-
-
Notifications
You must be signed in to change notification settings - Fork 9
/
flake.nix
122 lines (107 loc) · 4.47 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
{
description = "A very basic flake";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs";
};
outputs = { self, nixpkgs, ... }:
let inherit (nixpkgs) lib; in
{
nixosModules = {
ec2-instance-connect = ./modules/ec2-instance-connect.nix;
legacyAmazonProfile = nixpkgs + "nixos/modules/virtualisation/amazon-image.nix";
legacyAmazonImage = nixpkgs + "/nixos/maintainers/scripts/ec2/amazon-image.nix";
amazonProfile = ./modules/amazon-profile.nix;
amazonImage = ./modules/amazon-image.nix;
mock-imds = ./modules/mock-imds.nix;
version = { config, ... }: {
system.stateVersion = config.system.nixos.release;
# NOTE: This will cause an image to be built per commit.
# system.nixos.versionSuffix = lib.mkForce
# ".${lib.substring 0 8 (nixpkgs.lastModifiedDate or nixpkgs.lastModified or "19700101")}.${nixpkgs.shortRev}.${lib.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}.${self.shortRev or "dirty"}";
};
};
lib.supportedSystems = [ "aarch64-linux" "x86_64-linux" "aarch64-darwin" ];
packages = lib.genAttrs self.lib.supportedSystems (system:
let pkgs = nixpkgs.legacyPackages.${system}; in {
ec2-instance-connect = pkgs.callPackage ./packages/ec2-instance-connect.nix { };
amazon-ec2-metadata-mock = pkgs.buildGoModule rec {
pname = "amazon-ec2-metadata-mock";
version = "1.11.2";
doCheck = false; # check is flakey
src = pkgs.fetchFromGitHub {
owner = "aws";
repo = "amazon-ec2-metadata-mock";
rev = "v${version}";
hash = "sha256-hYyJtkwAzweH8boUY3vrvy6Ug+Ier5f6fvR52R+Di8o=";
};
vendorHash = "sha256-T45abGVoiwxAEO60aPH3hUqiH6ON3aRhkrOFcOi+Bm8=";
};
upload-ami = pkgs.python3Packages.callPackage ./upload-ami { };
amazonImage = (nixpkgs.lib.nixosSystem {
specialArgs.selfPackages = self.packages.${system};
pkgs = nixpkgs.legacyPackages.${system};
modules = [
self.nixosModules.ec2-instance-connect
self.nixosModules.amazonImage
self.nixosModules.version
];
}).config.system.build.amazonImage;
legacyAmazonImage = (lib.nixosSystem {
specialArgs.selfPackages = self.packages.${system};
pkgs = nixpkgs.legacyPackages.${system};
modules = [
self.nixosModules.legacyAmazonImage
{
boot.loader.grub.enable = false;
boot.loader.systemd-boot.enable = true;
}
{ ec2.efi = true; amazonImage.sizeMB = "auto"; }
self.nixosModules.version
];
}).config.system.build.amazonImage;
});
apps = lib.genAttrs self.lib.supportedSystems (system:
let
upload-ami = self.packages.${system}.upload-ami;
mkApp = name: _: { type = "app"; program = "${upload-ami}/bin/${name}"; };
in
lib.mapAttrs mkApp self.packages.${system}.upload-ami.passthru.pyproject.project.scripts
);
# TODO: unfortunately I don't have access to a aarch64-linux hardware with virtualisation support
checks = lib.genAttrs [ "x86_64-linux" ] (system:
let
pkgs = nixpkgs.legacyPackages.${system};
config = {
node.pkgs = pkgs;
node.specialArgs.selfPackages = self.packages.${system};
defaults = { name, ... }: {
imports = [
self.nixosModules.version
self.nixosModules.amazonImage
self.nixosModules.mock-imds
];
# Needed because test framework insists on having a hostName
networking.hostName = "";
};
};
in
{
resize-partition = lib.nixos.runTest {
hostPkgs = pkgs;
imports = [ config ./tests/resize-partition.nix ];
};
ec2-metadata = lib.nixos.runTest {
hostPkgs = pkgs;
imports = [ config ./tests/ec2-metadata.nix ];
};
});
devShells = lib.genAttrs [ "x86_64-linux" "aarch64-darwin" ] (system: {
default = let pkgs = nixpkgs.legacyPackages.${system}; in pkgs.mkShell {
nativeBuildInputs = [
pkgs.awscli2
pkgs.opentofu
];
};
});
};
}