Merge pull request #25 from nix-community/flake

Deduplicate nixpkgs in Flakes Inputs
This commit is contained in:
Julian Stecklina 2022-12-11 14:47:27 +00:00 committed by GitHub
commit 1a63419003
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 61 deletions

View File

@ -3,11 +3,15 @@
"crane": { "crane": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"flake-utils": "flake-utils", "flake-utils": [
"flake-utils"
],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"rust-overlay": "rust-overlay" "rust-overlay": [
"rust-overlay"
]
}, },
"locked": { "locked": {
"lastModified": 1669605882, "lastModified": 1669605882,
@ -54,21 +58,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1669535121, "lastModified": 1669535121,
@ -101,60 +90,24 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-test": "nixpkgs-test", "nixpkgs-test": "nixpkgs-test",
"rust-overlay": "rust-overlay_2" "rust-overlay": "rust-overlay"
} }
}, },
"rust-overlay": { "rust-overlay": {
"inputs": { "inputs": {
"flake-utils": [ "flake-utils": [
"crane",
"flake-utils" "flake-utils"
], ],
"nixpkgs": [ "nixpkgs": [
"crane",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": {
"lastModified": 1667487142,
"narHash": "sha256-bVuzLs1ZVggJAbJmEDVO9G6p8BH3HRaolK70KXvnWnU=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "cf668f737ac986c0a89e83b6b2e3c5ddbd8cf33b",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2"
},
"locked": { "locked": {
"lastModified": 1669602829, "lastModified": 1669602829,
"narHash": "sha256-I3LBvBiVui4Rf0iQvTqUIgBovaLDzpOzsoNEzCsDowg=", "narHash": "sha256-I3LBvBiVui4Rf0iQvTqUIgBovaLDzpOzsoNEzCsDowg=",

View File

@ -7,13 +7,21 @@
crane = { crane = {
url = "github:ipetkov/crane"; url = "github:ipetkov/crane";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.rust-overlay.follows = "rust-overlay";
inputs.flake-utils.follows = "flake-utils";
}; };
nixpkgs-test.url = "github:RaitoBezarius/nixpkgs/experimental-secureboot"; nixpkgs-test.url = "github:RaitoBezarius/nixpkgs/experimental-secureboot";
rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
}; };
outputs = { self, nixpkgs, crane, nixpkgs-test, rust-overlay }: flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, crane, nixpkgs-test, rust-overlay, ... }:
let let
pkgs = import nixpkgs { pkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
@ -85,7 +93,10 @@
inherit lanzatool; inherit lanzatool;
}; };
nixosModules.lanzaboote = import ./nix/lanzaboote.nix; nixosModules.lanzaboote = { pkgs, lib, ... }: {
imports = [ ./nix/lanzaboote.nix ];
boot.lanzaboote.package = lib.mkDefault self.packages.${pkgs.system}.lanzatool;
};
packages.x86_64-linux = { packages.x86_64-linux = {
inherit lanzaboote lanzatool; inherit lanzaboote lanzatool;

View File

@ -12,17 +12,16 @@ in
enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl"; enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
pkiBundle = mkOption { pkiBundle = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null;
description = "PKI bundle containg db, PK, KEK"; description = "PKI bundle containg db, PK, KEK";
}; };
publicKeyFile = mkOption { publicKeyFile = mkOption {
type = types.path; type = types.path;
default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.pem" else null; default = "${cfg.pkiBundle}/keys/db/db.pem";
description = "Public key to sign your boot files"; description = "Public key to sign your boot files";
}; };
privateKeyFile = mkOption { privateKeyFile = mkOption {
type = types.path; type = types.path;
default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.key" else null; default = "${cfg.pkiBundle}/keys/db/db.key";
description = "Private key to sign your boot files"; description = "Private key to sign your boot files";
}; };
package = mkOption { package = mkOption {