dahjah/headplane
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

feat: wip nix

Browse Source 
Add initial code to be used when working with `nix` and `NixOS`.

* a Nix flake
* building a package
* a NixOS module
This commit is contained in:
Igor Ramazanov 2025-03-11 15:49:08 +00:00
parent 45537620a6
commit 8c79c4ff04
5 changed files with 251 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.envrc Normal file
View File

@ -0,0 +1 @@
use_flake

82
flake.lock generated Normal file
View File

@ -0,0 +1,82 @@
{
"nodes": {
"devshell": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1741646908,
"narHash": "sha256-55a1x5k+oFY2QCFjj7Mn5nPa8Do0shVl0m280mOAW/Q=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ab0c5b18dab5e4b5d06ed679f8fd7cdc9970c4be",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

62
flake.nix Normal file
View File

@ -0,0 +1,62 @@
rec {
description = "headplane";
inputs = {
devshell = {
inputs.nixpkgs.follows = "nixpkgs";
url = "github:numtide/devshell";
};
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
};
outputs = {
devshell,
flake-utils,
nixpkgs,
...
}:
flake-utils.lib.eachSystem [
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
]
(system: let
pkgs = import nixpkgs {
inherit system;
overlays = [devshell.overlays.default];
};
headplane = pkgs.callPackage ./nix/package.nix {};
in {
formatter = pkgs.alejandra;
packages = {
inherit headplane;
default = headplane;
};
devShell = pkgs.devshell.mkShell rec {
name = description;
motd = let
providedPackages =
pkgs.lib.fold
(pkg: acc: acc + "\n\t* ${pkgs.lib.getName pkg}")
""
packages;
in ''
Entered '${description}' development environment.
Provided packages:
${providedPackages}
'';
packages = [
pkgs.nodejs-slim_22
pkgs.pnpm_10
pkgs.typescript-language-server
];
env = [];
};
})
// {
overlays.default = final: prev: {headplane = final.callPackage ./nix/package.nix {};};
nixosModules.headplane = import ./nix/module.nix;
};
}

53
nix/module.nix Normal file
View File

@ -0,0 +1,53 @@
{
config,
pkgs,
lib,
...
}: let
inherit
(lib)
mapAttrs
mkEnableOption
mkIf
mkOption
mkPackageOption
types
;
cfg = config.services.headplane;
in {
options.services.headplane = {
enable = mkEnableOption "headplane";
package = mkPackageOption pkgs "headplane" {};
settings = mkOption {
type = with types; attrsOf (oneOf [str int]);
default = {};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [cfg.package];
systemd.services.headplane = {
description = "Headscale Web UI";
wantedBy = ["multi-user.target"];
# TODO: Integrate with `headscale` service.
after = ["network.target"];
environment = mapAttrs (_: toString) cfg.settings;
serviceConfig = {
User = config.services.headscale.user;
Group = config.services.headscale.group;
ExecStart = "${pkgs.headplane}/bin/headplane";
Restart = "always";
RestartSec = 5;
# TODO: Harden `systemd` security according to the "The Principle of Least Power".
# See: `$ systemd-analyze security headplane`.
};
};
};
}

53
nix/package.nix Normal file
View File

@ -0,0 +1,53 @@
{
git,
lib,
makeWrapper,
nodejs_22,
pnpm_10,
stdenv,
...
}:
stdenv.mkDerivation (finalAttrs: {
pname = "headplane";
# TODO: take the latest `git tag`, if commits do not match, append `-SNAPSHOT`.
version = "0.5.3";
# TODO: requires `.git` directory.
src = ../.;
nativeBuildInputs = [
makeWrapper
nodejs_22
pnpm_10.configHook
git
];
dontCheckForBrokenSymlinks = true;
pnpmDeps = pnpm_10.fetchDeps {
inherit (finalAttrs) pname version src;
hash = "sha256-j+3fcxukK19fXVIlVe+tXenYf28MylHy+/qHy7FpvL0=";
};
buildPhase = ''
runHook preBuild
pnpm build
pnpm prune --prod
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/{bin,share/headplane}
cp -r {build,node_modules} $out/share/headplane/
sed -i 's;/build/source/node_modules/react-router/dist/development/index.mjs;react-router;' $out/share/headplane/build/headplane/server.js
sed -i 's;define_process_env_default.PORT;process.env.PORT;' $out/share/headplane/build/headplane/server.js
makeWrapper ${lib.getExe nodejs_22} $out/bin/headplane \
--chdir $out/share/headplane \
--set BUILD_PATH $out/share/headplane/build \
--set NODE_ENV production \
--add-flags $out/share/headplane/build/headplane/server.js
runHook postInstall
'';
})