50 lines
1.2 KiB
Nix
50 lines
1.2 KiB
Nix
{
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
};
|
|
|
|
nixConfig = {
|
|
extra-substituters = [ "https://cache.kyouma.net" ];
|
|
extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ];
|
|
};
|
|
|
|
outputs = { self, nixpkgs, ... }:
|
|
let
|
|
inherit (nixpkgs) lib;
|
|
inherit (lib) mapAttrs;
|
|
profiles = import ./profiles.nix;
|
|
|
|
legacyPackages = mapAttrs
|
|
(system: profile: import nixpkgs { inherit system; }) profiles;
|
|
|
|
linux-hardened = import ./linux-hardened.nix;
|
|
in {
|
|
packages = mapAttrs (system: profiles:
|
|
mapAttrs (name: profile:
|
|
linux-hardened legacyPackages.${system} profile) profiles)
|
|
profiles;
|
|
|
|
devShells = mapAttrs (system: profile:
|
|
let
|
|
pkgs = legacyPackages.${system};
|
|
dummy = linux-hardened pkgs
|
|
{ arch = ""; config = ./dummy.nix; firmware = [ ]; };
|
|
|
|
mkShell = packages: pkgs.mkShell {
|
|
inherit packages;
|
|
shellHook = ''
|
|
exec $SHELL
|
|
'';
|
|
};
|
|
in {
|
|
default = mkShell
|
|
(with pkgs; dummy.nativeBuildInputs ++ [ ncurses pkg-config ]);
|
|
}) profiles;
|
|
|
|
hydraJobs = {
|
|
kernel = self.packages;
|
|
shell = self.devShells;
|
|
};
|
|
};
|
|
}
|