-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
122 lines (107 loc) · 3.39 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
{
description = "Python environment managed with mach-nix and flakes";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-utils = {
url = "github:numtide/flake-utils";
inputs.nixpkgs.follows = "nixpkgs";
};
# use `nix flake lock --update-input pypi-deps-db` to update the pypi database
# or `nix flake update` to update all
pypi-deps-db = {
url = "github:DavHau/pypi-deps-db";
inputs.nixpkgs.follows = "nixpkgs";
inputs.mach-nix.follows = "mach-nix";
};
mach-nix = {
url = "github:bjornfor/mach-nix/adapt-to-make-binary-wrapper";
# TODO: Change back to upstream once this is merged:
# - https://github.com/DavHau/mach-nix/pull/445
# url = "github:DavHau/mach-nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
inputs.pypi-deps-db.follows = "pypi-deps-db";
};
};
outputs = { self, nixpkgs, flake-utils, mach-nix, ...}:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs { inherit system; };
# Do NOT use import mach-nix {inherit system;};
#
# otherwise mach-nix will not use flakes and pypi-deps-db
# input will not be used:
# https://github.com/DavHau/mach-nix/issues/269#issuecomment-841824763
mach = mach-nix.lib.${system};
python-env = mach.mkPython {
# Choose python version
python = "python39";
# Specify python requirements, you can use ./requirements.txt a
# string (or a combination of both)
requirements = ''
tzdata
ipython
black
pip
python-lsp-server
python-language-server[all]
''
+ (builtins.readFile ./backend/requirements.txt)
+ (builtins.readFile ./scrapy/requirements.txt);
};
django-env = mach.mkPython {
python = "python38";
requirements = ''
tzdata
'' + (builtins.readFile ./backend/requirements.txt);
};
in
{
devShells.default = with pkgs; mkShellNoCC {
name = "python";
buildInputs = [
python-env
gnupg
openssh
sqlite
jq
(writeShellScriptBin "aws" ''
unset PYTHONPATH
exec ${pkgs.awscli2}/bin/aws "$@"
'')
(writeShellScriptBin "ssh-aws" ''
ADDR="$1"
shift
exec TERM=xterm ${pkgs.openssh}/bin/ssh ec2-user@"$ADDR" "$@"
'')
];
shellHook = let
GIT_HOOKS = ( symlinkJoin { name = "git-hooks"; paths = [
(writeShellScriptBin "pre-commit" ''
${gitleaks}/bin/gitleaks protect --verbose --redact --staged
'')
]; } ) + "/bin";
in "git config --local core.hooksPath ${GIT_HOOKS}";
};
packages.default = self.packages.${system}.backend;
packages.backend = let backend = ./backend; in pkgs.writeShellScriptBin "manage"
''
export PYTHONPATH=${django-env}/bin;
export PATH=${django-env}/bin:$PATH;
python ${backend}/manage.py "$@"
'';
packages.dockerImage = pkgs.dockerTools.buildLayeredImage {
name = "backend";
tag = "latest";
contents = [ self.packages.${system}.backend ];
config = {
Cmd = [
"${pkgs.bash}/bin/bash" "-c" "manage migrate --run-syncdb && manage parseData && manage runserver"
];
ExposedPorts = {
"8000/tcp" = {};
};
};
};
});
}