technofab/coder-templates
1
0
Fork 0
mirror of https://gitlab.com/TECHNOFAB/coder-templates.git synced 2025-12-12 02:00:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: technofab:cfcc9a221c4f37d865ddffeaf5aa9c4a7d22bfca
Branches Tags
technofab:main
technofab:feat/rensa
technofab:old
technofab:jsonnet-bak
...
compare: technofab:c16bc972648d07337428d93cb56daaae9eb01dde
Branches Tags
technofab:feat/rensa
technofab:main
technofab:old
technofab:jsonnet-bak

No commits in common. "cfcc9a221c4f37d865ddffeaf5aa9c4a7d22bfca" and "c16bc972648d07337428d93cb56daaae9eb01dde" have entirely different histories.
cfcc9a221c ... c16bc97264

23 changed files with 741 additions and 1290 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.envrc
View file

@ -1,8 +1,2 @@
if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then source $(fetchurl https://gitlab.com/rensa-nix/direnv/-/raw/v0.3.0/direnvrc "sha256-u7+KEz684NnIZ+Vh5x5qLrt8rKdnUNexewBoeTcEVHQ=")
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs=" use ren //repo/devShells/default
fi
if ! use flake . --impure
then
echo "devenv could not be build. The devenv environment was not loaded. Make the necessary changes to devenv.nix and hit enter to try again." >&2
fi

6
.gitignore vendored
View file

@ -1,7 +1 @@
.idea/
.devenv/
.direnv/
*.tf*
result result
.pre-commit-config.yaml
.terraform*

7
.gitlab-ci.yml
View file

@ -1,4 +1,5 @@
# Generated by soonix, DO NOT EDIT
include: include:
- component: gitlab.com/TECHNOFAB/nix-gitlab-ci/nix-gitlab-ci@2.1.0 - component: gitlab.com/TECHNOFAB/nix-gitlab-ci/nix-gitlab-ci@3.0.1
inputs: inputs:
version: 2.1.0 version: 3.0.1

11
README.md
View file

@ -1,16 +1,11 @@
# Coder Templates # Coder Templates
Templates for [Coder](https://coder.com), built with Nix (Terranix). Templates for [Coder](https://coder.com), built with [Tofunix](https://tofunix.projects.tf).
> [!NOTE] Check [this Coder tutorial](https://coder.com/docs/tutorials/template-from-scratch#add-the-template-files-to-coder) for how to install the templates ("Dashboard" method recommended).
> !1 changed how the docker image is built.
> If `nix store gc` results in `/nix/var/nix/profiles/default` being deleted
> you might have to clear the /nix persistent volume to fix it. See the
> merge request's comments for more information.
## Templates ## Templates
- Nix Kubernetes - Nix Kubernetes ([Download tar](https://gitlab.com/TECHNOFAB/coder-templates/-/jobs/artifacts/main/raw/templates/nix-kubernetes.tar?job=build:%20%5Bnix-kubernetes%5D))
> provisions a Coder workspace on Kubernetes, running a Nix-built image, > provisions a Coder workspace on Kubernetes, running a Nix-built image,
> which also contains Nix and supports Dotfiles management using home-manager. > which also contains Nix and supports Dotfiles management using home-manager.
> Nix-ception ;P

