diff --git a/.envrc b/.envrc index 095d31a..15392ab 100644 --- a/.envrc +++ b/.envrc @@ -1,10 +1,4 @@ -if type lorri &>/dev/null; then - # https://github.com/target/lorri - eval "$(lorri direnv)" -else - # fall back to using direnv's builtin nix support - use nix -fi +use flake VIRTUAL_ENV="$PWD/venv" if [ ! -e venv ] diff --git a/.gitignore b/.gitignore index 810c99c..093e87c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ /Session.vim *.egg-info __pycache__ +/.direnv/ diff --git a/default.nix b/default.nix deleted file mode 100644 index 500f085..0000000 --- a/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ sources ? import ./nix/sources.nix }: - -let - pkgs = import sources.nixpkgs {}; - python = import ./requirements.nix { inherit pkgs; }; -in - -python.mkDerivation { - pname = "strojnadzor"; - version = "0.0.1"; - src = pkgs.nix-gitignore.gitignoreSource [] ./.; - buildInputs = []; - propagatedBuildInputs = with python.packages; [ - aldryn-forms - django-absolute - django-cms - django-emailit - django-filer - django-sekizai - django-simple-captcha - django-treebeard - djangocms-bootstrap4 - djangocms-file - djangocms-googlemap - djangocms-icon - djangocms-link - djangocms-picture - djangocms-snippet - djangocms-style - djangocms-text-ckeditor - djangocms-video - easy-thumbnails - gunicorn - python-dotenv - setuptools - ]; -} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..98fab4b --- /dev/null +++ b/flake.lock @@ -0,0 +1,59 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1612433293, + "narHash": "sha256-p9vbZBJE8BqLr4uOC+RP12Kg6v6u/gpi8jJ2v1iBAk4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2b9daa020d40aac9d6ff3d1941d22acf4a3e9229", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-20.09", + "type": "indirect" + } + }, + "pypi2nix": { + "flake": false, + "locked": { + "lastModified": 1590927832, + "narHash": "sha256-NOvfnrXVigRAAw5JzL/2rN3AAgDdVthpgCYCbv/wr/8=", + "owner": "nix-community", + "repo": "pypi2nix", + "rev": "0dbd119465ff2ccbe43cb83431eba792b536a640", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "pypi2nix", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs", + "pypi2nix": "pypi2nix", + "utils": "utils" + } + }, + "utils": { + "locked": { + "lastModified": 1610051610, + "narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..5fe7e56 --- /dev/null +++ b/flake.nix @@ -0,0 +1,91 @@ +{ + description = "A very basic flake"; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-20.09"; + utils.url = "github:numtide/flake-utils"; + pypi2nix = { + url = "github:nix-community/pypi2nix"; + flake = false; + }; + }; + + outputs = { self, nixpkgs, utils, pypi2nix }: + { + overlay = final: prev: { + strojnadzor = self.packages.${final.system}.strojnadzor; + }; + + nixosModules.strojnadzor = { + imports = [ ./module.nix ]; + nixpkgs.overlays = [ self.overlay ]; + }; + nixosModule = self.nixosModules.strojnadzor; + + nixosConfigurations.strojnadzor = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + self.nixosModules.strojnadzor + { + networking.hostName = "strojnadzor"; + boot.isContainer = true; + services.strojnadzor.enable = true; + } + ]; + }; + } // utils.lib.eachSystem [ "x86_64-linux" ] ( + system: let + pkgs = nixpkgs.legacyPackages.${system}; + python = import ./requirements.nix { inherit pkgs; }; + pypi2nix' = import pypi2nix; + in + rec { + devShell = pkgs.mkShell { + name = "strojnadzor-env"; + buildInputs = [ + pkgs.nodejs + pypi2nix + python.interpreter + ]; + }; + + packages.strojnadzor = python.mkDerivation { + pname = "strojnadzor"; + version = "0.0.1"; + src = pkgs.nix-gitignore.gitignoreSource [] ./.; + buildInputs = []; + propagatedBuildInputs = with python.packages; [ + aldryn-forms + django-absolute + django-cms + django-emailit + django-filer + django-sekizai + django-simple-captcha + django-treebeard + djangocms-bootstrap4 + djangocms-file + djangocms-googlemap + djangocms-icon + djangocms-link + djangocms-picture + djangocms-snippet + djangocms-style + djangocms-text-ckeditor + djangocms-video + easy-thumbnails + gunicorn + python-dotenv + setuptools + ]; + }; + defaultPackage = packages.strojnadzor; + + apps.strojnadzor = utils.lib.mkApp { + drv = packages.strojnadzor; + }; + defaultApp = apps.strojnadzor; + + } + ); +} diff --git a/module.nix b/module.nix index 5b57056..5bfed00 100644 --- a/module.nix +++ b/module.nix @@ -4,8 +4,6 @@ with lib; let - strojnadzor = import ./. {}; - cfg = config.services.strojnadzor; hsts = '' @@ -14,7 +12,7 @@ let static = pkgs.runCommand "static" {} '' export STROJNADZOR_STATIC_ROOT="$out" - ${strojnadzor}/bin/strojnadzor-admin collectstatic + ${cfg.package}/bin/strojnadzor-admin collectstatic ''; in @@ -29,6 +27,11 @@ in Whether to enable Strojnadzor "; }; + package = mkOption { + type = types.path; + default = pkgs.strojnadzor; + description = "The Strojnadzor package."; + }; hostName = mkOption { default = "golovizin.ru"; type = types.str; @@ -96,8 +99,8 @@ in Type = "notify"; User = "strojnadzor"; Group = "strojnadzor"; - ExecStartPre = "${strojnadzor}/bin/strojnadzor-admin migrate"; - ExecStart = "${strojnadzor}/bin/strojnadzor-admin runserver-gunicorn"; + ExecStartPre = "${cfg.package}/bin/strojnadzor-admin migrate"; + ExecStart = "${cfg.package}/bin/strojnadzor-admin runserver-gunicorn"; StateDirectory = "strojnadzor"; CapabilityBoundingSet = ""; LockPersonality = true; diff --git a/nix/sources.json b/nix/sources.json deleted file mode 100644 index 19f896d..0000000 --- a/nix/sources.