julian/fdroid-frajul
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switch from devenv to flake

Browse Source
This commit is contained in:
Julian Mutter
2026-06-21 13:20:51 +02:00
parent 4e820ea09a
commit 66057f4e3c
6 changed files with 113 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.envrc
+1 -10
View File
@@ -1,10 +1 @@
export DIRENV_WARN_TIMEOUT=20s
eval "$(devenv direnvrc)"
# `use devenv` supports the same options as the `devenv shell` command.
#
# To silence the output, use `--quiet`.
#
# Example usage: use devenv --quiet --impure --option services.postgres.enable:bool true
use devenv
use flake
devenv.lock
-102
View File
@@ -1,102 +0,0 @@
{
"nodes": {
"devenv": {
"locked": {
"dir": "src/modules",
"lastModified": 1781195293,
"narHash": "sha256-C9OFghpvf3RzK2rGsZjjNNrTrHgFOecEkpDhFnU4QGs=",
"owner": "cachix",
"repo": "devenv",
"rev": "5f5109c83854577191634f7b86fc6e0c8fd44964",
"type": "github"
},
"original": {
"dir": "src/modules",
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"mk-shell-bin": {
"locked": {
"lastModified": 1677004959,
"narHash": "sha256-/uEkr1UkJrh11vD02aqufCxtbF5YnhRTIKlx5kyvf+I=",
"owner": "rrbutani",
"repo": "nix-mk-shell-bin",
"rev": "ff5d8bd4d68a347be5042e2f16caee391cd75887",
"type": "github"
},
"original": {
"owner": "rrbutani",
"repo": "nix-mk-shell-bin",
"type": "github"
}
},
"nix2container": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1775487831,
"narHash": "sha256-2lguQpLPQaxpQCJjXhmEEAfabwsAhkP29Z7fgLzHARA=",
"owner": "nlewo",
"repo": "nix2container",
"rev": "76be9608a7f4d6c985d28b0e7be903ae2547df3e",
"type": "github"
},
"original": {
"owner": "nlewo",
"repo": "nix2container",
"type": "github"
}
},
"nixpkgs": {
"inputs": {
"nixpkgs-src": "nixpkgs-src"
},
"locked": {
"lastModified": 1778507786,
"narHash": "sha256-HzSQCKMsMr8r55LwM1JuzIOB+8bzk0FEv6sItKvsfoY=",
"owner": "cachix",
"repo": "devenv-nixpkgs",
"rev": "8f24a228a782e24576b155d1e39f0d914b380691",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "rolling",
"repo": "devenv-nixpkgs",
"type": "github"
}
},
"nixpkgs-src": {
"flake": false,
"locked": {
"lastModified": 1778274207,
"narHash": "sha256-I4puXmX1iovcCHZlRmztO3vW0mAbbRvq4F8wgIMQ1MM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b3da656039dc7a6240f27b2ef8cc6a3ef3bccae7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"mk-shell-bin": "mk-shell-bin",
"nix2container": "nix2container",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
devenv.nix
-41
View File
@@ -1,41 +0,0 @@
{pkgs, ...}: {
packages = with pkgs; [
coreutils
curl
fdroidserver
sops
git
cacert
jq
];
scripts = {
deploy-docker.exec = ''
devenv container copy processes
'';
};
services.nginx = {
enable = true;
httpConfig = builtins.readFile ./hosting/nginx-http.conf;
};
processes.updater.exec = ''
while true; do
${pkgs.writeShellScript "run-updater" (builtins.readFile ./hosting/update.sh)}
echo "Sleeping for 30 minutes..."
sleep 1800
done
'';
# environment variables for sops
# SOPS_PGP_FP
containers."processes" = {
name = "gitlab.julian-mutter.de/julian/fdroid-frajul";
registry = "docker://";
copyToRoot = []; # avoid copying this repo
maxLayers = 10;
};
}
devenv.yaml
-10
View File
@@ -1,10 +0,0 @@
inputs:
mk-shell-bin:
url: github:rrbutani/nix-mk-shell-bin
nix2container:
url: github:nlewo/nix2container
inputs:
nixpkgs:
follows: nixpkgs
nixpkgs:
url: github:cachix/devenv-nixpkgs/rolling
flake.lock
Generated
+27
View File
@@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1781577229,
"narHash": "sha256-lrp67w8AulE9Ks53n27I45ADSzbOCn4H+CNW1Ck8B+8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "567a49d1913ce81ac6e9582e3553dd90a955875f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
flake.nix
+85
View File
@@ -0,0 +1,85 @@
{
description = "Docker image with Nginx, F-Droid, and a 30-minute periodic task";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs = {nixpkgs, ...}: let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
periodicScript = pkgs.writeShellScript "run-update" (builtins.readFile ./hosting/update.sh);
caddyConfig = ./hosting/Caddyfile;
entrypoint = pkgs.writeShellScript "entrypoint" ''
# Ensure necessary directories exist
mkdir -p /repo/fdroid/repo /tmp/caddy_data /tmp/caddy_config
# Start the background loop (1800 seconds = 30 minutes)
echo "Starting 30-minute background loop..."
while true; do
${periodicScript}
${pkgs.coreutils}/bin/sleep 1800
done &
# Set environment variables so Caddy writes its state to /tmp instead of /root
export XDG_DATA_HOME=/tmp/caddy_data
export XDG_CONFIG_HOME=/tmp/caddy_config
# Start Caddy in the foreground
echo "Starting Caddy..."
exec ${pkgs.caddy}/bin/caddy run --config ${caddyConfig} --adapter caddyfile
'';
deploy-script = pkgs.writeShellScriptBin "deploy" ''
${pkgs.nix}/bin/nix build .#container
${pkgs.skopeo}/bin/skopeo copy \
--registries-conf /dev/null \
docker-archive:result \
docker://gitlab.julian-mutter.de/julian/fdroid-frajul:latest
'';
dockerImage = pkgs.dockerTools.buildLayeredImage {
name = "gitlab.julian-mutter.de/julian/fdroid-frajul";
tag = "latest";
contents = with pkgs; [
coreutils
bashInteractive
caddy
dockerTools.fakeNss # Provides fake /etc/passwd for basic user emulation
dockerTools.usrBinEnv
dockerTools.binSh
dockerTools.caCertificates
fdroidserver
jq
curl
sops
git
];
config = {
Cmd = ["${entrypoint}"];
WorkingDir = "/src";
ExposedPorts = {
"8080/tcp" = {};
};
};
maxLayers = 10;
};
in {
# nix build .#container
# docker load < result
packages.${system}.container = dockerImage;
devShells.${system}.default = pkgs.mkShell {
packages = [
deploy-script
pkgs.skopeo
];
};
};
}