flake reorg

.github/workflows/ci.yml

@@ -1,23 +1,41 @@
 on: [push, pull_request]
 
-name: Continuous integration
+name: CI
 
 jobs:
-  build:
+  matrix:
     runs-on: ubuntu-latest
+    outputs:
+      check-matrix: ${{ steps.set-matrix.outputs.check-matrix }}
+      cross-matrix: ${{ steps.set-matrix.outputs.cross-matrix }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - uses: cachix/install-nix-action@v25
+      - uses: cachix/install-nix-action@v27
+      - id: set-matrix
+        run: |
+          echo "check-matrix={\"check\":$(nix eval --json '.#checks.x86_64-linux' --apply 'builtins.attrNames')}" | tee -a $GITHUB_OUTPUT
+          echo "cross-matrix={\"include\":$(nix eval --json '.#lib.crossMatrix')}" | tee -a $GITHUB_OUTPUT
+
+  checks:
+    runs-on: ubuntu-latest
+    needs: [matrix]
+    strategy:
+      fail-fast: false
+      matrix: ${{fromJson(needs.matrix.outputs.check-matrix)}}
+    name: ${{ matrix.check }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: cachix/install-nix-action@v26
       - uses: icewind1991/attic-action@v1
         with:
           name: ci
           instance: https://cache.icewind.me
-          authToken: '${{ secrets.ATTIC_TOKEN }}'
+          authToken: "${{ secrets.ATTIC_TOKEN }}"
-      - run: nix build
+      - run: nix build .#checks.x86_64-linux.${{ matrix.check }}
 
   docker:
     runs-on: ubuntu-latest
-    needs: build
+    needs: checks
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
@@ -26,7 +44,7 @@ jobs:
         with:
           name: ci
           instance: https://cache.icewind.me
-          authToken: '${{ secrets.ATTIC_TOKEN }}'
+          authToken: "${{ secrets.ATTIC_TOKEN }}"
       - run: nix build .#docker
       - name: Push image
         if: github.ref == 'refs/heads/master'

README.md

@@ -1,6 +1,6 @@
 # Tasproxy
 
-Auto-discovery reverse proxy for [tasmota](https://tasmota.github.io/docs/) 
+Auto-discovery reverse proxy for [tasmota](https://tasmota.github.io/docs/)
 
 ## Why
 
@@ -24,10 +24,10 @@ Run the binary with the following environment variables
 
 You can also configure the proxy to send HTTP Basic authentication to the tasmota devices by setting the `TASMOTA_USERNAME` and `TASMOTA_PASSWORD` environment variables.
 
-Setup dns/hosts/etc to point *.example.com to the server running this binary
+Setup dns/hosts/etc to point `*.example.com` to the server running this binary
 
 ## Usage
 
 The proxy server will use MQTT to discover and gather the ip addresses of your tasmota devices.
 
-Any request made to `%hostname%.example.com` will be proxied to the tasmota device with the corresponding topic. 
+Any request made to `%hostname%.example.com` will be proxied to the tasmota device with the corresponding topic.

docker.nix

@@ -1,6 +1,5 @@
-{
+{ dockerTools
-  dockerTools,
+, tasproxy
-  tasproxy,
 }:
 dockerTools.buildLayeredImage {
   name = "icewind1991/tasproxy";
@@ -11,9 +10,9 @@ dockerTools.buildLayeredImage {
     dockerTools.caCertificates
   ];
   config = {
-    Cmd = ["tasproxy"];
+    Cmd = [ "tasproxy" ];
     ExposedPorts = {
-      "80/tcp" = {};
+      "80/tcp" = { };
     };
   };
 }

flake.lock

@@ -1,56 +1,103 @@
 {
   "nodes": {
-    "flake-utils": {
+    "crane": {
-      "inputs": {
-        "systems": "systems"
-      },
       "locked": {
-        "lastModified": 1710146030,
+        "lastModified": 1727060013,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "narHash": "sha256-/fC5YlJy4IoAW9GhkJiwyzk0K/gQd9Qi4rRcoweyG9E=",
-        "owner": "numtide",
+        "owner": "ipetkov",
-        "repo": "flake-utils",
+        "repo": "crane",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "rev": "6b40cc876c929bfe1e3a24bf538ce3b5622646ba",
         "type": "github"
       },
       "original": {
-        "owner": "numtide",
+        "owner": "ipetkov",
-        "repo": "flake-utils",
+        "repo": "crane",
+        "type": "github"
+      }
+    },
+    "flakelight": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1729514458,
+        "narHash": "sha256-e4Yf5Jo9ouojCVxTVugGfOtYk75xuA22/qrRXrxmFwI=",
+        "owner": "nix-community",
+        "repo": "flakelight",
+        "rev": "adffa2b3413adedae6ce5b685ca85c4a0c56f32f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "flakelight",
+        "type": "github"
+      }
+    },
+    "mill-scale": {
+      "inputs": {
+        "crane": "crane",
+        "flakelight": [
+          "flakelight"
+        ],
+        "rust-overlay": "rust-overlay"
+      },
+      "locked": {
+        "lastModified": 1729438560,
+        "narHash": "sha256-tVsGuad1QIoDJlM8aI3jJD5coG9Xgn2RYr+qgbeOzEU=",
+        "owner": "icewind1991",
+        "repo": "mill-scale",
+        "rev": "25737430ec43c29beb2158f1179983824161161a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "icewind1991",
+        "repo": "mill-scale",
         "type": "github"
       }
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1714971268,
+        "lastModified": 1729973466,
-        "narHash": "sha256-IKwMSwHj9+ec660l+I4tki/1NRoeGpyA2GdtdYpAgEw=",
+        "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "27c13997bf450a01219899f5a83bd6ffbfc70d3c",
+        "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
         "type": "github"
       },
       "original": {
         "id": "nixpkgs",
-        "ref": "nixos-23.11",
+        "ref": "nixos-24.05",
         "type": "indirect"
       }
     },
     "root": {
       "inputs": {
-        "flake-utils": "flake-utils",
+        "flakelight": "flakelight",
+        "mill-scale": "mill-scale",
         "nixpkgs": "nixpkgs"
       }
     },
-    "systems": {
+    "rust-overlay": {
+      "inputs": {
+        "nixpkgs": [
+          "mill-scale",
+          "flakelight",
+          "nixpkgs"
+        ]
+      },
       "locked": {
-        "lastModified": 1681028828,
+        "lastModified": 1727058553,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "narHash": "sha256-tY/UU3Qk5gP/J0uUM4DZ6wo4arNLGAVqLKBotILykfQ=",
-        "owner": "nix-systems",
+        "owner": "oxalica",
-        "repo": "default",
+        "repo": "rust-overlay",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "rev": "edc5b0f896170f07bd39ad59d6186fcc7859bbb2",
         "type": "github"
       },
       "original": {
-        "owner": "nix-systems",
+        "owner": "oxalica",
-        "repo": "default",
+        "repo": "rust-overlay",
         "type": "github"
       }
     }

