diff --git a/flake.lock b/flake.lock index f88b7db..927219c 100644 --- a/flake.lock +++ b/flake.lock @@ -1,42 +1,5 @@ { "nodes": { - "fenix": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1710656467, - "narHash": "sha256-4Plj0vNP+ckWVNi6EtVojL9YV2dwSH7H4UMFCV40VE8=", - "owner": "nix-community", - "repo": "fenix", - "rev": "c53bb4a32f2fce7acf4e8e160a54779c4460ffdb", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -62,11 +25,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -83,11 +46,11 @@ ] }, "locked": { - "lastModified": 1703887061, - "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "type": "github" }, "original": { @@ -96,33 +59,13 @@ "type": "github" } }, - "naersk": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1698420672, - "narHash": "sha256-/TdeHMPRjjdJub7p7+w55vyABrsJlt5QkznPYy55vKA=", - "owner": "nix-community", - "repo": "naersk", - "rev": "aeb58d5e8faead8980a807c840232697982d47b9", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "naersk", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1710701596, - "narHash": "sha256-v4lsAi3vE/sEWg0G8AydMjs3NTHlsNw8K01xw06cKLg=", + "lastModified": 1711231723, + "narHash": "sha256-dARJQ8AJOv6U+sdRePkbcVyVbXJTi1tReCrkkOeusiA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "34ad8c9f29a18b4dd97a9ad40ceb16954f24afe7", + "rev": "e1d501922fd7351da4200e1275dfcf5faaad1220", "type": "github" }, "original": { @@ -132,38 +75,24 @@ "type": "github" } }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1704874635, - "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat", + "flake-compat": [], "flake-utils": "flake-utils", "gitignore": "gitignore", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": [ + "nixpkgs" + ] }, "locked": { - "lastModified": 1708018599, - "narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=", + "lastModified": 1710923068, + "narHash": "sha256-6hOpUiuxuwpXXc/xfJsBUJeqqgGI+JMJuLo45aG3cKc=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431", + "rev": "e611897ddfdde3ed3eaac4758635d7177ff78673", "type": "github" }, "original": { @@ -179,11 +108,11 @@ ] }, "locked": { - "lastModified": 1710407041, - "narHash": "sha256-rCHklFHPzrq341KoTgXNdknNZbjOJ+VmalqX5s5YdGM=", + "lastModified": 1711158989, + "narHash": "sha256-exgncIe/lQIswv2L1M0y+RrHAg5dofLFCOxGu4/yJww=", "owner": "getchoo", "repo": "procfile-nix", - "rev": "7a0ab379a4ab71c9deccaca9fb463e9aaea363d8", + "rev": "6388308f9e9c8a8fbfdff54b30adf486fa292cf9", "type": "github" }, "original": { @@ -194,29 +123,35 @@ }, "root": { "inputs": { - "fenix": "fenix", "flake-parts": "flake-parts", - "naersk": "naersk", "nixpkgs": "nixpkgs", "pre-commit-hooks": "pre-commit-hooks", "procfile-nix": "procfile-nix", + "rust-overlay": "rust-overlay", "treefmt-nix": "treefmt-nix" } }, - "rust-analyzer-src": { - "flake": false, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "pre-commit-hooks", + "flake-utils" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, "locked": { - "lastModified": 1710610549, - "narHash": "sha256-xFIGLn5u+msUazlLbdjZ3gQgXrt7Lrlhq+XXUH0XU/0=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "5ecace48f693afaa6adf8cb23086b651db3aec96", + "lastModified": 1711246447, + "narHash": "sha256-g9TOluObcOEKewFo2fR4cn51Y/jSKhRRo4QZckHLop0=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "dcc802a6ec4e9cc6a1c8c393327f0c42666f22e4", "type": "github" }, "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", + "owner": "oxalica", + "repo": "rust-overlay", "type": "github" } }, @@ -242,11 +177,11 @@ ] }, "locked": { - "lastModified": 1710278050, - "narHash": "sha256-Oc6BP7soXqb8itlHI8UKkdf3V9GeJpa1S39SR5+HJys=", + "lastModified": 1710781103, + "narHash": "sha256-nehQK/XTFxfa6rYKtbi8M1w+IU1v5twYhiyA4dg1vpg=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "35791f76524086ab4b785a33e4abbedfda64bd22", + "rev": "7ee5aaac63c30d3c97a8c56efe89f3b2aa9ae564", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 