flake cleanup

2026-06-03 18:24:12 +02:00 · 2024-11-24 20:44:30 +01:00 · 2024-11-24 20:44:30 +01:00 · b9b74904ca
commit b9b74904ca
parent 96907a8983
7 changed files with 6 additions and 214 deletions
--- a/flake.lock
+++ b/flake.lock
@ -41,8 +41,8 @@
        "rust-overlay": "rust-overlay"
      },
      "locked": {
-        "lastModified": 1732212005,
-        "narHash": "sha256-t2+yKoxZe2JkvyHkJAAyyLS6N8yzyx0o95DuzHqv7JA=",
+        "lastModified": 1732308743,
+        "narHash": "sha256-z9tk/ssnvmd3zZCaYWtycTAD/7X7jSJX2btO7QO4y1I=",
        "path": "/home/robin/Projects/mill-scale",
        "type": "path"
      },
--- a/flake.nix
+++ b/flake.nix
@ -35,7 +35,7 @@
      (final: prev: {
        demostf-frontend-toolchain = final.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
      })
-      (import ./overlay.nix)
+      (import ./nix/overlay.nix)
    ];
    toolchain = pkgs: pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
    tools = pkgs: with pkgs; [
--- a/flake_.nix
+++ b/flake_.nix
@ -1,86 +0,0 @@
-{
-  inputs = {
-    utils.url = "github:numtide/flake-utils";
-    nixpkgs.url = "nixpkgs/release-24.05";
-    rust-overlay.url = "github:oxalica/rust-overlay";
-    npmlock2nix.url = "github:nix-community/npmlock2nix";
-    npmlock2nix.flake = false;
-    flocken = {
-      url = "github:mirkolenz/flocken/v2";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-  };
-
-  outputs =
-    { self
-    , nixpkgs
-    , utils
-    , rust-overlay
-    , npmlock2nix
-    , flocken
-    ,
-    }:
-    utils.lib.eachDefaultSystem
-      (system:
-      let
-        overlays = [
-          (import rust-overlay)
-          (final: prev: {
-            npmlock2nix = final.callPackage npmlock2nix { };
-          })
-          (import ./overlay.nix)
-          (final: prev: {
-            demostf-frontend-toolchain = final.rust-bin.nightly."2024-06-04".default;
-          })
-        ];
-        pkgs = (import nixpkgs) {
-          inherit system overlays;
-        };
-        inherit (flocken.legacyPackages.${system}) mkDockerManifest;
-        inherit (builtins) fromTOML readFile;
-        version = (fromTOML (readFile ./Cargo.toml)).package.version;
-      in
-      rec {
-        packages = rec {
-          node_modules = pkgs.demostf-frontend-node-modules;
-          frontend = pkgs.demostf-frontend;
-          docker = pkgs.demostf-frontend-docker;
-          default = frontend;
-
-          dockerManifest = mkDockerManifest {
-            tags = [ "latest" ];
-            registries = {
-              "docker.io" = {
-                enable = true;
-                repo = "demostf/frontend";
-                username = "$DOCKERHUB_USERNAME";
-                password = "$DOCKERHUB_TOKEN";
-              };
-            };
-            inherit version;
-            images = with self.packages; [ x86_64-linux.docker aarch64-linux.docker ];
-          };
-        };
-        devShells.default = pkgs.mkShell {
-          OPENSSL_NO_VENDOR = 1;
-
-          nativeBuildInputs = with pkgs; [
-            demostf-frontend-toolchain
-            bacon
-            cargo-edit
-            cargo-outdated
-            clippy
-            cargo-audit
-            cargo-watch
-            pkg-config
-            openssl
-            nodejs
-            nodePackages.svgo
-            typescript
-            sqlx-cli
-          ];
-        };
-      }) // {
-      overlays.default = import ./overlay.nix;
-    };
-}
--- a/module.nix
+++ b/module.nix
@ -1,122 +0,0 @@
-{ config
-, lib
-, pkgs
-, ...
-}:
-with lib; let
-  format = pkgs.formats.toml { };
-  configFile = format.generate "demostf-frontend.toml" {
-    output.target = cfg.outputPath;
-    mqtt = {
-      inherit (cfg.mqtt) hostname port username;
-      "password-file" = "$CREDENTIALS_DIRECTORY/mqtt_password";
-    };
-    device."password-file" = "$CREDENTIALS_DIRECTORY/device_password";
-  };
-  cfg = config.services.demostf-frontend;
-in
-{