1
docs/images/logo.svg Normal file
View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="200" height="200" fill="none"><g filter="url(#a)"><path stroke="url(#b)" stroke-width="5" d="m183.671 75.055-20.4 85.161-83.953 24.913-63.55-60.247L36.167 39.72l83.953-24.913 63.551 60.248Z"/></g><path fill="url(#c)" stroke="url(#d)" stroke-width="5" d="m183.671 75.055-20.4 85.161-83.953 24.913-63.55-60.247L36.167 39.72l83.953-24.913 63.551 60.248Z"/><g filter="url(#e)"><path fill="#FAFAFA" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="url(#f)" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="#FAFAFA" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><path fill="url(#g)" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/></g><path fill="#FAFAFA" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="url(#h)" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="#FAFAFA" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><path fill="url(#i)" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><defs><linearGradient id="b" x1="13" x2="184.235" y1="99.969" y2="71.997" gradientUnits="userSpaceOnUse"><stop offset=".074" stop-color="#2F0"/><stop offset="1" stop-color="#0089FF"/></linearGradient><linearGradient id="c" x1="22.767" x2="186.365" y1="156.461" y2="64.715" gradientUnits="userSpaceOnUse"><stop stop-color="#1B1B1B"/><stop offset="1" stop-color="#1B1B1B"/></linearGradient><linearGradient id="d" x1="13" x2="184.235" y1="99.969" y2="71.997" gradientUnits="userSpaceOnUse"><stop offset=".074" stop-color="#2F0"/><stop offset="1" stop-color="#0089FF"/></linearGradient><linearGradient id="f" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="g" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="h" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="i" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><filter id="a" width="193.439" height="195.937" x="3" y="2" color-interpolation-filters="sRGB" filterUnits="userSpaceOnUse"><feFlood flood-opacity="0" result="BackgroundImageFix"/><feBlend in="SourceGraphic" in2="BackgroundImageFix" result="shape"/><feGaussianBlur result="effect1_foregroundBlur_1771_13699" stdDeviation="5"/></filter><filter id="e" width="116" height="54" x="42" y="73" color-interpolation-filters="sRGB" filterUnits="userSpaceOnUse"><feFlood flood-opacity="0" result="BackgroundImageFix"/><feBlend in="SourceGraphic" in2="BackgroundImageFix" result="shape"/><feGaussianBlur result="effect1_foregroundBlur_1771_13699" stdDeviation="1"/></filter></defs></svg>
Side by side

After

Width:  |  Height:  |  Size: 4 KiB

11
docs/index.md Normal file
View file

@ -0,0 +1,11 @@
# Coder Templates
Templates for [Coder](https://coder.com), built with [Tofunix](https://tofunix.projects.tf).
Check [this Coder tutorial](https://coder.com/docs/tutorials/template-from-scratch#add-the-template-files-to-coder) for how to install the templates ("Dashboard" method recommended).
## Templates
- [Nix Kubernetes](./parameters/nix-kubernetes.md) ([Download tar](https://gitlab.com/TECHNOFAB/coder-templates/-/jobs/artifacts/main/raw/templates/nix-kubernetes.tar?job=build:%20%5Bnix-kubernetes%5D))
> provisions a Coder workspace on Kubernetes, running a Nix-built image,
> which also contains Nix and supports Dotfiles management using home-manager.

15
docs/style.css Normal file
View file

@ -0,0 +1,15 @@
.md-header__button.md-logo {
margin: 0;
padding-top: .2rem;
padding-bottom: .2rem;
}
[dir="ltr"] .md-header__title {
margin-left: 0;
}
.md-header__button.md-logo img,
.md-header__button.md-logo svg {
height: 2rem;
}

