Lumpiasty/klaster
0
0
Fork 0
Code Issues Pull Requests 4 Packages Projects Releases Wiki Activity

migrate from raw flake to devenv

Browse Source
This commit is contained in:
Lumpiasty
2026-02-01 01:59:03 +01:00
parent 547c7d9b11
commit b978c01af4
9 changed files with 183 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.envrc Normal file
View File

@@ -0,0 +1,12 @@
#!/usr/bin/env bash
export DIRENV_WARN_TIMEOUT=20s
eval "$(devenv direnvrc)"
# `use devenv` supports the same options as the `devenv shell` command.
#
# To silence all output, use `--quiet`.
#
# Example usage: use devenv --quiet --impure --option services.postgres.enable:bool true
use devenv

12
.gitignore vendored
View File

@@ -1,2 +1,12 @@
secrets.yaml secrets.yaml
talos/generated talos/generated
# Devenv
.devenv*
devenv.local.nix
devenv.local.yaml
# direnv
.direnv
# pre-commit
.pre-commit-config.yaml

4
.vscode/extensions.json vendored
View File

@@ -1,7 +1,7 @@
{ {
"recommendations": [ "recommendations": [
"arrterian.nix-env-selector",
"jnoortheen.nix-ide", "jnoortheen.nix-ide",
"detachhead.basedpyright" "detachhead.basedpyright",
"mkhl.direnv"
] ]
} }

9
.vscode/settings.json vendored
View File

@@ -1,13 +1,4 @@
{ {
"nixEnvSelector.nixFile": "${workspaceFolder}/shell.nix",
"terminal.integrated.profiles.linux": {
"Nix Shell": {
"path": "nix",
"args": ["develop"],
"icon": "terminal-linux"
}
},
"terminal.integrated.defaultProfile.linux": "Nix Shell",
"ansible.python.interpreterPath": "/bin/python", "ansible.python.interpreterPath": "/bin/python",
"python.defaultInterpreterPath": "${env:PYTHON_BIN}" "python.defaultInterpreterPath": "${env:PYTHON_BIN}"
} }

102
flake.lock → devenv.lock
View File

@@ -1,17 +1,34 @@
{ {
"nodes": { "nodes": {
"flake-compat": { "devenv": {
"locked": { "locked": {
"lastModified": 1733328505, "dir": "src/modules",
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "lastModified": 1769881431,
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "owner": "cachix",
"revCount": 69, "repo": "devenv",
"type": "tarball", "rev": "72d5e66e2dd5112766ef4c9565872b51094b542d",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" "type": "github"
}, },
"original": { "original": {
"type": "tarball", "dir": "src/modules",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.1.0.tar.gz" "owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1767039857,
"owner": "NixOS",
"repo": "flake-compat",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
} }
}, },
"flake-utils": { "flake-utils": {
@@ -20,7 +37,6 @@
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
@@ -32,6 +48,47 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1769069492,
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1762808025,
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "cb5e3fdca1de58ccbc3ef53de65bd372b48f567c",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"krew2nix": { "krew2nix": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
@@ -42,11 +99,10 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1751765453, "lastModified": 1769904483,
"narHash": "sha256-tgo3BwFM2UUYQz6dVARztbj5AjKfz4exlPxnKLS/ZRg=",
"owner": "a1994sc", "owner": "a1994sc",
"repo": "krew2nix", "repo": "krew2nix",
"rev": "11f66e65a0146645388eeab68b6212de0b732ed9", "rev": "17d6ad3375899bd3f7d4d298481536155f3ec13c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -57,11 +113,10 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1751637120, "lastModified": 1769461804,
"narHash": "sha256-xVNy/XopSfIG9c46nRmPaKfH1Gn/56vQ8++xWA8itO4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5c724ed1388e53cc231ed98330a60eb2f7be4be3", "rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -73,15 +128,18 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "devenv": "devenv",
"git-hooks": "git-hooks",
"krew2nix": "krew2nix", "krew2nix": "krew2nix",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"pre-commit-hooks": [
"git-hooks"
]
} }
}, },
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
@@ -96,7 +154,6 @@
"systems_2": { "systems_2": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
@@ -116,11 +173,10 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750931469, "lastModified": 1769691507,
"narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1", "rev": "28b19c5844cc6e2257801d43f2772a4b4c050a1b",
"type": "github" "type": "github"
}, },
"original": { "original": {

