/ flake.nix
flake.nix
1 # This flake was initially generated by fh, the CLI for FlakeHub (version 0.1.22) 2 { 3 # A helpful description of your flake 4 description = "flake for my professional blog"; 5 6 # Flake inputs 7 inputs = { 8 pre-commit-hooks.url = "github:cachix/git-hooks.nix"; 9 sops-nix = { 10 url = "github:Mic92/sops-nix"; 11 inputs.nixpkgs.follows = "nixpkgs"; 12 }; 13 deploy-rs.url = "github:serokell/deploy-rs"; 14 flake-schemas.url = "https://flakehub.com/f/DeterminateSystems/flake-schemas/*"; 15 nixos-generators.url = "github:nix-community/nixos-generators"; 16 17 nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/*"; 18 }; 19 20 # Flake outputs that other flakes can use 21 outputs = 22 { 23 self, 24 flake-schemas, 25 nixpkgs, 26 pre-commit-hooks, 27 deploy-rs, 28 sops-nix, 29 nixos-generators 30 }: 31 let 32 # Helpers for producing system-specific outputs 33 supportedSystems = [ "x86_64-linux" ]; 34 forEachSupportedSystem = 35 f: 36 nixpkgs.lib.genAttrs supportedSystems ( 37 system: 38 f { 39 pkgs = import nixpkgs { inherit system; }; 40 } 41 ); 42 43 host = "jorgearaya.dev"; 44 in 45 { 46 # Schemas tell Nix about the structure of your flake's outputs 47 schemas = flake-schemas.schemas; 48 49 packages = forEachSupportedSystem ( 50 { pkgs }: 51 { 52 ## NOTE: `nix build .#digital-ocean` construye la imagen 53 digital-ocean = nixos-generators.nixosGenerate { 54 system = pkgs.system; 55 modules = [ 56 ./image.nix 57 ]; 58 format = "do"; 59 }; 60 } 61 ); 62 63 # Development environments 64 devShells = forEachSupportedSystem ( 65 { pkgs }: 66 { 67 default = pkgs.mkShell { 68 # Pinned packages available in the environment 69 packages = with pkgs; [ 70 nil 71 72 hugo 73 djlint 74 75 git 76 git-lfs 77 78 (pkgs.writeScriptBin "project-git-lfs-hook-installer" (builtins.readFile ./etc/scripts/lfs-hook.py)) 79 80 (pkgs.python312.withPackages ( 81 ps: with ps; [ 82 black 83 isort 84 ruff 85 python-lsp-server 86 python-lsp-black 87 python-lsp-ruff 88 pylsp-rope 89 ] 90 )) 91 ]; 92 93 shellHook = self.checks.${pkgs.system}.pre-commit-check.shellHook + '' 94 echo "Injecting Git LFS hooks..." 95 for hook in pre-push post-checkout post-commit post-merge; do 96 project-git-lfs-hook-installer --stage $hook 97 done''; 98 buildInputs = self.checks.${pkgs.system}.pre-commit-check.enabledPackages; 99 }; 100 } 101 ); 102 103 checks = forEachSupportedSystem ( 104 { pkgs }: 105 { 106 pre-commit-check = pre-commit-hooks.lib.${pkgs.system}.run { 107 src = ./.; 108 hooks = { 109 # check nix code 110 nil.enable = true; 111 # check that secrets aren't committed to the repository 112 pre-commit-hook-ensure-sops.enable = true; 113 ripsecrets.enable = true; 114 # self-explanatory 115 check-toml.enable = true; 116 # lint template files, go templates for my use-case 117 djlint = { 118 enable = true; 119 name = "djlint - template linter"; 120 entry = "${pkgs.djlint}/bin/djlint --profile=golang"; 121 files = "\\.html$"; 122 }; 123 # check markdown format is correct 124 markdownlint.enable = false; 125 # other checkers 126 check-case-conflicts.enable = true; 127 end-of-file-fixer.enable = true; 128 trim-trailing-whitespace.enable = true; 129 }; 130 }; 131 } 132 ); 133 134 nixosConfigurations.site = nixpkgs.lib.nixosSystem { 135 system = "x86_64-linux"; 136 modules = [ 137 sops-nix.nixosModules.sops 138 ./vps.nix 139 ]; 140 }; 141 142 deploy.nodes.site = { 143 hostname = host; 144 profiles.system = { 145 sshUser = "root"; 146 user = "root"; 147 path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.site; 148 }; 149 }; 150 }; 151 }