The original approach ensured secrets were always up to date but really slowed down cd'ing into the directory or opening files in emacs.
47 lines
1.3 KiB
Nix
47 lines
1.3 KiB
Nix
{
|
|
description = "A basic flake with a shell";
|
|
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
inputs.flake-utils.url = "github:numtide/flake-utils";
|
|
inputs.nixos-generators = {
|
|
url = "github:nix-community/nixos-generators";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
outputs = { self, nixpkgs, flake-utils, nixos-generators }:
|
|
flake-utils.lib.eachDefaultSystem (system: let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
in {
|
|
devShells.default = pkgs.mkShell {
|
|
shellHook =
|
|
''
|
|
set -o allexport
|
|
source .env set
|
|
+o allexport
|
|
'';
|
|
nativeBuildInputs = [
|
|
pkgs.jq
|
|
pkgs.terraform
|
|
pkgs.ansible
|
|
pkgs.kubectl
|
|
pkgs.awscli2
|
|
pkgs.nodePackages.yaml-language-server
|
|
pkgs.python39Packages.python-lsp-server
|
|
pkgs.k9s
|
|
pkgs.terraform-ls
|
|
pkgs.kubernetes-helm
|
|
pkgs.k6
|
|
];
|
|
buildInputs = [ ];
|
|
};
|
|
packages.aarch64-linux = {
|
|
k3s-server = nixos-generators.nixosGenerate {
|
|
system = "aarch64-linux";
|
|
modules = [
|
|
./pi-imgs/k3s-server.nix
|
|
];
|
|
format = "sd-aarch64-installer";
|
|
};
|
|
};
|
|
});
|
|
}
|