From 61c50a0e43f72db494e5b8ef5f7b7c66fac19310 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= Date: Thu, 6 Jun 2024 13:56:29 +0200 Subject: [PATCH] flake: add Nix shell for infrastructure work MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is an initial version we can expand later. Signed-off-by: Jakub SokoĊ‚owski --- flake.lock | 27 +++++++++++++++++++++++++++ flake.nix | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..ed5e17d --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1720031269, + "narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9f4128e00b0ae8ec65918efeba59db998750ead6", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..16f6b46 --- /dev/null +++ b/flake.nix @@ -0,0 +1,46 @@ +{ + description = "infra-shell"; + + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + + outputs = { self, nixpkgs }: + let + stableSystems = ["x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"]; + forAllSystems = nixpkgs.lib.genAttrs stableSystems; + pkgsFor = nixpkgs.lib.genAttrs stableSystems ( + system: import nixpkgs { inherit system; config.allowUnfree = true; } + ); + in rec { + devShells = forAllSystems (system: let + pkgs = pkgsFor.${system}; + in { + default = let + pythonPkgs = pkgs.python310.withPackages ( + _: with (pkgs.python310Packages); [ + ipython pyyaml jinja2 PyGithub + pyopenssl cryptography + ] + ); + in pkgs.mkShellNoCC { + packages = with pkgs.buildPackages; [ + # misc + git openssh jq fzf silver-searcher + # networking + curl nmap nettools dnsutils + # infra + terraform ansible_2_16 pythonPkgs + # security + pass bitwarden-cli yubikey-manager pwgen + # cloud + aliyun-cli awscli doctl google-cloud-sdk + hcloud s3cmd scaleway-cli + ]; + + shellHook = '' + ./ansible/roles.py --check || \ + echo -e '\nWARNING: Your role versions appear to be incorrect!' >&2 + ''; + }; + }); + }; +}