866
flake.lock generated
View file

@ -1,878 +1,60 @@
{ {
"nodes": { "nodes": {
"bats-assert": {
"flake": false,
"locked": {
"lastModified": 1636059754,
"narHash": "sha256-ewME0l27ZqfmAwJO4h5biTALc9bDLv7Bl3ftBzBuZwk=",
"owner": "bats-core",
"repo": "bats-assert",
"rev": "34551b1d7f8c7b677c1a66fc0ac140d6223409e5",
"type": "github"
},
"original": {
"owner": "bats-core",
"repo": "bats-assert",
"type": "github"
}
},
"bats-support": {
"flake": false,
"locked": {
"lastModified": 1548869839,
"narHash": "sha256-Gr4ntadr42F2Ks8Pte2D4wNDbijhujuoJi4OPZnTAZU=",
"owner": "bats-core",
"repo": "bats-support",
"rev": "d140a65044b2d6810381935ae7f0c94c7023c8c3",
"type": "github"
},
"original": {
"owner": "bats-core",
"repo": "bats-support",
"type": "github"
}
},
"cachix": {
"inputs": {
"devenv": "devenv_2",
"flake-compat": [
"devenv",
"flake-compat"
],
"git-hooks": [
"devenv",
"pre-commit-hooks"
],
"nixpkgs": [
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1724232775,
"narHash": "sha256-6u2DycIEgrgNYlLxyGqdFVmBNiKIitnQKJ1pbRP5oko=",
"owner": "cachix",
"repo": "cachix",
"rev": "03b6cb3f953097bff378fb8b9ea094bd091a4ec7",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "cachix",
"type": "github"
}
},
"cachix_2": {
"inputs": {
"devenv": "devenv_3",
"flake-compat": [
"devenv",
"cachix",
"devenv",
"flake-compat"
],
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"pre-commit-hooks": [
"devenv",
"cachix",
"devenv",
"pre-commit-hooks"
]
},
"locked": {
"lastModified": 1712055811,
"narHash": "sha256-7FcfMm5A/f02yyzuavJe06zLa9hcMHsagE28ADcmQvk=",
"owner": "cachix",
"repo": "cachix",
"rev": "02e38da89851ec7fec3356a5c04bc8349cae0e30",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "cachix",
"type": "github"
}
},
"devenv": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat_2",
"nix": "nix_3",
"nixpkgs": "nixpkgs_3",
"pre-commit-hooks": "pre-commit-hooks_2"
},
"locked": {
"lastModified": 1726417371,
"narHash": "sha256-tBq8w81ZV48tyFhLz5WQjqfoEShIXkOb6Rlzidcz8yQ=",
"owner": "cachix",
"repo": "devenv",
"rev": "1f55f89ca32d617b7a7c18422e3c364cb003df3d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"devenv_2": {
"inputs": {
"cachix": "cachix_2",
"flake-compat": [
"devenv",
"cachix",
"flake-compat"
],
"nix": "nix_2",
"nixpkgs": [
"devenv",
"cachix",
"nixpkgs"
],
"pre-commit-hooks": [
"devenv",
"cachix",
"git-hooks"
]
},
"locked": {
"lastModified": 1723156315,
"narHash": "sha256-0JrfahRMJ37Rf1i0iOOn+8Z4CLvbcGNwa2ChOAVrp/8=",
"owner": "cachix",
"repo": "devenv",
"rev": "ff5eb4f2accbcda963af67f1a1159e3f6c7f5f91",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"devenv_3": {
"inputs": {
"flake-compat": [
"devenv",
"cachix",
"devenv",
"cachix",
"flake-compat"
],
"nix": "nix",
"nixpkgs": "nixpkgs",
"poetry2nix": "poetry2nix",
"pre-commit-hooks": [
"devenv",
"cachix",
"devenv",
"cachix",
"pre-commit-hooks"
]
},
"locked": {
"lastModified": 1708704632,
"narHash": "sha256-w+dOIW60FKMaHI1q5714CSibk99JfYxm0CzTinYWr+Q=",
"owner": "cachix",
"repo": "devenv",
"rev": "2ee4450b0f4b95a1b90f2eb5ffea98b90e48c196",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "python-rewrite",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1634851050,
"narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c91f3de5adaf1de973b797ef7485e441a65b8935",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"devenv",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1697646580,
"narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
"type": "github"
},
"original": {
"owner": "libgit2",
"repo": "libgit2",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1712911606,
"narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=",
"owner": "domenkozar",
"repo": "nix",
"rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.21",
"repo": "nix",
"type": "github"
}
},
"nix-devtools": {
"locked": {
"dir": "lib",
"lastModified": 1722613543,
"narHash": "sha256-P3UoMSECGwbMAWIwViPlbw2s8lIqsj3uFzO/G/5EfnI=",
"owner": "TECHNOFAB",
"repo": "nix-devtools",
"rev": "a004f97ca84673c4438a8853ba3b5b3186903752",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "nix-devtools",
"type": "gitlab"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688870561,
"narHash": "sha256-4UYkifnPEw1nAzqqPOTL2MvWtm3sNGw1UTYTalkTcGY=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "165b1650b753316aa7f1787f3005a8d2da0f5301",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-gitlab-ci": {
"locked": {
"dir": "lib",
"lastModified": 1749124633,
"narHash": "sha256-vgYHrbAFRfgNYysW74Eam/S7KruYWMLCHG4U32xgHKY=",
"owner": "TECHNOFAB",
"repo": "nix-gitlab-ci",
"rev": "f121b10dc9a7417906a886154e3065410a72462d",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"ref": "2.1.0",
"repo": "nix-gitlab-ci",
"type": "gitlab"
}
},
"nix_2": {
"inputs": {
"flake-compat": [
"devenv",
"cachix",
"devenv",
"flake-compat"
],
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression_2"
},
"locked": {
