-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathflake.nix
More file actions
67 lines (61 loc) · 2.06 KB
/
flake.nix
File metadata and controls
67 lines (61 loc) · 2.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, rust-overlay, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
overlays = [ (import rust-overlay) ];
pkgs = import nixpkgs {
inherit system overlays;
};
# Architecture-specific target
rustTarget = if pkgs.stdenv.isAarch64
then "aarch64-unknown-linux-musl"
else "x86_64-unknown-linux-musl";
rustWithTargets = pkgs.rust-bin.stable.latest.default.override {
targets = [ rustTarget ];
};
in
{
devShells.default = pkgs.mkShell {
# Disable all Nix hardening flags to prevent interference with Cargo builds.
# These flags are designed for C/C++ and can cause issues with:
# - MUSL builds (fortify adds glibc-specific functions)
# - Crates that vendor C libraries (e.g., git2 vendoring libgit2)
# Rust already provides memory safety, so these hardening flags provide
# minimal benefit while causing build problems.
hardeningDisable = [ "all" ];
buildInputs = [
# Rust with cross-compilation targets built-in.
rustWithTargets
# Shell formatting.
pkgs.shfmt
# Python formatting.
pkgs.python313Packages.autopep8
# YAML formatting.
pkgs.yamlfmt
# Shell linting.
pkgs.shellcheck
# Python linting.
pkgs.ruff
# GitHub Actions workflows linting.
pkgs.actionlint
# Rust dependencies check.
pkgs.cargo-machete
# End to end tests.
pkgs.python313
pkgs.python313Packages.behave
pkgs.git
# Deploying.
pkgs.gh
];
};
}
);
}