[Git][reproducible-builds/reproducible-website][push-ttprxvnmqsrx] 2 commits: refactor: rewrite the Nix layer
Pol Dellaiera (@drupol)
gitlab at salsa.debian.org
Mon Oct 14 08:03:13 UTC 2024
Pol Dellaiera pushed to branch push-ttprxvnmqsrx at Reproducible Builds / reproducible-website
Commits:
f90aba5c by Pol Dellaiera at 2024-10-14T10:02:29+02:00
refactor: rewrite the Nix layer
- - - - -
39598567 by Pol Dellaiera at 2024-10-14T10:02:58+02:00
ci: experimentation with nix
- - - - -
11 changed files:
- .gitlab-ci.yml
- README.md
- flake.lock
- flake.nix
- + nix/apps/default.nix
- + nix/pkgs/caddy-server/Caddyfile
- + nix/pkgs/caddy-server/package.nix
- + nix/pkgs/jekyll-server-livereload/package.nix
- + nix/pkgs/jekyll-server/package.nix
- + nix/pkgs/reproducible-website/package.nix
- + nix/shell/default.nix
Changes:
=====================================
.gitlab-ci.yml
=====================================
@@ -1,15 +1,18 @@
-before_script:
- - apt-get -q update
- - env DEBIAN_FRONTEND=noninteractive apt-get -q -y install jekyll make ruby-jekyll-redirect-from ruby-jekyll-polyglot ruby-jekyll-sitemap po4a python3-yaml git
+.nix:
+ image: nixos/nix:2.24.9
+ before_script:
+ - echo "experimental-features = nix-command flakes" >>/etc/nix/nix.conf
test:
- image: debian:stable-backports
+ extends: .nix
script:
- - make
- - make lint
+ - nix build .#reproducible-website
+ - cp -vr --dereference $(readlink -f result) output
+ - mv output _site
+
artifacts:
paths:
- _site/*
environment:
name: HTML
- url: 'https://$CI_PROJECT_NAMESPACE.pages.debian.net/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/_site/index.html'
+ url: "https://$CI_PROJECT_NAMESPACE.pages.debian.net/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/_site/index.html"
=====================================
README.md
=====================================
@@ -43,3 +43,22 @@ You can install the required tools and plugins and for building the website like
```console
$ sudo apt install jekyll git ruby-jekyll-redirect-from ruby-jekyll-polyglot ruby-jekyll-sitemap po4a
```
+
+Nix
+---
+
+The website can also be built using [Nix](https://nixos.org).
+
+When the local website sources are available locally, the following commands are available:
+
+- `nix develop`: Start a shell with all the required dependencies available (jekyll, pandoc, gnumake, which, po4a, python)
+- `nix build .#reproducible-website`: Build the website completely. The result will be available in the `result` directory.
+- `nix run .#default`: Start a webserver with Caddy to serve the website. This is not meant to be used for development.
+- `nix run .#jekyll-serve`: Start a webserver with Jekyll to serve the website. This is meant to be used for development.
+- `nix run .#jekyll-serve-livereload`: Start a webserver with Jekyll to serve the website with livereload. This is meant to be used for development.
+
+In case the sources are not available locally, the following commands are available:
+
+- `nix run git+https://salsa.debian.org/reproducible-builds/reproducible-website.git#reproducible-website`: Build a development snapshot of the website, available in the `result` directory.
+
+- `nix run git+https://salsa.debian.org/reproducible-builds/reproducible-website.git#default`: Start a webserver with Caddy to serve the website. This is not meant to be used for development.
=====================================
flake.lock
=====================================
@@ -5,11 +5,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
- "lastModified": 1726153070,
- "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=",
+ "lastModified": 1727826117,
+ "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a",
+ "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"type": "github"
},
"original": {
@@ -20,11 +20,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1726583932,
- "narHash": "sha256-zACxiQx8knB3F8+Ze+1BpiYrI+CbhxyWpcSID9kVhkQ=",
+ "lastModified": 1728538411,
+ "narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "658e7223191d2598641d50ee4e898126768fe847",
+ "rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
"type": "github"
},
"original": {
@@ -36,20 +36,36 @@
},
"nixpkgs-lib": {
"locked": {
- "lastModified": 1725233747,
- "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
+ "lastModified": 1727825735,
+ "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=",
"type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
+ "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
},
"original": {
"type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
+ "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
+ }
+ },
+ "pkgs-by-name-for-flake-parts": {
+ "locked": {
+ "lastModified": 1727519927,
+ "narHash": "sha256-3SNX6BuaisoX9PKYI+fh3geZ3jBgKKkAtHcWuHRU0+o=",
+ "owner": "drupol",
+ "repo": "pkgs-by-name-for-flake-parts",
+ "rev": "91debb07d81ff25b8e3b48914b6abd6f11dc26e2",
+ "type": "github"
+ },
+ "original": {
+ "owner": "drupol",
+ "repo": "pkgs-by-name-for-flake-parts",
+ "type": "github"
}
},
"root": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs",
+ "pkgs-by-name-for-flake-parts": "pkgs-by-name-for-flake-parts",
"systems": "systems"
}
},
=====================================
flake.nix
=====================================
@@ -3,6 +3,7 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
systems.url = "github:nix-systems/default";
+ pkgs-by-name-for-flake-parts.url = "github:drupol/pkgs-by-name-for-flake-parts";
};
outputs =
@@ -10,132 +11,24 @@
flake-parts.lib.mkFlake { inherit inputs; } {
systems = import inputs.systems;
+ imports = [
+ inputs.pkgs-by-name-for-flake-parts.flakeModule
+ inputs.flake-parts.flakeModules.easyOverlay
+ ./nix/shell
+ ./nix/apps
+ ];
+
perSystem =
+ { config, system, ... }:
{
- self',
- pkgs,
- lib,
- ...