"lastModified": 1712911606,
"narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=",
"owner": "domenkozar",
"repo": "nix",
"rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.21",
"repo": "nix",
"type": "github"
}
},
"nix_3": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"flake-parts": "flake-parts",
"libgit2": "libgit2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression_3",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1725980365,
"narHash": "sha256-uDwWyizzlQ0HFzrhP6rVp2+2NNA+/TM5zT32dR8GUlg=",
"owner": "domenkozar",
"repo": "nix",
"rev": "1e61e9f40673f84c3b02573145492d8af581bec5",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.24",
"repo": "nix",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1692808169, "lastModified": 1762596750,
"narHash": "sha256-x9Opq06rIiwdwGeK2Ykj69dNc2IvUH1fY55Wm7atwrE=", "narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9201b5ff357e781bf014d0330d18555695df7ba8", "rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixpkgs-unstable", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"dir": "lib", "lastModified": 1754184128,
"lastModified": 1711703276, "narHash": "sha256-AjhoyBL4eSyXf01Bmc6DiuaMrJRNdWopmdnMY0Pa/M0=",
"narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-regression_2": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-regression_3": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1717432640,
"narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1716977621,
"narHash": "sha256-Q1UQzYcMJH4RscmpTkjlgqQDX5yi1tZL0O345Ri6vXQ=",
"owner": "cachix",
"repo": "devenv-nixpkgs",
"rev": "4267e705586473d3e5c8d50299e71503f16a6fb6",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "rolling",
"repo": "devenv-nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1728249353,
"narHash": "sha256-7NBJm1jfMeAowE1J2oljYqWVvI9X7FyyxBY4O8uB/Os=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8a17040be4a20b29589cb4043a9e0c36af1930e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1636823747,
"narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f6a2ed2082d9a51668c86ba27d0b5496f7a2ea93",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1692876271,
"narHash": "sha256-IXfZEkI0Mal5y1jr6IRWMqK8GW2/f28xJenZIPQqkY0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "nixpkgs.lib",
"rev": "d5006be9c2c2417dafb2e2e5034d83fabd207ee3", "rev": "02e72200e6d56494f4a7c0da8118760736e41b60",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "nixpkgs.lib",
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks": { "ren": {
"inputs": { "inputs": {
"flake-compat": [ "nixpkgs-lib": "nixpkgs-lib"
"devenv",
"nix"
],
"flake-utils": "flake-utils_2",
"gitignore": [
"devenv",
"nix"
],
"nixpkgs": [
"devenv",
"nix",
"nixpkgs"
],
"nixpkgs-stable": [
"devenv",
"nix",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1712897695, "dir": "lib",
"narHash": "sha256-nMirxrGteNAl9sWiOhoN5tIHyjBbVi5e2tgZUgZlK3Y=", "lastModified": 1758738378,
"owner": "cachix", "narHash": "sha256-NjzqdvQCDDdObEBH8x/vdhbdhrIB+N9E570uCdksGHY=",
"repo": "pre-commit-hooks.nix", "owner": "rensa-nix",
"rev": "40e6053ecb65fcbf12863338a6dcefb3f55f1bf8", "repo": "core",
"type": "github" "rev": "abe19f9f13aff41de2b63304545c87d193d19ef4",
"type": "gitlab"
}, },
"original": { "original": {
"owner": "cachix", "dir": "lib",
"repo": "pre-commit-hooks.nix", "owner": "rensa-nix",
"type": "github" "repo": "core",
} "type": "gitlab"
},
"pre-commit-hooks_2": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1725513492,
"narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "7570de7b9b504cfe92025dd1be797bf546f66528",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
} }
}, },
"root": { "root": {
"inputs": { "inputs": {
"devenv": "devenv", "nixpkgs": "nixpkgs",
"flake-parts": "flake-parts_2", "ren": "ren"
"nix-devtools": "nix-devtools",
"nix-gitlab-ci": "nix-gitlab-ci",
"nixpkgs": "nixpkgs_4",
"systems": "systems_2",
"terranix": "terranix",
"treefmt-nix": "treefmt-nix"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": {
"inputs": {
"bats-assert": "bats-assert",
"bats-support": "bats-support",
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_5",
"terranix-examples": "terranix-examples"
},
"locked": {
"lastModified": 1695406838,
"narHash": "sha256-xiUfVD6rtsVWFotVtUW3Q1nQh4obKzgvpN1wqZuGXvM=",
"owner": "terranix",
"repo": "terranix",
"rev": "fc9077ca02ab5681935dbf0ecd725c4d889b9275",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix",
"type": "github"
}
},
"terranix-examples": {
"locked": {
"lastModified": 1636300201,
"narHash": "sha256-0n1je1WpiR6XfCsvi8ZK7GrpEnMl+DpwhWaO1949Vbc=",
"owner": "terranix",
"repo": "terranix-examples",
"rev": "a934aa1cf88f6bd6c6ddb4c77b77ec6e1660bd5e",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix-examples",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1725271838,
"narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
} }
} }
}, },

