patos/flake.nix

120 lines
4.7 KiB
Nix

{
description = "PatOS is a minimal, immutable Linux distribution specialized for the Patagia Platform.";
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs =
{
self,
flake-utils,
nixpkgs,
}:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgs = import nixpkgs { inherit system; };
patosPkgs = self.packages.${system};
version = "0.0.1";
secureBoot = "false";
cpuArch = "intel";
updateUrl = "http://10.0.2.2:8000/";
in
{
packages = {
default = patosPkgs.image;
image = pkgs.callPackage ./pkgs/image { inherit patosPkgs version updateUrl cpuArch secureBoot; };
rootfs = pkgs.callPackage ./pkgs/rootfs/mkrootfs.nix { inherit patosPkgs version; };
initrd = pkgs.callPackage ./pkgs/rootfs/mkinitrd.nix { inherit patosPkgs version; };
kernel = pkgs.callPackage ./pkgs/kernel { };
glibc = pkgs.callPackage ./pkgs/glibc { };
busybox = pkgs.callPackage ./pkgs/busybox { };
openssl = pkgs.callPackage ./pkgs/openssl { };
cert = pkgs.callPackage ./pkgs/cert { };
kexec = pkgs.callPackage ./pkgs/kexec-tools { };
lvm2 = pkgs.callPackage ./pkgs/lvm2 { };
tpm2-tools = pkgs.callPackage ./pkgs/tpm2-tools { inherit patosPkgs; };
tpm2-tss = pkgs.callPackage ./pkgs/tpm2-tss { };
systemd = pkgs.callPackage ./pkgs/systemd { };
dbus-broker = pkgs.callPackage ./pkgs/dbus-broker { };
qemu-uefi-tpm = pkgs.callPackage ./utils/qemu-uefi-tpm.nix { };
firewall-sysext = pkgs.callPackage ./lib/make-sysext.nix {
name = "firewall-tools";
version = "0.0.1";
packages = [
# network/firewalling
{ drv = pkgs.iproute2; path = "bin/"; }
{ drv = pkgs.nftables; path = "bin/"; }
{ drv = pkgs.wireguard-tools; path = "bin/.wg-wrapped"; destpath = "bin/wg"; }
# deps
{ drv = pkgs.nftables; path = "lib/"; }
{ drv = pkgs.libnftnl; path = "lib/"; }
{ drv = pkgs.iptables; path = "lib/"; }
{ drv = pkgs.libgcc.lib; path = "lib/"; }
{ drv = pkgs.libgcc; path = "lib/"; }
{ drv = pkgs.libmnl; path = "lib/"; }
{ drv = pkgs.gmp; path = "lib/"; }
{ drv = pkgs.jansson.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
{ drv = pkgs.libedit; path = "lib/"; }
];
};
debug-tools-sysext = pkgs.callPackage ./lib/make-sysext.nix {
name = "debug-tools";
version = "0.0.1";
packages = [
{ drv = pkgs.curl; path = "bin/"; }
{ drv = pkgs.bash; path = "bin/"; }
{ drv = pkgs.keyutils; path = "bin/"; }
{ drv = pkgs.gnutar; path = "bin/"; }
{ drv = pkgs.strace; path = "bin/"; }
{ drv = pkgs.cryptsetup; path = "bin/"; }
{ drv = pkgs.erofs-utils; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/"; }
{ drv = pkgs.util-linuxMinimal; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.mount; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.login; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.swap; path = "bin/"; }
{ drv = patosPkgs.glibc; path = "bin/ldd"; }
{ drv = patosPkgs.tpm2-tools; path = "bin/tpm2"; }
{ drv = patosPkgs.openssl; path = "bin/openssl"; }
# shared lib required for mkfs.erofs
{ drv = pkgs.lz4.lib; path = "lib/"; }
# shared lib required for cryptsetup
{ drv = pkgs.popt; path = "lib/"; }
# shared lib required for strace
{ drv = pkgs.elfutils.out; path = "lib/"; }
# shared lib required for bash
{ drv = pkgs.readline.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
];
};
};
checks = {
simple-test = pkgs.runCommand "simple-test" { } ''
${self.packages.${system}.default}/bin/my-program
touch $out
'';
};
formatter = pkgs.nixpkgs-fmt;
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
just
nixd
nixfmt-rfc-style
patosPkgs.qemu-uefi-tpm
];
};
}
);
}