flake.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

{
  description = ''
    A tool to manage credentials and other secrets as mutable state within a NixOS environment,
    consisting of a Rust executable, NixOS configuration, and associated documentation.
    Published as part of the Small Tech Kit, ISL's public resource for small organizations
    that want to host their own infrastructure, but usable independently.
  '';

  inputs = {
    nixpkgs = {
      type = "github";
      owner = "NixOS";
      repo = "nixpkgs";
      ref = "nixos-25.05";
    };

    crane = {
      type = "github";
      owner = "ipetkov";
      repo = "crane";
    };
  };

  outputs = { self, nixpkgs, crane }:
  let supportedSystems = [ "aarch64-linux" "x86_64-linux" ];
      forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
      nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
  in {
    packages = forAllSystems (system: let pkgs = nixpkgsFor.${system}; in {
      default = (crane.mkLib pkgs).buildPackage {
        src = ./.;
      };
    });

    nixosModules.default = { ... }: {
      imports = [
        ./options.nix
      ];
    };

    devShells = forAllSystems (system: let pkgs = nixpkgsFor.${system}; in {
      default = pkgs.mkShell {
        nativeBuildInputs = with pkgs; [
          cargo
          rustc
        ];
      };
    });
  };
}