192
flake.nix
View file

@ -1,175 +1,37 @@
{ {
description = "Coder Templates"; inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
ren.url = "gitlab:rensa-nix/core?dir=lib";
};
outputs = { outputs = {
nixpkgs, ren,
flake-parts, self,
systems,
... ...
} @ inputs: } @ inputs:
flake-parts.lib.mkFlake {inherit inputs;} { ren.buildWith
imports = [ {
inputs.devenv.flakeModule inherit inputs;
inputs.nix-gitlab-ci.flakeModule cellsFrom = ./nix;
inputs.nix-devtools.flakeModule transformInputs = system: i:
inputs.treefmt-nix.flakeModule i
]; // {
systems = import systems; pkgs = import i.nixpkgs {
flake = {
};
perSystem = {
pkgs,
config,
system,
...
}: {
_module.args.pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
treefmt = {
projectRootFile = "flake.nix";
programs = {
alejandra.enable = true;
mdformat = {
enable = true;
package = pkgs.mdformat.withPlugins (p: [
p.mdformat-gfm-alerts
]);
};
};
};
devenv.shells.default = {
packages = with pkgs; [
opentofu
coder
buildah
];
pre-commit.hooks = {
treefmt = {
enable = true;
packageOverrides.treefmt = config.treefmt.build.wrapper;
};
convco.enable = true;
};
task = {
enable = true;
alias = ",";
tasks = {
"build" = {
requires.vars = ["TEMPLATE"];
cmds = [
"nix build .#{{ .TEMPLATE }}"
"install result {{ .TEMPLATE }}/template.tf.json"
];
};
"validate" = {
desc = "Validate the resulting terraform files";
deps = ["build"];
requires.vars = ["TEMPLATE"];
dir = "{{ .TEMPLATE }}";
cmds = [
"${pkgs.opentofu}/bin/tofu init"
"${pkgs.opentofu}/bin/tofu validate"
];
};
"upload-to-coder" = {
desc = "Uploads the specified template to coder";
deps = ["build" "validate"];
requires.vars = ["TEMPLATE"];
dir = "{{ .TEMPLATE }}";
interactive = true;
cmd = ''${pkgs.coder}/bin/coder templates push "{{ .TEMPLATE }}"'';
};
};
};
};
packages = {
nix-coder-image = pkgs.callPackage ./image.nix {};
nix-kubernetes = inputs.terranix.lib.terranixConfiguration {
inherit system; inherit system;
modules = [./nix-kubernetes];
}; };
}; };
cellBlocks = with ren.blocks; [
ci = { (simple "devShells")
stages = ["build" "upload"]; (simple "docs")
jobs = let (simple "ci")
SYSTEMS = ["aarch64-linux" "x86_64-linux"]; (simple "packages")
in { ];
"build" = { }
stage = "build"; {
parallel.matrix = [ packages = ren.select self [
{TEMPLATE = ["nix-kubernetes"];} ["repo" "ci" "packages"]
]; ["repo" "docs"]
nix.deps = [pkgs.gnutar]; ["packages" "packages"]
script = [ ];
"nix build .#\${TEMPLATE}"
"install -D result templates/\${TEMPLATE}.tf.json"
"tar -cf templates/\${TEMPLATE}.tar -C templates \${TEMPLATE}.tf.json"
];
artifacts.paths = ["templates/"];
};
"build:image" = {
stage = "build";
parallel.matrix = [
{SYSTEM = SYSTEMS;}
];
script = [
"nix build .#nix-coder-image --system $SYSTEM"
"install -D result dist/nix-coder-image_\${SYSTEM}.tar.gz"
];
artifacts.paths = ["dist/"];
};
"upload" = {
stage = "upload";
nix.deps = [pkgs.buildah];
needs = ["build:image"];
before_script = [
''export REGISTRY_AUTH_FILE=''${HOME}/auth.json''
''echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY''
''
mkdir -p /etc/containers &&
echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
''
''mkdir -p /var/tmp''
];
script =
[
''buildah manifest create localhost/nix-coder-image''
]
++ (
builtins.map (sys: ''
buildah manifest add localhost/nix-coder-image docker-archive:dist/nix-coder-image_${sys}.tar.gz
'')
SYSTEMS
)
++ [
''
buildah manifest push --all localhost/nix-coder-image \
docker://''${CI_REGISTRY_IMAGE}/nix-coder-image:$CI_COMMIT_SHORT_SHA
''
];
};
};
};
};
}; };
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
systems.url = "github:nix-systems/default";
devenv.url = "github:cachix/devenv";
nix-gitlab-ci.url = "gitlab:TECHNOFAB/nix-gitlab-ci/2.1.0?dir=lib";
nix-devtools.url = "gitlab:TECHNOFAB/nix-devtools?dir=lib";
treefmt-nix.url = "github:numtide/treefmt-nix";
terranix.url = "github:terranix/terranix";
};
} }

