]> Git — Sourcephile - sourcephile-nix.git/blob - .envrc
acme: start unbound before
[sourcephile-nix.git] / .envrc
1 # manual config
2 nix_version=2.3.3
3 nix_openpgp=B541D55301270E0BCF15CA5D8170B4726D7198DE
4 nixpkgs_channel=nixos-unstable-small
5 nixshell_sources=(.envrc shell.nix
6 .config/nixpkgs-channel/"$nixpkgs_channel".nix
7 $(for d in patches shell; do
8 test ! -d "$d" || find "$d" -type f -not -name "*~"
9 done | sort
10 )
11 )
12
13 # nix
14 if ! has nix || test "$(nix --version)" != "nix (Nix) $nix_version"
15 then log_status "installing Nix core tools"
16 gpg2 --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$nix_openpgp"
17 mkdir -p .config/nix/"$nix_version"
18 {
19 flock --exclusive 3
20 if test ! -s .config/nix/"$nix_version"/install -o ! -s .config/nix/"$nix_version"/install.asc
21 then
22 (cd .config/nix/"$nix_version"
23 curl -LOO https://nixos.org/releases/nix/nix-"$nix_version"/{install,install.asc})
24 fi
25 test -e ~/.nix-profile/etc/profile.d/nix.sh || {
26 gpg --verify .config/nix/"$nix_version"/install.asc &&
27 sh .config/nix/"$nix_version"/install || {
28 log_error "cannot install nix-$nix_version"
29 return 1
30 }
31 }
32 . ~/.nix-profile/etc/profile.d/nix.sh
33 } 3>>.config/nix/"$nix_version"/install
34 fi
35
36 # nixpkgs
37 mkdir -p .config/nixpkgs-channel
38 {
39 flock --exclusive 3
40 if test ! -s .config/nixpkgs-channel/$nixpkgs_channel.nix
41 then log_status "installing nixpkgs from $nixpkgs_channel (This may take some time. To update: delete .config/nixpkgs-channel/$nixpkgs_channel.nix)"
42 rev=$(curl -L https://nixos.org/channels/"$nixpkgs_channel"/git-revision | head -n1 | tr -dC 'a-z0-9')
43 sha256=$(nix-prefetch-url --unpack https://github.com/NixOS/nixpkgs-channels/archive/"$rev".tar.gz)
44 echo >.config/nixpkgs-channel/$nixpkgs_channel.nix \
45 "builtins.fetchTarball {url=\"https://github.com/NixOS/nixpkgs-channels/archive/$rev.tar.gz\"; sha256=\"$sha256\";}"
46 else log_status "using nixpkgs from .config/nixpkgs-channel/$nixpkgs_channel.nix"
47 fi
48 } 3>>.config/nixpkgs-channel/$nixpkgs_channel.nix
49 watch_file .config/nixpkgs-channel/$nixpkgs_channel.nix
50 # Used in shell.nix
51 export nixpkgs_channel
52 # Get the store path of this nixpkgs,
53 # it will not be registered as a root for the garbage-collector
54 # but will be preserved as long as it is used by shell.nix
55 # which itself will produce a registered derivation.
56 #nixpkgs=$(nix-instantiate --eval .config/nixpkgs-channel/$nixpkgs_channel.nix)
57 #nixpkgs=${nixpkgs#'"'}
58 #nixpkgs=${nixpkgs%'"'}
59 #export NIX_PATH="nixpkgs=$nixpkgs${NIX_PATH:+:$NIX_PATH}"
60
61 # nix-shell
62 has shasum || { log_error "shasum is needed to cache environment"; return 1; }
63 for e in "${nixshell_sources[@]}"
64 do watch_file "$e"; done
65 hash=$(shasum -a 256 "${nixshell_sources[@]}" | shasum -a 256 | cut -c -64)
66 cache=.cache/nix-shell/"$hash"
67 unset DIRENV_DUMP_FILE_PATH
68 if test -e "$cache/dump"
69 then
70 log_status "reusing $cache/"
71 {
72 flock --shared 3
73 # Load the cached environment
74 direnv_load sh -c "cat >\$DIRENV_DUMP_FILE_PATH $cache/dump"
75 # Re-run the shellHook to update envvars like GPG_TTY,
76 # and run gpg-connect-agent updatestartuptty /bye
77 eval "$shellHook"
78 } 3<$cache/dump
79 else
80 log_status "building $cache/"
81 mkdir -p "$cache"
82 {
83 flock --exclusive 3
84 # Register the derivation as a root for the garbage-collector,
85 # then cache a dump of the environment from within the nix-shell,
86 # then unregister previous derivations,
87 # then load the cached environment.
88 nix-instantiate >/dev/null ./shell.nix --indirect --add-root "$cache"/shell.drv \
89 ${TRACE:+--show-trace} \
90 ${OFFLINE:+--option substituters ""} &&
91 nix-store >/dev/null --indirect --add-root "$cache"/shell.dep \
92 --realise $(nix-store --query --references $cache/shell.drv) \
93 ${OFFLINE:+--option substituters ""} &&
94 direnv_load sh -c "nix-shell ${TRACE:+--show-trace} \
95 --run \"DIRENV_DUMP_FILE_PATH= $direnv dump | tee $cache/dump >\$DIRENV_DUMP_FILE_PATH\" \
96 ${OFFLINE:+--option substituters ""}" &&
97 find .cache/nix-shell -mindepth 1 -maxdepth 1 -not -name "$hash" -exec rm -rf {} + || {
98 rm -rf "$PWD/.cache/nix-shell/$hash"
99 log_error "cannot build shell.nix"
100 return 1
101 }
102 } 3>$cache/dump
103 fi