-  options.services.demostf-frontend = {
-    enable = mkEnableOption "Log archiver";
-
-    outputPath = mkOption {
-      type = types.str;
-      description = "Directory to save the backups into";
-    };
-
-    mqtt = mkOption {
-      type = types.submodule {
-        options = {
-          hostname = mkOption {
-            type = types.str;
-            description = "MQTT hostname";
-          };
-          port = mkOption {
-            type = types.port;
-            default = 1883;
-            description = "MQTT port";
-          };
-          username = mkOption {
-            type = types.str;
-            description = "MQTT username";
-          };
-          passwordFile = mkOption {
-            type = types.str;
-            description = "File containing the MQTT password";
-          };
-        };
-      };
-      description = "MQTT options";
-    };
-
-    devicePasswordFile = mkOption {
-      type = types.str;
-      description = "File containing the device password";
-    };
-
-    interval = mkOption {
-      type = types.str;
-      default = "daily";
-      description = "Interval to run the backup";
-    };
-
-    package = mkOption {
-      type = types.package;
-      defaultText = literalExpression "pkgs.tasproxy";
-      description = "package to use";
-    };
-  };
-
-  config = mkIf cfg.enable {
-    systemd.services."demostf-frontend" = {
-      description = "Backup tasmota configurations";
-
-      serviceConfig = {
-        ExecStart = "${cfg.package}/bin/demostf-frontend ${configFile}";
-        LoadCredential = [
-          "mqtt_password:${cfg.mqtt.passwordFile}"
-          "device_password:${cfg.devicePasswordFile}"
-        ];
-        ReadWritePaths = [ cfg.outputPath ];
-        Restart = "on-failure";
-        DynamicUser = true;
-        PrivateTmp = true;
-        ProtectSystem = "strict";
-        ProtectHome = true;
-        NoNewPrivileges = true;
-        PrivateDevices = true;
-        ProtectClock = true;
-        CapabilityBoundingSet = true;
-        ProtectKernelLogs = true;
-        ProtectControlGroups = true;
-        SystemCallArchitectures = "native";
-        ProtectKernelModules = true;
-        RestrictNamespaces = true;
-        MemoryDenyWriteExecute = true;
-        ProtectHostname = true;
-        LockPersonality = true;
-        ProtectKernelTunables = true;
-        RestrictAddressFamilies = "AF_INET AF_INET6";
-        RestrictRealtime = true;
-        ProtectProc = "noaccess";
-        SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
-        IPAddressDeny = "multicast";
-        PrivateUsers = true;
-        ProcSubset = "pid";
-        RuntimeDirectory = "demostf-frontend";
-        RestrictSUIDSGID = true;
-      };
-    };
-
-    systemd.timers."demostf-frontend" = {
-      inherit (config.systemd.services."demostf-frontend") description;
-
-      enable = true;
-      wantedBy = [ "multi-user.target" ];
-      timerConfig = {
-        OnCalendar = cfg.interval;
-        RandomizedDelaySec = "15m";
-      };
-    };
-  };
-}
--- a/nix/node_modules.nix
+++ b/nix/node_modules.nix
@ -7,6 +7,6 @@ let
  inherit (lib.sources) sourceByRegex;
 in
 npmlock2nix.v2.node_modules {
-  src = sourceByRegex ./. [ "package.*" ];
+  src = sourceByRegex ../. [ "package.*" ];
  nodejs = nodejs_20;
 }
--- a/nix/overlay.nix
+++ b/nix/overlay.nix
--- a/nix/package.nix
+++ b/nix/package.nix
@ -18,7 +18,7 @@ rustPlatform.buildRustPackage rec {
  pname = "demostf-frontend";
  version = "0.1.0";

-  src = sourceByRegex ./. [ "Cargo.*" "(src|build|images|script|style|.sqlx)(/.*)?" ];
+  src = sourceByRegex ../. [ "Cargo.*" "(src|build|images|script|style|.sqlx)(/.*)?" ];

  buildInputs = [ openssl ];

@ -31,7 +31,7 @@ rustPlatform.buildRustPackage rec {
  doCheck = false;

  cargoLock = {
-    lockFile = ./Cargo.lock;
+    lockFile = ../Cargo.lock;
    outputHashes = {
      "jsx-dom-expressions-0.1.0" = "sha256-5TN9FBfPYznTkpL9ZtnKv3RghX7r8c2WvSL1sc+F0cw=";
    };