Merge pull request #25 from nix-community/flake
Deduplicate nixpkgs in Flakes Inputs
This commit is contained in:
commit
1a63419003
63
flake.lock
63
flake.lock
|
@ -3,11 +3,15 @@
|
||||||
"crane": {
|
"crane": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat",
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": [
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": [
|
||||||
|
"rust-overlay"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1669605882,
|
"lastModified": 1669605882,
|
||||||
|
@ -54,21 +58,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1659877975,
|
|
||||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1669535121,
|
"lastModified": 1669535121,
|
||||||
|
@ -101,60 +90,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1665296151,
|
|
||||||
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixpkgs-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"crane": "crane",
|
"crane": "crane",
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs-test": "nixpkgs-test",
|
"nixpkgs-test": "nixpkgs-test",
|
||||||
"rust-overlay": "rust-overlay_2"
|
"rust-overlay": "rust-overlay"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay": {
|
"rust-overlay": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": [
|
"flake-utils": [
|
||||||
"crane",
|
|
||||||
"flake-utils"
|
"flake-utils"
|
||||||
],
|
],
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"crane",
|
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
|
||||||
"lastModified": 1667487142,
|
|
||||||
"narHash": "sha256-bVuzLs1ZVggJAbJmEDVO9G6p8BH3HRaolK70KXvnWnU=",
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"rev": "cf668f737ac986c0a89e83b6b2e3c5ddbd8cf33b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"rust-overlay_2": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-utils": "flake-utils_2",
|
|
||||||
"nixpkgs": "nixpkgs_2"
|
|
||||||
},
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1669602829,
|
"lastModified": 1669602829,
|
||||||
"narHash": "sha256-I3LBvBiVui4Rf0iQvTqUIgBovaLDzpOzsoNEzCsDowg=",
|
"narHash": "sha256-I3LBvBiVui4Rf0iQvTqUIgBovaLDzpOzsoNEzCsDowg=",
|
||||||
|
|
17
flake.nix
17
flake.nix
|
@ -7,13 +7,21 @@
|
||||||
crane = {
|
crane = {
|
||||||
url = "github:ipetkov/crane";
|
url = "github:ipetkov/crane";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
inputs.rust-overlay.follows = "rust-overlay";
|
||||||
|
inputs.flake-utils.follows = "flake-utils";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs-test.url = "github:RaitoBezarius/nixpkgs/experimental-secureboot";
|
nixpkgs-test.url = "github:RaitoBezarius/nixpkgs/experimental-secureboot";
|
||||||
rust-overlay.url = "github:oxalica/rust-overlay";
|
rust-overlay = {
|
||||||
|
url = "github:oxalica/rust-overlay";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
inputs.flake-utils.follows = "flake-utils";
|
||||||
|
};
|
||||||
|
|
||||||
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, crane, nixpkgs-test, rust-overlay }:
|
outputs = { self, nixpkgs, crane, nixpkgs-test, rust-overlay, ... }:
|
||||||
let
|
let
|
||||||
pkgs = import nixpkgs {
|
pkgs = import nixpkgs {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
|
@ -85,7 +93,10 @@
|
||||||
inherit lanzatool;
|
inherit lanzatool;
|
||||||
};
|
};
|
||||||
|
|
||||||
nixosModules.lanzaboote = import ./nix/lanzaboote.nix;
|
nixosModules.lanzaboote = { pkgs, lib, ... }: {
|
||||||
|
imports = [ ./nix/lanzaboote.nix ];
|
||||||
|
boot.lanzaboote.package = lib.mkDefault self.packages.${pkgs.system}.lanzatool;
|
||||||
|
};
|
||||||
|
|
||||||
packages.x86_64-linux = {
|
packages.x86_64-linux = {
|
||||||
inherit lanzaboote lanzatool;
|
inherit lanzaboote lanzatool;
|
||||||
|
|
|
@ -12,17 +12,16 @@ in
|
||||||
enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
|
enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
|
||||||
pkiBundle = mkOption {
|
pkiBundle = mkOption {
|
||||||
type = types.nullOr types.path;
|
type = types.nullOr types.path;
|
||||||
default = null;
|
|
||||||
description = "PKI bundle containg db, PK, KEK";
|
description = "PKI bundle containg db, PK, KEK";
|
||||||
};
|
};
|
||||||
publicKeyFile = mkOption {
|
publicKeyFile = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.pem" else null;
|
default = "${cfg.pkiBundle}/keys/db/db.pem";
|
||||||
description = "Public key to sign your boot files";
|
description = "Public key to sign your boot files";
|
||||||
};
|
};
|
||||||
privateKeyFile = mkOption {
|
privateKeyFile = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.key" else null;
|
default = "${cfg.pkiBundle}/keys/db/db.key";
|
||||||
description = "Private key to sign your boot files";
|
description = "Private key to sign your boot files";
|
||||||
};
|
};
|
||||||
package = mkOption {
|
package = mkOption {
|
||||||
|
|
Loading…
Reference in New Issue