100
nix-kubernetes/coder.nix
View file

@ -1,7 +1,15 @@
{...}: { {
locals."git_repo_folder" = let ref,
split_repo = ''split("/", data.coder_parameter.git_repo.value)''; utils,
in ''''${try(element(${split_repo}, length(${split_repo}) - 1), "")}''; ...
}: {
locals."git_repo_folder" = with utils; let
split_repo = split (quot "") ref.data.coder_parameter.git_repo.value;
in
try [
(element split_repo "${rb (length split_repo)} - 1")
(quot "")
];
data = { data = {
coder_external_auth."gitlab" = { coder_external_auth."gitlab" = {
@ -14,7 +22,7 @@
resource = { resource = {
coder_agent."coder" = { coder_agent."coder" = {
arch = "\${var.arch}"; arch = ref.var.arch;
os = "linux"; os = "linux";
metadata = [ metadata = [
{ {
@ -34,7 +42,7 @@
{ {
display_name = "Home Disk"; display_name = "Home Disk";
key = "2_home_disk"; key = "2_home_disk";
script = "coder stat disk --path $${HOME}"; script = "coder stat disk --path $HOME";
interval = 60; interval = 60;
timeout = 1; timeout = 1;
} }
@ -48,59 +56,65 @@
]; ];
}; };
coder_script."git_clone" = { coder_script."git_clone" = {
agent_id = "\${coder_agent.coder.id}"; agent_id = ref.coder_agent.coder.id;
display_name = "Git Clone"; display_name = "Git Clone";
icon = "/icon/git.svg"; icon = "/icon/git.svg";
script = let script = let
repo = ''''${data.coder_parameter.git_repo.value}''; repo = ref.data.coder_parameter.git_repo.value;
repo_folder = ''''${local.git_repo_folder}''; repo_folder = ref.local.git_repo_folder;
in '' in
mkdir -p ~/repos # sh
if [ ! -z "${repo}" ]; then ''
echo "Cloning repo \"${repo}\" if it does not exist" mkdir -p ~/repos
pushd ~/repos >/dev/null if [ ! -z "${repo}" ]; then
if [[ ! -d "${repo_folder}" ]] then echo "Cloning repo \"${repo}\" if it does not exist"
git clone ${repo} ${repo_folder} pushd ~/repos >/dev/null
fi if [[ ! -d "${repo_folder}" ]] then
popd >/dev/null git clone ${repo} ${repo_folder}
else fi
echo "No git repo specified, skipping..." popd >/dev/null
fi else
''; echo "No git repo specified, skipping..."
fi
'';
run_on_start = true; run_on_start = true;
start_blocks_login = true; start_blocks_login = true;
}; };
coder_script."home-manager" = { coder_script."home-manager" = {
agent_id = "\${coder_agent.coder.id}"; agent_id = ref.coder_agent.coder.id;
display_name = "Home Manager"; display_name = "Home Manager";
icon = "/emojis/1f3e0.png"; icon = "/emojis/1f3e0.png";
script = '' script =
if [ ! -z "$DOTFILES_REPO" ]; then # sh
echo "Dotfiles present, reloading home-manager profile" ''
reload-dotfiles if [ ! -z "$DOTFILES_REPO" ]; then
# the homeConfiguration can specify a program "coder_startup", run it echo "Dotfiles present, reloading home-manager profile"
# here if it exists reload-dotfiles
if command -v coder_startup &> /dev/null; then # the homeConfiguration can specify a program "coder_startup", run it
echo "Running startup tasks..." # here if it exists
coder_startup if command -v coder_startup &> /dev/null; then
echo "Running startup tasks..."
coder_startup
fi
else
echo "No dotfiles repo specified, skipping..."
fi fi
else '';
echo "No dotfiles repo specified, skipping..."
fi
'';
run_on_start = true; run_on_start = true;
start_blocks_login = true; start_blocks_login = true;
}; };
coder_script."home-manager-shutdown" = { coder_script."home-manager-shutdown" = {
agent_id = "\${coder_agent.coder.id}"; agent_id = ref.coder_agent.coder.id;
display_name = "Home Manager Shutdown"; display_name = "Home Manager Shutdown";
icon = "/emojis/1f3e0.png"; icon = "/emojis/1f3e0.png";
script = '' script =
if command -v coder_shutdown &> /dev/null; then # sh
echo "Running shutdown tasks..." ''
coder_shutdown if command -v coder_shutdown &> /dev/null; then
fi echo "Running shutdown tasks..."
''; coder_shutdown
fi
'';
run_on_stop = true; run_on_stop = true;
}; };
}; };

