From 2042f1111e3e59c1523bcda3d23740a066447327 Mon Sep 17 00:00:00 2001 From: Martin Puppe Date: Thu, 9 Jun 2022 15:03:38 +0200 Subject: [PATCH] Remove overlay The overlay has been removed and the package financier-dist is now always built with the Nixpkgs version from our flake inputs. Overlays can be applied to any version of Nixpkgs, but our package does not work with all versions of Nixpkgs. For example, we currently built our package with Node 12. The nodejs-12_x has been marked as insecure on the 21.05 branch in May 2022 breaking our build and consequently our module and all configurations that rely on it. Usually, it would be very bad to pin to an old Nixpkgs version as we miss potential security updates. But we build a static website and it is very unlikely that it has any security issues. --- dist.nix | 8 +++----- flake.nix | 24 ++++++++---------------- module.nix | 15 ++++++++++----- 3 files changed, 21 insertions(+), 26 deletions(-) diff --git a/dist.nix b/dist.nix index 460be41..d5e2367 100644 --- a/dist.nix +++ b/dist.nix @@ -1,10 +1,8 @@ -{ pkgs ? import { inherit system; }, system ? builtins.currentSystem -, financierVersion }: +{ pkgs, system, stdenv, financierVersion }: -let - financier = (import ./default.nix { inherit pkgs system; }).package; +let financier = (import ./default.nix { inherit pkgs system; }).package; -in pkgs.stdenv.mkDerivation { +in stdenv.mkDerivation { version = financierVersion; pname = "financier-dist"; src = "${financier}/lib/node_modules/financier"; diff --git a/flake.nix b/flake.nix index cfa89f9..90b167e 100644 --- a/flake.nix +++ b/flake.nix @@ -10,21 +10,13 @@ financierVersion = (builtins.fromJSON (builtins.readFile "${inputs.financier}/package.json")).version; nodeVersion = "12"; - - overlay = final: prev: { - financier-dist = import ./dist.nix { - inherit financierVersion; - inherit (prev) pkgs system; - }; - }; in inputs.flake-utils.lib.eachDefaultSystem (system: - let - pkgs = import nixpkgs { - inherit system; - overlays = [ overlay ]; - }; + let pkgs = import nixpkgs { inherit system; }; in { - packages = { inherit (pkgs) financier-dist; }; + packages = { + financier-dist = + pkgs.callPackage ./dist.nix { inherit financierVersion; }; + }; defaultPackage = self.packages.${system}.financier-dist; devShell = pkgs.mkShell { packages = with pkgs; [ nodePackages.node2nix ]; @@ -34,10 +26,10 @@ ''; }; }) // { - inherit overlay; - nixosModule = { + nixosModule = { pkgs, lib, ... }: { imports = [ ./module.nix ]; - nixpkgs.overlays = [ self.overlay ]; + services.financier.package = + lib.mkDefault self.packages.${pkgs.system}.financier-dist; }; }; } diff --git a/module.nix b/module.nix index cea1162..162ce4f 100644 --- a/module.nix +++ b/module.nix @@ -1,8 +1,6 @@ { config, lib, pkgs, system, ... }: with lib; -let - inherit (pkgs) financier-dist; - cfg = config.services.financier; +let cfg = config.services.financier; in { imports = [ ]; @@ -17,6 +15,13 @@ in { example = "example.org"; }; + package = mkOption { + type = types.package; + description = '' + Financier package to use. + ''; + }; + server = mkOption { type = types.enum [ "nginx" "caddy" ]; description = '' @@ -37,7 +42,7 @@ in { virtualHosts."${cfg.hostName}" = { forceSSL = true; enableACME = true; - root = financier-dist; + root = cfg.package; locations."/".tryFiles = "$uri $uri/ /index.html"; }; }; @@ -47,7 +52,7 @@ in { config = '' ${cfg.hostName} { - root * ${financier-dist} + root * ${cfg.package} file_server try_files {path} {path}/ /index.html }