- }:
- let
- jekyll = pkgs.jekyll.override ({ withOptionalDependencies = true; });
- ruby = (pkgs.ruby.withPackages (ps: [ jekyll ]));
- python3 = pkgs.python3.withPackages (p: [ p.pyyaml ]);
- in
- {
- packages = {
- default = pkgs.stdenvNoCC.mkDerivation {
- name = "reproducible-website";
- src = ./.;
-
- nativeBuildInputs = [
- pkgs.gitMinimal
- ];
-
- # This step should not be mandatory, the script contributors.py
- # should not get the contributors from git.
- # Without this preConfigure phase, the script will fail.
- preConfigure = ''
- git init
- git config user.email "you at example.com"
- git config user.name "Nix build"
-
- git add .
- git commit -am "nix build commit"
- '';
-
- postPatch = ''
- substituteInPlace bin/i18n.sh \
- --replace-fail "#!/bin/bash" "#!${pkgs.runtimeShell}"
- substituteInPlace bin/contributors.py \
- --replace-fail "#!/usr/bin/env python3" "#!${lib.getExe python3}"
- '';
-
- buildInputs = [
- pkgs.git
- pkgs.perl536Packages.Po4a
- pkgs.which
- python3
- ruby
- ];
-
- installPhase = ''
- runHook preInstall
-
- mkdir -p $out
- cp -ar _site/* $out/
-
- runHook postInstall
- '';
- };
- };
-
- apps = {
- # Runs a Caddy server to serve the static site
- default =
- let
- caddyFile = pkgs.writeText "Caddyfile" ''
- :4000 {
- root * ${self'.packages.default}
- log
- encode gzip
- file_server
- }
- '';
- in
- {
- type = "app";
- program = (
- lib.getExe (
- pkgs.writeScriptBin "start-static-site" ''
- #!${pkgs.runtimeShell}
- ${lib.getExe pkgs.caddy} run --adapter caddyfile --config ${caddyFile}
- ''
- )
- );
- };
-
- # Runs the Jekyll server only
- serve = {
- type = "app";
- program = (
- lib.getExe (
- pkgs.writeScriptBin "start-static-server" ''
- #!${pkgs.runtimeShell}
- ${lib.getExe jekyll} serve --host
- ''
- )
- );
- };
-
- # Runs the Jekyll server with live reload, only for development
- devserver = {
- type = "app";
- program = (
- lib.getExe (
- pkgs.writeScriptBin "start-live-reload-site" ''
- #!${pkgs.runtimeShell}
- ${lib.getExe jekyll} serve --watch --livereload --incremental --host
- ''
- )
- );
- };
- };
-
- devShells = {
- default = pkgs.stdenvNoCC.mkDerivation {
- name = "devshell";
- buildInputs = [
- pkgs.pandoc
- pkgs.gnumake
- pkgs.perl536Packages.Po4a
- pkgs.which
- jekyll
- python3
- ruby
- ];
- };
+ _module.args.pkgs = import inputs.nixpkgs {
+ inherit system;
+ overlays = [
+ inputs.self.overlays.default
+ ];
};
+ pkgsDirectory = ./nix/pkgs;
+ overlayAttrs = config.packages;
};
};
}
=====================================
nix/apps/default.nix
=====================================
@@ -0,0 +1,30 @@
+{ ... }:
+{
+ perSystem =
+ { config, ... }:
+ {
+ apps = {
+ # Runs a Caddy server to serve the static site
+ # This is the default app, ready for production
+ # This is not meant to be used during development phase
+ default = {
+ type = "app";
+ program = config.packages.caddy-server;
+ };
+
+ # Runs the Jekyll server only
+ # For development phase
+ jekyll-serve = {
+ type = "app";
+ program = config.packages.jekyll-server;
+ };
+
+ # Runs the Jekyll server with live reload
+ # For development phase
+ jekyll-serve-livereload = {
+ type = "app";
+ program = config.packages.jekyll-server-livereload;
+ };
+ };
+ };
+}
=====================================
nix/pkgs/caddy-server/Caddyfile
=====================================
@@ -0,0 +1,6 @@
+:4000 {
+ root * @webroot@
+ log
+ encode gzip
+ file_server
+}
=====================================
nix/pkgs/caddy-server/package.nix
=====================================
@@ -0,0 +1,21 @@
+{
+ lib,
+ writeShellApplication,
+ substituteAll,
+ caddy,
+ reproducible-website,
+ ...
