1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
{
description = "A simple Go package";
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
outputs = { self, nixpkgs }:
let
# System types to support.
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
# Nixpkgs instantiated for supported system types.
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
in
{
# Requires dirty nixbld with access to docker daemon
packages = forAllSystems (system:
let
pkgs = nixpkgsFor.${system};
getImageWithSkopeo =
let
fixName = name: builtins.replaceStrings [ "/" ":" ] [ "-" "-" ] name;
in
{ imageName
, transport
# To find the digest of an image, you can use skopeo:
# see doc/functions.xml
, imageDigest
, sha256
, os ? "linux"
, # Image architecture, defaults to the architecture of the `hostPlatform` when unset
arch ? pkgs.go.GOARCH
# This is used to set name to the pulled image
, finalImageName ? imageName
# This used to set a tag to the pulled image
, finalImageTag ? "latest"
# This is used to disable TLS certificate verification, allowing access to http registries on (hopefully) trusted networks
, tlsVerify ? true
, name ? fixName "image-${finalImageName}-${finalImageTag}.tar"
}:
pkgs.runCommand name
{
inherit imageDigest;
imageName = finalImageName;
imageTag = finalImageTag;
impureEnvVars = pkgs.lib.fetchers.proxyImpureEnvVars;
outputHashMode = "flat";
outputHashAlgo = "sha256";
outputHash = sha256;
nativeBuildInputs = [ pkgs.skopeo ];
SSL_CERT_FILE = "${pkgs.cacert.out}/etc/ssl/certs/ca-bundle.crt";
sourceURL = if transport == "docker-daemon:" then "${transport}${imageDigest}" else "${transport}${imageName}@${imageDigest}";
destNameTag = "${finalImageName}:${finalImageTag}";
} ''
skopeo \
--insecure-policy \
--tmpdir=$TMPDIR \
--override-os ${os} \
--override-arch ${arch} \
copy \
--src-tls-verify=${pkgs.lib.boolToString tlsVerify} \
"$sourceURL" "docker-archive://$out:$destNameTag" \
| cat # pipe through cat to force-disable progress bar
'';
pnsh = getImageWithSkopeo {
transport = "docker-daemon:";
imageName = "";
imageDigest = "";
sha256 = "";
};
# from: https://github.com/nix-community/home-manager/blob/70824bb5c790b820b189f62f643f795b1d2ade2e/modules/programs/neovim.nix#L412
neovimConfig = pkgs.neovimUtils.makeNeovimConfig {
viAlias = true;
vimAlias = true;
withPython3 = false;
withRuby = false;
withNodeJs = false;
extraPython3Packages = _: [];
extraLuaPackages = _: [];
plugins = with pkgs.vimPlugins; [
# highlighting
nvim-treesitter.withAllGrammars
playground
gruvbox-material
kanagawa-nvim
lsp_lines-nvim
gitsigns-nvim
vim-helm
lualine-nvim
# external
oil-nvim
vim-fugitive
venn-nvim
gv-vim
zoxide-vim
obsidian-nvim
go-nvim
# Coding
fzf-lua
nvim-lspconfig
null-ls-nvim
lsp_signature-nvim
nvim-dap
nvim-dap-ui
nvim-nio
nvim-dap-python
luasnip
vim-test
nvim-lint
vim-surround
conform-nvim
trouble-nvim
vim-easy-align
nvim-comment
# cmp
nvim-cmp
cmp-cmdline
cmp-nvim-lsp
cmp-buffer
cmp-path
cmp_luasnip
# conjure
vim-racket
nvim-parinfer
hotpot-nvim
];
customRC = "";
};
neovim-package = pkgs.wrapNeovimUnstable pkgs.neovim-unwrapped (neovimConfig
// {
wrapRc = false;
});
in
{
pnsh-container = pnsh;
neovim-container = pkgs.dockerTools.buildImage {
name = "";
fromImage = pnsh;
copyToRoot = pkgs.buildEnv {
extraPrefix = "/usr";
name = "neovim-nix-ide-usr";
paths = with pkgs; [
neovim-package
docker-client
zoxide
];
};
config = {
Entrypoint = ["/bin/zsh"];
Cmd = ["-c" "boot"];
};
};
});
# The default package for 'nix build'. This makes sense if the
# flake provides only one package or there is a clear "main"
# package.
defaultPackage = forAllSystems (system: self.packages.${system}.neovim-container);
};
}
|