47a0194..4685dde 100644 --- a/flake.nix +++ b/flake.nix @@ -8,19 +8,13 @@ inputs.nixpkgs-lib.follows = "nixpkgs"; }; - naersk = { - url = "github:nix-community/naersk"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - fenix = { - url = "github:nix-community/fenix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - pre-commit-hooks = { url = "github:cachix/pre-commit-hooks.nix"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + nixpkgs-stable.follows = "nixpkgs"; + flake-compat.follows = ""; + }; }; procfile-nix = { @@ -28,6 +22,14 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + rust-overlay = { + url = "github:oxalica/rust-overlay"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-utils.follows = "pre-commit-hooks/flake-utils"; + }; + }; + treefmt-nix = { url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -39,7 +41,7 @@ imports = [ ./nix/dev.nix ./nix/packages.nix - ./nix/deployment.nix + ./nix/deployment inputs.pre-commit-hooks.flakeModule inputs.procfile-nix.flakeModule diff --git a/nix/deployment.nix b/nix/deployment.nix deleted file mode 100644 index 115318b..0000000 --- a/nix/deployment.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ - inputs, - flake-parts-lib, - withSystem, - ... -}: { - flake.nixosModules.default = flake-parts-lib.importApply ./module.nix { - inherit withSystem; - }; - - perSystem = { - lib, - pkgs, - system, - self', - inputs', - ... - }: let - crossPkgs = - rec { - x86_64-linux = { - x86_64 = pkgs.pkgsStatic; - aarch64 = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; - }; - - aarch64-linux = { - x86_64 = pkgs.pkgsCross.musl64; - aarch64 = pkgs.pkgsStatic; - }; - - x86_64-darwin = { - x86_64 = pkgs.pkgsCross.musl64; - aarch64 = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; - }; - - aarch64-darwin = x86_64-darwin; - } - .${system}; - - refractionFor = arch: let - inherit (crossPkgs.${arch}.stdenv) cc; - - target = "${arch}-unknown-linux-musl"; - target' = builtins.replaceStrings ["-"] ["_"] target; - targetUpper = lib.toUpper target'; - - toolchain = with inputs'.fenix.packages; - combine [ - minimal.cargo - minimal.rustc - targets.${target}.latest.rust-std - ]; - - naersk' = inputs.naersk.lib.${system}.override { - cargo = toolchain; - rustc = toolchain; - }; - - refraction = self'.packages.refraction.override { - lto = true; - naersk = naersk'; - }; - - newAttrs = { - CARGO_BUILD_TARGET = target; - "CC_${target'}" = "${cc}/bin/${cc.targetPrefix}cc"; - "CARGO_TARGET_${targetUpper}_RUSTFLAGS" = "-C target-feature=+crt-static"; - "CARGO_TARGET_${targetUpper}_LINKER" = newAttrs."CC_${target'}"; - }; - in - refraction.overrideAttrs newAttrs; - - containerFor = arch: - pkgs.dockerTools.buildLayeredImage { - name = "refraction"; - tag = "latest-${arch}"; - contents = [pkgs.dockerTools.caCertificates]; - config.Cmd = [ - (lib.getExe (refractionFor arch)) - ]; - - architecture = crossPkgs.${arch}.go.GOARCH; - }; - - mkPackagesFor = arch: { - "refraction-static-${arch}" = refractionFor arch; - "container-${arch}" = containerFor arch; - }; - in { - legacyPackages = lib.attrsets.mergeAttrsList (map mkPackagesFor ["x86_64" "aarch64"]); - }; -} diff --git a/nix/deployment/default.nix b/nix/deployment/default.nix new file mode 100644 index 0000000..96eb6ee --- /dev/null +++ b/nix/deployment/default.nix @@ -0,0 +1,35 @@ +{ + flake-parts-lib, + withSystem, + ... +}: { + imports = [./static.nix]; + + flake.nixosModules.default = flake-parts-lib.importApply ./module.nix { + inherit withSystem; + }; + + perSystem = { + lib, + pkgs, + self', + ... + }: let + containerFor = arch: + pkgs.dockerTools.buildLayeredImage { + name = "refraction"; + tag = "latest-${arch}"; + contents = [pkgs.dockerTools.caCertificates]; + config.Cmd = [ + (lib.getExe self'.packages."refraction-static-${arch}") + ]; + + architecture = withSystem "${arch}-linux" ({pkgs, ...