diff --git a/flake.lock b/flake.lock index 45c2f05..202c827 100644 --- a/flake.lock +++ b/flake.lock @@ -83,6 +83,22 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "NixOS", + "repo": "flake-compat", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -138,6 +154,49 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": "flake-compat_2", + "gitignore": "gitignore", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1769939035, + "narHash": "sha256-Fok2AmefgVA0+eprw2NDwqKkPGEI5wvR+twiZagBvrg=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "a8ca480175326551d6c4121498316261cbb5b260", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -579,6 +638,7 @@ "colmena": "colmena", "disko": "disko", "firefox-addons": "firefox-addons", + "git-hooks": "git-hooks", "home-manager": "home-manager", "nix-on-droid": "nix-on-droid", "nix-secrets": "nix-secrets", diff --git a/flake.nix b/flake.nix index 2ee8b53..ce42e27 100644 --- a/flake.nix +++ b/flake.nix @@ -43,16 +43,20 @@ url = "github:zhaofengli/colmena"; inputs.nixpkgs.follows = "nixpkgs"; }; + git-hooks = { + url = "github:cachix/git-hooks.nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = - { - self, - nixpkgs, - home-manager, - nix-on-droid, - nixgl, - ... + { self + , nixpkgs + , home-manager + , nix-on-droid + , nixgl + , git-hooks + , ... }@inputs: let inherit (self) outputs; @@ -73,7 +77,12 @@ system = import ./hosts/${host}/system.nix; modules = [ ./hosts/${host} ]; specialArgs = { - inherit inputs outputs dotsPath; + inherit + inputs + outputs + dotsPath + self + ; }; } )) @@ -128,6 +137,33 @@ ; }; + checks.${system}.pre-commit-check = git-hooks.lib.${system}.run { + src = ./.; + hooks = { + nixpkgs-fmt.enable = true; + statix.enable = true; + }; + }; + + apps.${system}.pre-commit-install = + let + hooks = git-hooks.lib.${system}.run { + src = ./.; + hooks = { + nixpkgs-fmt.enable = true; + statix.enable = true; + }; + }; + in + { + type = "app"; + program = toString ( + pkgs.writeShellScript "install-hooks" '' + ${hooks.shellHook} + '' + ); + }; + images.sd-image-aarch64 = self.nixosConfigurations.sd-image-aarch64.config.system.build.sdImage; }; } diff --git a/hosts/andromache/default.nix b/hosts/andromache/default.nix index 41ffbb8..85ab972 100644 --- a/hosts/andromache/default.nix +++ b/hosts/andromache/default.nix @@ -1,10 +1,10 @@ -{ - lib, - inputs, - outputs, - config, - pkgs, - ... +{ lib +, inputs +, outputs +, self +, config +, pkgs +, ... }: let username = "h"; @@ -38,6 +38,7 @@ in (import ../../modules/secrets { inherit lib inputs config; }) ../../modules/docker ../../modules/syncthing + ../../modules/git-hooks ]; home-manager.users.${username} = import ../../home/hosts/andromache { @@ -99,6 +100,11 @@ in ]; services = { + git-hooks = { + enable = true; + flake-path = self; + }; + xserver = { videoDrivers = [ "nvidia" ]; }; diff --git a/hosts/astyanax/default.nix b/hosts/astyanax/default.nix index f8323bd..cd56c29 100644 --- a/hosts/astyanax/default.nix +++ b/hosts/astyanax/default.nix @@ -1,10 +1,10 @@ -{ - lib, - inputs, - outputs, - config, - pkgs, - ... +{ lib +, inputs +, outputs +, self +, config +, pkgs +, ... }: let username = "h"; @@ -40,6 +40,7 @@ in (import ../../modules/secrets { inherit lib inputs config; }) ../../modules/docker ../../modules/syncthing + ../../modules/git-hooks ]; home-manager.users.${username} = import ../../home/hosts/astyanax { @@ -97,6 +98,10 @@ in boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; services = { + git-hooks = { + enable = true; + flake-path = self; + }; fwupd.enable = true; openssh = { enable = true; diff --git a/modules/git-hooks/default.nix b/modules/git-hooks/default.nix new file mode 100644 index 0000000..a1424ce --- /dev/null +++ b/modules/git-hooks/default.nix @@ -0,0 +1,22 @@ +{ config, lib, ... }: + +{ + options.services.git-hooks = { + enable = lib.mkEnableOption "Install git hooks for Nix flake"; + flake-path = lib.mkOption { + type = lib.types.path; + description = "Path to Nix flake repository"; + }; + }; + + config = lib.mkIf config.services.git-hooks.enable { + system.activationScripts.git-hooks = lib.stringAfter [ "users" ] '' + if [ -d "${config.services.git-hooks.flake-path}/.git" ]; then + echo "🪝 Installing git hooks..." + cd ${config.services.git-hooks.flake-path} + nix run .#apps.x86_64-linux.pre-commit-install || true + echo "✅ Done" + fi + ''; + }; +}