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "nixpkgs": { - "branch": "nixos-unstable", - "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to", - "homepage": "https://github.com/NixOS/nixpkgs", - "owner": "NixOS", - "repo": "nixpkgs-channels", - "rev": "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38", - "sha256": "1ak7jqx94fjhc68xh1lh35kh3w3ndbadprrb762qgvcfb8351x8v", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs-channels/archive/c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "pypi2nix": { - "branch": "master", - "description": "Generate Nix expressions for Python packages [maintainer=@seppeljordan]", - "homepage": "", - "owner": "nix-community", - "repo": "pypi2nix", - "rev": "0dbd119465ff2ccbe43cb83431eba792b536a640", - "sha256": "1zxgy3znw0i6h1lxhmnx001c1pdcyszwqj8f0d0092nmnngdzsrl", - "type": "tarball", - "url": "https://github.com/nix-community/pypi2nix/archive/0dbd119465ff2ccbe43cb83431eba792b536a640.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - } -} diff --git a/nix/sources.nix b/nix/sources.nix deleted file mode 100644 index b64b8f8..0000000 --- a/nix/sources.nix +++ /dev/null @@ -1,148 +0,0 @@ -# This file has been generated by Niv. - -let - - # - # The fetchers. fetch_ fetches specs of type . - # - - fetch_file = pkgs: spec: - if spec.builtin or true then - builtins_fetchurl { inherit (spec) url sha256; } - else - pkgs.fetchurl { inherit (spec) url sha256; }; - - fetch_tarball = pkgs: name: spec: - let - ok = str: ! builtins.isNull (builtins.match "[a-zA-Z0-9+-._?=]" str); - # sanitize the name, though nix will still fail if name starts with period - name' = stringAsChars (x: if ! ok x then "-" else x) "${name}-src"; - in - if spec.builtin or true then - builtins_fetchTarball { name = name'; inherit (spec) url sha256; } - else - pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; - - fetch_git = spec: - builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; }; - - fetch_local = spec: spec.path; - - fetch_builtin-tarball = name: throw - ''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=tarball -a builtin=true''; - - fetch_builtin-url = name: throw - ''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=file -a builtin=true''; - - # - # Various helpers - # - - # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: - let - sourcesNixpkgs = - import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}; - hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; - hasThisAsNixpkgsPath = == ./.; - in - if builtins.hasAttr "nixpkgs" sources - then sourcesNixpkgs - else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then - import {} - else - abort - '' - Please specify either (through -I or NIX_PATH=nixpkgs=...) or - add a package called "nixpkgs" to your sources.json. - ''; - - # The actual fetching function. - fetch = pkgs: name: spec: - - if ! builtins.hasAttr "type" spec then - abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then fetch_file pkgs spec - else if spec.type == "tarball" then fetch_tarball pkgs name spec - else if spec.type == "git" then fetch_git spec - else if spec.type == "local" then fetch_local spec - else if spec.type == "builtin-tarball" then fetch_builtin-tarball name - else if spec.type == "builtin-url" then fetch_builtin-url name - else - abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; - - # If the environment variable NIV_OVERRIDE_${name} is set, then use - # the path directly as opposed to the fetched source. - replace = name: drv: - let - saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; - ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in - if ersatz == "" then drv else ersatz; - - # Ports of functions for older nix versions - - # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or ( - f: set: with builtins; - listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)) - ); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 - stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); - concatStrings = builtins.concatStringsSep ""; - - # fetchTarball version that is compatible between all the versions of Nix - builtins_fetchTarball = { url, name, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchTarball; - in - if lessThan nixVersion "1.12" then - fetchTarball { inherit name url; } - else - fetchTarball attrs; - - # fetchurl version that is compatible between all the versions of Nix - builtins_fetchurl = { url, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchurl; - in - if lessThan nixVersion "1.12" then - fetchurl { inherit url; } - else - fetchurl attrs; - - # Create the final "sources" from the config - mkSources = config: - mapAttrs ( - name: spec: - if builtins.hasAttr "outPath" spec - then abort - "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); } - ) config.sources; - - # The "config" used by the fetchers - mkConfig = - { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) - , pkgs ? mkPkgs sources - }: rec { - # The sources, i.e. the attribute set of spec name to spec - inherit sources; - - # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers - inherit pkgs; - }; - -in -mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } diff --git a/shell.nix b/shell.nix deleted file mode 100644 index a819f4a..0000000 --- a/shell.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ sources ? import ./nix/sources.nix }: - -let - pkgs = import sources.nixpkgs {}; - pypi2nix = import sources.pypi2nix {}; - python = import ./requirements.nix { inherit pkgs; }; -in - pkgs.mkShell { - name = "strojnadzor-env"; - buildInputs = [ - pkgs.nodejs - pypi2nix - python.interpreter - ]; - shellHook = '' - ''; - preferLocalBuild = true; - }