18
nix-kubernetes/default.nix
View file

@ -1,24 +1,8 @@
{...}: { {
imports = [ imports = [
./parameters.nix ./parameters.nix
./variables.nix ./variables.nix
./coder.nix ./coder.nix
./kubernetes.nix ./kubernetes.nix
]; ];
terraform.required_providers = {
coder = {
source = "coder/coder";
version = "2.8.0";
};
kubernetes = {
source = "hashicorp/kubernetes";
version = "2.29.0";
};
};
provider = {
coder = {};
kubernetes = {};
};
} }

380
nix-kubernetes/kubernetes.nix
View file

@ -1,197 +1,215 @@
{...}: { {
ref,
utils,
...
}: let
identifier = with utils; "${lower ref.data.coder_workspace_owner.me.name}-${lower ref.data.coder_workspace.me.name}";
in {
resource = { resource = {
kubernetes_pod."workspace" = { kubernetes_pod."workspace" = {
count = "\${data.coder_workspace.me.start_count}"; count = ref.data.coder_workspace.me.start_count;
metadata = { metadata = [
name = "coder-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; {
namespace = "\${var.namespace}"; name = "coder-${identifier}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}"; namespace = ref.var.namespace;
labels = { annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
"app.kubernetes.io/instance" = "coder-workspace-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; labels = {
"app.kubernetes.io/name" = "coder-workspace"; "app.kubernetes.io/instance" = "coder-workspace-${identifier}";
"app.kubernetes.io/part-of" = "coder"; "app.kubernetes.io/name" = "coder-workspace";
"com.coder.resource" = "true"; "app.kubernetes.io/part-of" = "coder";
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}"; "com.coder.resource" = "true";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}"; "com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}"; "com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}"; "com.coder.workspace.id" = ref.data.coder_workspace.me.id;
}; "com.coder.workspace.name" = ref.data.coder_workspace.me.name;
}; };
}
];
# give the shutdown tasks enough time to run # give the shutdown tasks enough time to run
timeouts.delete = "31m"; timeouts.delete = "31m";
spec = { spec = [
termination_grace_period_seconds = 1800; {
affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution = { termination_grace_period_seconds = 1800;
weight = 1; affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution = {
pod_affinity_term = { weight = 1;
topology_key = "kubernetes.io/hostname"; pod_affinity_term = {
label_selector.match_expressions = { topology_key = "kubernetes.io/hostname";
key = "app.kubernetes.io/name"; label_selector.match_expressions = {
operator = "In"; key = "app.kubernetes.io/name";
values = ["coder-workspace"]; operator = "In";
values = ["coder-workspace"];
};
}; };
}; };
}; init_container = [
init_container = [ {
{ name = "chown";
name = "chown"; image = "alpine:3";
image = "alpine:3"; command = ["chown" "1000:1000" "/mnt/nix" "/mnt/tmp" "/mnt/home"];
command = ["chown" "1000:1000" "/mnt/nix" "/mnt/tmp" "/mnt/home"]; security_context.run_as_user = "0";
security_context.run_as_user = "0"; volume_mount = [
volume_mount = [ {
{ mount_path = "/mnt/home";
mount_path = "/mnt/home"; name = "home";
name = "home"; read_only = false;
read_only = false; }
} {
{ mount_path = "/mnt/nix";
