diff --git a/flake.nix b/flake.nix index afd29fa..0fe4f8f 100644 --- a/flake.nix +++ b/flake.nix @@ -4,14 +4,12 @@ inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; inputs.flake-utils.url = "github:numtide/flake-utils"; - outputs = { self, nixpkgs, flake-utils }: - flake-utils.lib.eachDefaultSystem (system: let - pkgs = nixpkgs.legacyPackages.${system}; - in rec { - packages.vid = pkgs.stdenv.mkDerivation { + outputs = { self, nixpkgs, flake-utils }: { + overlays.default = final: prev: rec { + vid = prev.stdenv.mkDerivation { name = "kyouma-www-vid"; src = ./.; - buildInputs = [ pkgs.yt-dlp ]; + buildInputs = [ prev.yt-dlp ]; buildPhase = '' yt-dlp -f 136+251 C4oApBlw7Gc --merge-output-format mp4 -o "media/sunnyday-avc.mp4" yt-dlp -f 398+251 C4oApBlw7Gc --merge-output-format mp4 -o "media/sunnyday-av1.mp4" @@ -21,120 +19,130 @@ outputHashAlgo = "sha256"; outputHash = "abrls86wyBJaZN3QM/p8fRoGQ7jVseao3F4oiMPh+84="; }; - packages.kyouma-www = pkgs.stdenv.mkDerivation { + kyouma-www = prev.stdenv.mkDerivation { pname = "kyouma-www"; version = self.shortRev or (toString self.lastModifiedDate); src = ./.; buildPhase = ''''; installPhase = ''cp -r src $out''; }; - packages.default = packages.kyouma-www; - nixosModules.default = - { config, options, pkgs, lib, ... }: with lib; - let - cfg = config.services.vyosBld; - bldFlags = (attrsets.mapAttrsToList (flag: opt: "--" + flag + " " + opt) cfg.buildFlags); - in { - options.services.vyosBld = { - enable = mkEnableOption "VyOS automatic build"; + }; + nixosModules.default = + { config, options, pkgs, lib, ... }: with lib; + let + cfg = config.services.vyosBld; + bldFlags = (attrsets.mapAttrsToList (flag: opt: "--" + flag + " " + opt) cfg.buildFlags); + vyosBuildScript = pkgs.writeShellScript "build-vyos" '' + cleanup() { + rmdir "$root" + } + root="$(mktemp -d)" + trap cleanup EXIT + iso_name="vyos-${cfg.buildFlags.version}-${cfg.buildFlags.architecture}.iso" + bld_dir="$root/vyos-build" + docker_cmd="${pkgs.docker}/bin/docker run --rm -it --privileged -v $bld_dir:/vyos -w /vyos vyos/vyos-build:current" - output = mkOption { - type = types.str; - default = null; - description = "Where the iso should be copied"; + git clone -b current --single-branch https://github.com/vyos/vyos-build $root + $docker_cmd sudo ./build-vyos-image ${cfg.flavor} ${builtins.concatStringsSep " " bldFlags} + $docker_cmd sudo chown -R ${builtins.toString config.users.users.vyos-bld.uid}:${builtins.toString config.users.groups.vyos-bld.gid} /vyos + + cp $bld_dir/build/$iso_name ${cfg.output} + mapfile -t old_isos < <(ls ${cfg.output} | head -n -${builtins.toString cfg.keep}) + for i in ''${old_isos[@]}; do + rm -r ${cfg.output}/''${old_iso[$i]} + done + ''; + in { + options.services.vyosBld = { + enable = mkEnableOption "VyOS automatic build"; + + output = mkOption { + type = types.str; + default = "/nix/var/vyos-build"; + description = "Where the iso should be copied"; + }; + + keep = mkOption { + type = types.number; + default = 5; + description = "Amount of versions to keep"; + }; + + buildFreq = mkOption { + type = types.str; + default = "*-*-* 4:20:00"; + description = "How often a new Image should be build. See {manpage}`systemd.timer(5)`"; + }; + + flavor = mkOption { + type = types.str; + default = "iso"; + description = "See VyOS build docs"; + }; + + buildFlags = mkOption { + type = types.attrs; + default = ""; + description = "Build Flags see https://docs.vyos.io/en/latest/contributing/build-vyos.html + example: + { build-by = 'mail@server.tld' }"; + }; + }; + config = with lib; mkIf cfg.enable { + users = { + users.vyos-bld = { + isSystemUser = true; + group = "vyos-bld"; }; - - keep = mkOption { - type = types.number; - default = 5; - description = "Amount of versions to keep"; + groups.vyos-bld = {}; + }; + virtualisation.docker = { + daemon.settings = { + ipv6 = true; + fixed-cidr-v6 = "fd00::/80"; }; - - buildFreq = mkOption { - type = types.str; - default = "*-*-* 4:20:00"; - description = "How often a new Image should be build. See {manpage}`systemd.timer(5)`"; + autoPrune = { + enable = true; + flags = [ "--all" "--filter until=24h" ]; }; - - flavor = mkOption { - type = types.str; - default = "iso"; - description = "See VyOS build docs"; - }; - - buildFlags = mkOption { - type = types.attrs; - default = ""; - description = "Build Flags see https://docs.vyos.io/en/latest/contributing/build-vyos.html - example: - { build-by = 'mail@server.tld' }"; + rootless = { + enable = true; + setSocketVariable = true; }; }; - config = with lib; mkIf cfg.enable { - users = { - users.vyos-bld = { - isSystemUser = true; - group = "vyos-bld"; - }; - groups.vyos-bld = {}; - }; - virtualisation.docker = { - daemon.settings = { - ipv6 = true; - fixed-cidr-v6 = "fd00::/80"; - }; - autoPrune = { - enable = true; - flags = [ "--all" "--filter until=24h" ]; - }; - rootless = { - enable = true; - setSocketVariable = true; + networking.firewall.extraCommands = ''ip6tables -t nat -A POSTROUTING -s fd00::/80 ! -o docker0 -j MASQUERADE''; + + systemd = { + services.docker.after = [ "firewall.service" ]; + services.vyosBld = { + serviceConfig = { + User = "vyos-bld"; + Group = "vyos-bld"; + ExecStart = vyosBuildScript; + + PrivateTmp = true; + ProtectHome = true; }; }; - networking.firewall.extraCommands = ''ip6tables -t nat -A POSTROUTING -s fd00::/80 ! -o docker0 -j MASQUERADE''; - - cfg.bldScript = pkgs.writeShellScrip "build-vyos" '' - cleanup() { - rmdir "$root" - } - root="$(mktemp -d)" - trap cleanup EXIT - iso_name="vyos-${cfg.buildFlags.version}-${cfg.buildFlags.architecture}.iso" - bld_dir="$root/vyos-build" - docker_cmd="${pkgs.docker}/bin/docker run --rm -it --privileged -v $bld_dir:/vyos -w /vyos vyos/vyos-build:current" - - git clone -b current --single-branch https://github.com/vyos/vyos-build $root - $docker_cmd sudo ./build-vyos-image ${flavor} ${builtins.concatStringsSep " " bldFlags} - $docker_cmd sudo chown -R ${config.users.users.vyos-bld.uid}:${config.users.groups.vyos-bld.gid} /vyos - - cp $bld_dir/build/$iso_name ${cfg.output} - mapfile -t old_isos < <(ls ${cfg.output} | head -n -${builtins.toString cfg.keep}) - for i in $\{old_isos[@]}; do - rm -r ${cfg.output}/$\{old_iso[$i]} - done - ''; - systemd = { - services.docker.after = [ "firewall.service" ]; - services.vyosBld = { - serviceConfig = { - User = "vyos-bld"; - Group = "vyos-bld"; - ExecStart = cfg.bldScript; - - PrivateTmp = true; - ProtectHome = true; - }; - }; - timers.vyosBld = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = cfg.buildFreq; - }; + timers.vyosBld = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = cfg.buildFreq; }; }; }; - } - ; - }); + }; + } + ; + } // flake-utils.lib.eachDefaultSystem (system: let + pkgs = import nixpkgs { + inherit system; + overlays = [ self.overlays.default ]; + }; + in rec { + packages = { + inherit (pkgs) vid kyouma-www; + default = packages.kyouma-www; + }; + }); }