+}:
+let
+ caddyFile = substituteAll {
+ src = ./Caddyfile;
+ webroot = reproducible-website;
+ };
+in
+writeShellApplication {
+ name = "caddy-server";
+ runtimeInputs = [ caddy ];
+ text = ''
+ ${lib.getExe caddy} run --adapter caddyfile --config ${caddyFile}
+ '';
+}
=====================================
nix/pkgs/jekyll-server-livereload/package.nix
=====================================
@@ -0,0 +1,13 @@
+{
+ lib,
+ writeShellApplication,
+ jekyll-server,
+ ...
+}:
+writeShellApplication {
+ name = "jekyll-server-livereload";
+ runtimeInputs = [ jekyll-server ];
+ text = ''
+ ${lib.getExe jekyll-server} --watch --livereload --incremental "$@"
+ '';
+}
=====================================
nix/pkgs/jekyll-server/package.nix
=====================================
@@ -0,0 +1,16 @@
+{
+ lib,
+ writeShellApplication,
+ jekyll,
+ ...
+}:
+let
+ jekyll' = jekyll.override { withOptionalDependencies = true; };
+in
+writeShellApplication {
+ name = "jekyll-server";
+ runtimeInputs = [ jekyll' ];
+ text = ''
+ ${lib.getExe jekyll'} serve --host "$@"
+ '';
+}
=====================================
nix/pkgs/reproducible-website/package.nix
=====================================
@@ -0,0 +1,57 @@
+{
+ stdenvNoCC,
+ lib,
+ gitMinimal,
+ runtimeShell,
+ python3,
+ perl536Packages,
+ which,
+ ruby,
+ jekyll,
+}:
+
+let
+ jekyll' = jekyll.override ({ withOptionalDependencies = true; });
+ ruby' = (ruby.withPackages (ps: [ jekyll' ]));
+ python3' = python3.withPackages (p: [ p.pyyaml ]);
+in
+stdenvNoCC.mkDerivation {
+ name = "reproducible-website";
+ src = ./../../../.;
+
+ nativeBuildInputs = [
+ gitMinimal
+ perl536Packages.Po4a
+ which
+ python3'
+ ruby'
+ ];
+
+ # This step should not be mandatory, the script contributors.py
+ # should not get the contributors from git.
+ # Without this preConfigure phase, the script will fail.
+ preConfigure = ''
+ git init
+ git config user.email "you at example.com"
+ git config user.name "Nix build"
+
+ git add .
+ git commit -am "nix build commit"
+ '';
+
+ postPatch = ''
+ substituteInPlace bin/i18n.sh \
+ --replace-fail "#!/bin/bash" "#!${runtimeShell}"
+ substituteInPlace bin/contributors.py \
+ --replace-fail "#!/usr/bin/env python3" "#!${lib.getExe python3'}"
+ '';
+
+ installPhase = ''
+ runHook preInstall
+
+ mkdir -p $out
+ cp -ar _site/* $out/
+
+ runHook postInstall
+ '';
+}
=====================================
nix/shell/default.nix
=====================================
@@ -0,0 +1,21 @@
+{ ... }:
+{
+ perSystem =
+ { config, pkgs, ... }:
+ {
+ devShells = {
+ # A default shell with all the necessary tools to work on the website
+ # Use `nix develop` to use it
+ default = pkgs.mkShell {
+ inputsFrom = [ config.packages.reproducible-website ];
+
+ packages = [
+ pkgs.pandoc
+ pkgs.gnumake
+ pkgs.perl536Packages.Po4a
+ pkgs.which
+ ];
+ };
+ };
+ };
+}
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/e7e43dc7a0da9e32002bfac2b6cab1a89e2ce1d9...39598567026e07dae099c314815dbcb9b8e2497f
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/e7e43dc7a0da9e32002bfac2b6cab1a89e2ce1d9...39598567026e07dae099c314815dbcb9b8e2497f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20241014/cefe3b58/attachment.htm>
More information about the rb-commits
mailing list