flake.nix

@@ -1,46 +1,36 @@
 {
   inputs = {
-    nixpkgs.url = "nixpkgs/nixos-23.11";
+    nixpkgs.url = "nixpkgs/nixos-24.05";
-    flake-utils.url = "github:numtide/flake-utils";
+    flakelight = {
-  };
+      url = "github:nix-community/flakelight";
-
+      inputs.nixpkgs.follows = "nixpkgs";
-  outputs = {
-    self,
-    nixpkgs,
-    flake-utils,
-  }:
-    flake-utils.lib.eachDefaultSystem (
-      system: let
-        overlays = [
-          (import ./overlay.nix)
-        ];
-        pkgs = (import nixpkgs) {
-          inherit system overlays;
-        };
-      in rec {
-        packages = rec {
-          tasproxy = pkgs.tasproxy;
-          docker = pkgs.callPackage ./docker.nix {};
-          default = tasproxy;
-        };
-        devShell = pkgs.mkShell {
-          nativeBuildInputs = with pkgs; [rustc cargo bacon cargo-edit cargo-outdated clippy];
-        };
-      }
-    )
-    // {
-      overlays.default = import ./overlay.nix;
-      nixosModules.default = {
-        pkgs,
-        config,
-        lib,
-        ...
-      }: {
-        imports = [./module.nix];
-        config = lib.mkIf config.services.tasproxy.enable {
-          nixpkgs.overlays = [self.overlays.default];
-          services.tasproxy.package = lib.mkDefault pkgs.tasproxy;
-        };
-      };
     };
+    mill-scale = {
+      url = "github:icewind1991/mill-scale";
+      inputs.flakelight.follows = "flakelight";
+    };
+  };
+  outputs = { mill-scale, ... }: mill-scale ./. {
+    packages = {
+      tasproxy = import ./package.nix;
+      docker = import ./docker.nix;
+    };
+
+    withOverlays = import ./overlay.nix;
+
+    nixosModules = { outputs, ... }: {
+      default =
+        { pkgs
+        , config
+        , lib
+        , ...
+        }: {
+          imports = [ ./module.nix ];
+          config = lib.mkIf config.services.tasproxy.enable {
+            nixpkgs.overlays = [ outputs.overlays.default ];
+            services.tasproxy.package = lib.mkDefault pkgs.tasproxy;
+          };
+        };
+    };
+  };
 }

module.nix

@@ -1,12 +1,12 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
 }:
 with lib; let
   cfg = config.services.tasproxy;
-in {
+in
+{
   options.services.tasproxy = {
     enable = mkEnableOption "Log archiver";
 
@@ -36,7 +36,7 @@ in {
 
   config = mkIf cfg.enable {
     systemd.services."tasproxy" = {
-      wantedBy = ["multi-user.target"];
+      wantedBy = [ "multi-user.target" ];
       environment =
         if cfg.enableUnixSocket
         then {
@@ -70,7 +70,7 @@ in {
         RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX";
         RestrictRealtime = true;
         ProtectProc = "noaccess";
-        SystemCallFilter = ["@system-service" "~@resources" "~@privileged"];
+        SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
         IPAddressDeny = "multicast";
         PrivateUsers = true;
         ProcSubset = "pid";

overlay.nix

@@ -1,3 +1,3 @@
 final: prev: {
-  tasproxy = final.callPackage ./package.nix {};
+  tasproxy = final.callPackage ./package.nix { };
 }

package.nix

@@ -1,18 +1,18 @@
-{
+{ stdenv
-  stdenv,
+, rustPlatform
-  rustPlatform,
+, lib
-  lib,
+}:
-}: let
+let
   inherit (lib.sources) sourceByRegex;
-  src = sourceByRegex ./. ["Cargo.*" "(src)(/.*)?"];
+  src = sourceByRegex ./. [ "Cargo.*" "(src)(/.*)?" ];
 in
-  rustPlatform.buildRustPackage rec {
+rustPlatform.buildRustPackage rec {
-    pname = "tasproxy";
+  pname = "tasproxy";
-    version = "0.1.0";
+  version = "0.1.0";
 
-    inherit src;
+  inherit src;
 
-    cargoLock = {
+  cargoLock = {
-      lockFile = ./Cargo.lock;
+    lockFile = ./Cargo.lock;
-    };
+  };
-  }
+}