}: pkgs.pkgsStatic.go.GOARCH); + }; + in { + packages = { + container-x86_64 = containerFor "x86_64"; + container-aarch64 = containerFor "aarch64"; + }; + }; +} diff --git a/nix/module.nix b/nix/deployment/module.nix similarity index 100% rename from nix/module.nix rename to nix/deployment/module.nix diff --git a/nix/deployment/static.nix b/nix/deployment/static.nix new file mode 100644 index 0000000..83d7b2c --- /dev/null +++ b/nix/deployment/static.nix @@ -0,0 +1,41 @@ +{ + perSystem = { + lib, + pkgs, + inputs', + self', + ... + }: let + targets = with pkgs.pkgsCross; { + x86_64 = musl64.pkgsStatic; + aarch64 = aarch64-multiplatform.pkgsStatic; + }; + + toolchain = inputs'.rust-overlay.packages.rust.minimal.override { + extensions = ["rust-std"]; + targets = map (pkgs: pkgs.stdenv.hostPlatform.config) (lib.attrValues targets); + }; + + rustPlatforms = + lib.mapAttrs ( + lib.const (pkgs: + pkgs.makeRustPlatform ( + lib.genAttrs ["cargo" "rustc"] (lib.const toolchain) + )) + ) + targets; + + buildWith = rustPlatform: + self'.packages.refraction.override { + inherit rustPlatform; + lto = true; + }; + in { + packages = + lib.mapAttrs' ( + target: rustPlatform: + lib.nameValuePair "refraction-static-${target}" (buildWith rustPlatform) + ) + rustPlatforms; + }; +} diff --git a/nix/derivation.nix b/nix/derivation.nix index 9e37e05..4736d57 100644 --- a/nix/derivation.nix +++ b/nix/derivation.nix @@ -1,14 +1,18 @@ { lib, stdenv, - naersk, + rustPlatform, darwin, - version, + self, lto ? false, }: -naersk.buildPackage { +rustPlatform.buildRustPackage { pname = "refraction"; - inherit version; + version = + (lib.importTOML ../Cargo.toml).package.version + + "-${self.shortRev or self.dirtyShortRev or "unknown-dirty"}"; + + __structuredAttrs = true; src = lib.fileset.toSource { root = ../.; @@ -21,13 +25,21 @@ naersk.buildPackage { ]; }; + cargoLock = { + lockFile = ../Cargo.lock; + }; + buildInputs = lib.optionals stdenv.hostPlatform.isDarwin (with darwin.apple_sdk.frameworks; [ CoreFoundation Security SystemConfiguration ]); - cargoBuildFlags = lib.optionals lto ["-C" "lto=thin" "-C" "embed-bitcode=yes" "-Zdylib-lto"]; + env = { + CARGO_BUILD_RUSTFLAGS = lib.concatStringsSep " " ( + lib.optionals lto ["-C" "lto=thin" "-C" "embed-bitcode=yes" "-Zdylib-lto"] + ); + }; meta = with lib; { mainProgram = "refraction"; diff --git a/nix/dev.nix b/nix/dev.nix index b9bdf2f..0194f1e 100644 --- a/nix/dev.nix +++ b/nix/dev.nix @@ -5,9 +5,7 @@ config, self', ... - }: let - enableAll = lib.flip lib.genAttrs (lib.const {enable = true;}); - in { + }: { devShells.default = pkgs.mkShell { shellHook = '' ${config.pre-commit.installationScript} @@ -39,12 +37,12 @@ treefmt = { projectRootFile = "flake.nix"; - programs = enableAll [ - "alejandra" - "deadnix" - "prettier" - "rustfmt" - ]; + programs = { + alejandra.enable = true; + deadnix.enable = true; + prettier.enable = true; + rustfmt.enable = true; + }; settings.global = { excludes = [ @@ -55,15 +53,14 @@ }; }; - pre-commit.settings = { - settings.treefmt.package = config.treefmt.build.wrapper; - - hooks = enableAll [ - "actionlint" - "nil" - "statix" - "treefmt" - ]; + pre-commit.settings.hooks = { + actionlint.enable = true; + nil.enable = true; + statix.enable = true; + treefmt = { + enable = true; + package = config.treefmt.build.wrapper; + }; }; procfiles.daemons.processes = { diff --git a/nix/packages.nix b/nix/packages.nix index 19f5730..56c5c82 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -1,19 +1,11 @@ -{ - self, - inputs, - ... -}: { +{self, ...}: { perSystem = { pkgs, - system, self', ... }: { packages = { - refraction = pkgs.callPackage ./derivation.nix { - version = builtins.substring 0 7 self.rev or "dirty"; - naersk = inputs.naersk.lib.${system}; - }; + refraction = pkgs.callPackage ./derivation.nix {inherit self;}; default = self'.packages.refraction; };