59
devenv.nix Normal file
View File

@@ -0,0 +1,59 @@
{ pkgs, lib, config, inputs, ... }:
let
# Python with hvac package
python = pkgs.python313.withPackages (python-pkgs: with python-pkgs; [
hvac
]);
in
{
# Overlays - apply krew2nix to get kubectl with krew support
overlays = [
inputs.krew2nix.overlay
];
# Environment variables
env = {
GREET = "devenv";
TALOSCONFIG = "${config.devenv.root}/talos/generated/talosconfig";
EDITOR = "vim";
RESTIC_REPOSITORY = "s3:https://s3.eu-central-003.backblazeb2.com/lumpiasty-backups";
VAULT_ADDR = "https://openbao.lumpiasty.xyz:8200";
PATH = "${config.devenv.root}/utils:${pkgs.coreutils}/bin";
PYTHON_BIN = "${python}/bin/python";
};
# Packages
packages = with pkgs; [
python
vim gnumake
talosctl cilium-cli
kubectx k9s kubernetes-helm
(kubectl.withKrewPlugins (plugins: with plugins; [
mayastor
openebs
]))
ansible
fluxcd
restic
openbao
pv-migrate
];
# Scripts
scripts.hello.exec = ''
echo hello from $GREET
'';
# Shell hooks
enterShell = ''
source ${pkgs.bash-completion}/share/bash-completion/bash_completion
echo "Environment ready!"
'';
# Tests
enterTest = ''
echo "Running tests"
git --version | grep --color=auto "${pkgs.git.version}"
'';
}

20
devenv.yaml Normal file
View File

@@ -0,0 +1,20 @@
# yaml-language-server: $schema=https://devenv.sh/devenv.schema.json
inputs:
nixpkgs:
url: github:NixOS/nixpkgs/nixos-unstable
krew2nix:
url: github:a1994sc/krew2nix
inputs:
nixpkgs:
follows: nixpkgs
# If you're using non-OSS software, you can set allowUnfree to true.
# allowUnfree: true
# If you're willing to use a package that's vulnerable
# permittedInsecurePackages:
# - "openssl-1.1.1w"
# If you have more than one devenv you can merge them
#imports:
# - ./backend

63
flake.nix
View File

@@ -1,63 +0,0 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# Only to ease updating flake.lock, flake-compat is used by shell.nix
flake-compat.url = https://flakehub.com/f/edolstra/flake-compat/1.1.0.tar.gz;
# Allows us to install krew plugins
krew2nix.url = "github:a1994sc/krew2nix";
krew2nix.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = { self, nixpkgs, krew2nix, ... }: let
system = "x86_64-linux";
in {
devShells."${system}".default =
let
pkgs = import nixpkgs {
overlays = [ krew2nix.overlay ];
inherit system;
};
python = (pkgs.python313.withPackages (python-pkgs: with python-pkgs; [
hvac
]));
in
pkgs.mkShell {
packages = with pkgs; [
python
vim gnumake
talosctl cilium-cli
kubectx k9s kubernetes-helm
(kubectl.withKrewPlugins (plugins: with plugins; [
mayastor
openebs
]))
ansible
fluxcd
restic
openbao
pv-migrate
];
shellHook = ''
# Get completions working
source ${pkgs.bash-completion}/share/bash-completion/bash_completion
export TALOSCONFIG=$(pwd)/talos/generated/talosconfig
export EDITOR=vim
export RESTIC_REPOSITORY=s3:https://s3.eu-central-003.backblazeb2.com/lumpiasty-backups
# export AWS_ACCESS_KEY_ID=?
# export AWS_SECRET_ACCESS_KEY=?
# export RESTIC_PASSWORD=?
export VAULT_ADDR=https://openbao.lumpiasty.xyz:8200
# Add scripts from utils subdir
export PATH="$PATH:$(pwd)/utils"
export PYTHON_BIN=${python}/bin/python
'';
};
};
}

15
shell.nix
View File

@@ -1,15 +0,0 @@
# Needed for Nix Environment Selector
# https://github.com/edolstra/flake-compat/
(import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
nodeName = lock.nodes.root.inputs.flake-compat;
in
fetchTarball {
url = lock.nodes.${nodeName}.locked.url;
sha256 = lock.nodes.${nodeName}.locked.narHash;
}
)
{ src = ./.; }
).shellNix