = self.packages.${pkgs.stdenv.hostPlatform.system}.hsu.override { hakurei = package; };
|
|
};
|
|
};
|
|
}
|
|
|
|
./test/interactive/configuration.nix
|
|
./test/interactive/vm.nix
|
|
./test/interactive/hakurei.nix
|
|
./test/interactive/trace.nix
|
|
|
|
self.nixosModules.hakurei
|
|
self.inputs.home-manager.nixosModules.home-manager
|
|
];
|
|
};
|
|
in
|
|
pkgs.mkShell {
|
|
buildInputs = [ nixos.config.system.build.vm ];
|
|
shellHook = "exec run-nixos-vm $@";
|
|
};
|
|
|
|
generateDoc =
|
|
let
|
|
inherit (pkgs) lib;
|
|
|
|
doc =
|
|
let
|
|
eval = lib.evalModules {
|
|
specialArgs = {
|
|
inherit pkgs;
|
|
};
|
|
modules = [ (import ./options.nix self.packages) ];
|
|
};
|
|
cleanEval = lib.filterAttrsRecursive (n: _: n != "_module") eval;
|
|
in
|
|
pkgs.nixosOptionsDoc { inherit (cleanEval) options; };
|
|
docText = pkgs.runCommand "hakurei-module-docs.md" { } ''
|
|
cat ${doc.optionsCommonMark} > $out
|
|
sed -i '/*Declared by:*/,+1 d' $out
|
|
'';
|
|
in
|
|
pkgs.mkShell {
|
|
shellHook = ''
|
|
exec cat ${docText} > options.md
|
|
'';
|
|
};
|
|
|
|
generateSyscallTable =
|
|
let
|
|
GOARCH = {
|
|
x86_64-linux = "amd64";
|
|
aarch64-linux = "arm64";
|
|
};
|
|
in
|
|
pkgs.mkShell {
|
|
shellHook = "exec ${pkgs.writeShellScript "generate-syscall-table" ''
|
|
set -e
|
|
${pkgs.perl}/bin/perl \
|
|
container/std/mksysnum_linux.pl \
|
|
${pkgs.linuxHeaders}/include/asm/unistd_64.h | \
|
|
${pkgs.go}/bin/gofmt > \
|
|
container/std/syscall_linux_${GOARCH.${system}}.go
|
|
''}";
|
|
};
|
|
}
|
|
);
|
|
};
|
|
}
|