{ description = "easy identity and access management"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; crane = { url = "github:ipetkov/crane"; inputs.nixpkgs.follows = "nixpkgs"; }; flake-utils.url = "github:numtide/flake-utils"; rust-overlay = { url = "github:oxalica/rust-overlay"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; }; outputs = { self, nixpkgs, crane, flake-utils, rust-overlay, ... }: flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; overlays = [ (import rust-overlay) ]; }; inherit (pkgs) lib; craneLib = crane.lib.${system}; # Get metadata from Cargo.toml metadata = craneLib.crateNameFromCargoToml { cargoToml = ./crates/ezidam/Cargo.toml; }; # Common derivation arguments used for all builds commonArgs = { src = lib.cleanSourceWith { src = craneLib.path ./.; # The original, unfiltered source filter = path: type: # SQL queries and migrations (lib.hasSuffix ".sql" path) || # Offline queries (lib.hasInfix "/.sqlx/" path) || # Default Logo (lib.hasInfix "/logo/logo.png" path) || # Test assets (lib.hasInfix "/tests/" path) || # Tera Templates (lib.hasInfix "/templates/" path) || # Static assets (lib.hasInfix "/static/" path) || # Default filter from crane (allow .rs files) (craneLib.filterCargoSources path type) ; }; strictDeps = true; buildInputs = with pkgs; [ # Add additional build inputs here sqlite ] ++ lib.optionals pkgs.stdenv.isDarwin [ # Additional darwin specific inputs can be set here darwin.apple_sdk.frameworks.Security pkgs.libiconv ]; nativeBuildInputs = with pkgs; [ # Add extra native build inputs here, etc. pkg-config ]; } // metadata; # Build *just* the cargo dependencies cargoArtifacts = craneLib.buildDepsOnly commonArgs; # Clippy ezidamClippy = craneLib.cargoClippy (commonArgs // { inherit cargoArtifacts; # Again we apply some extra arguments only to this derivation # and not every where else. In this case we add some clippy flags # cargoClippyExtraArgs = "--all-targets -- --deny warnings"; }); # Build crate ezidamBinary = craneLib.buildPackage (commonArgs // { cargoArtifacts = ezidamClippy; }); ezidamAssetTemplate = ./crates/ezidam/templates; ezidamAssetStatic = ./crates/ezidam/static; ezidamAssets = [ ezidamAssetTemplate ezidamAssetStatic ]; ezidam = pkgs.stdenv.mkDerivation { inherit ezidamBinary ezidamAssets; name = metadata.pname; phases = [ "unpackPhase" "installPhase" ]; dontUnpack = true; installPhase = '' mkdir -p $out cp -rv $ezidamBinary $out cp -rv $ezidamAssets $out ''; }; # Docker image dockerImage = pkgs.dockerTools.buildLayeredImage { # Meta name = metadata.pname; tag = metadata.version; created = builtins.substring 0 8 self.lastModifiedDate; # Content of image contents = pkgs.buildEnv { name = "image-root"; paths = [ ezidamBinary ezidamAssets ]; pathsToLink = [ "/bin" ]; }; # Container config config = { Cmd = [ "${ezidamBinary}/bin/ezidam" ]; Env = [ "EZIDAM_TEMPLATE_DIR=${ezidamAssetTemplate}" "EZIDAM_STATIC_DIR=${ezidamAssetStatic}" ]; }; }; in { apps.default = { type = "app"; program = "${ezidamBinary}/bin/ezidam"; }; packages = { inherit ezidam dockerImage; default = ezidam; }; checks = { inherit # Build the crate as part of `nix flake check` for convenience ezidam ezidamClippy; }; }); }