mount_path = "/mnt/nix"; name = "nix-store";
name = "nix-store"; read_only = false;
read_only = false; }
} {
{ mount_path = "/mnt/tmp";
mount_path = "/mnt/tmp"; name = "tmp";
name = "tmp"; read_only = false;
read_only = false; }
} ];
]; }
} {
{ name = "copy-nix-store";
name = "copy-nix-store"; image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:${ref.data.coder_parameter.image_tag.value}";
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:\${data.coder_parameter.image_tag.value}"; command = ["cp" "-nR" "/nix/." "/pv_nix"];
command = ["cp" "-nR" "/nix/." "/pv_nix"]; security_context.run_as_user = "1000";
security_context.run_as_user = "1000"; volume_mount = [
volume_mount = [ {
{ mount_path = "/pv_nix";
mount_path = "/pv_nix"; name = "nix-store";
name = "nix-store"; read_only = false;
read_only = false; }
} ];
]; }
} ];
]; container = [
container = [ {
{ name = "workspace";
name = "workspace"; image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:${ref.data.coder_parameter.image_tag.value}";
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:\${data.coder_parameter.image_tag.value}"; command = ["/bin/sh" "-c" "${ref.coder_agent.coder.init_script}"];
command = ["/bin/sh" "-c" "\${resource.coder_agent.coder.init_script}"]; env = [
env = [ {
{ name = "CODER_AGENT_TOKEN";
name = "CODER_AGENT_TOKEN"; value = ref.coder_agent.coder.token;
value = "\${resource.coder_agent.coder.token}"; }
} {
{ name = "DOTFILES_REPO";
name = "DOTFILES_REPO"; value = ref.data.coder_parameter.dotfiles_repo.value;
value = "\${data.coder_parameter.dotfiles_repo.value}"; }
} {
{ name = "TZ";
name = "TZ"; value = ref.data.coder_parameter.timezone.value;
value = "\${data.coder_parameter.timezone.value}"; }
} {
{ name = "NIX_CONFIG";
name = "NIX_CONFIG"; value = ref.data.coder_parameter.nix_config.value;
value = "\${data.coder_parameter.nix_config.value}"; }
} ];
]; resources = {
resources = { requests = {
requests = { cpu = ref.var.cpu_request;
cpu = "\${var.cpu_request}"; memory = ref.var.memory_request;
memory = "\${var.memory_request}"; };
limits = {
cpu = ref.data.coder_parameter.cpu.value;
memory = ref.data.coder_parameter.memory.value;
};
}; };
limits = { security_context = {
cpu = "\${data.coder_parameter.cpu.value}"; run_as_user = "1000";
memory = "\${data.coder_parameter.memory.value}"; run_as_group = "1000";
}; };
}; volume_mount = [
security_context = { {
run_as_user = 1000; mount_path = "/home";
run_as_group = 1000; name = "home";
}; read_only = false;
volume_mount = [ }
{ {
mount_path = "/home"; mount_path = "/nix";
name = "home"; name = "nix-store";
read_only = false; read_only = false;
} }
{ {
mount_path = "/nix"; mount_path = "/tmp";
name = "nix-store"; name = "tmp";
read_only = false; read_only = false;
} }
{ ];
mount_path = "/tmp"; }
name = "tmp"; ];
read_only = false; security_context = {
} run_as_user = "1000";
]; run_as_group = "1000";
} };
]; volume = [
security_context = { {
run_as_user = 1000; name = "home";
run_as_group = 1000; persistent_volume_claim.claim_name = ref.kubernetes_persistent_volume_claim.home.metadata ".0.name";
}; }
volume = [ {
{ name = "nix-store";
name = "home"; persistent_volume_claim.claim_name = ref.kubernetes_persistent_volume_claim.nix-store.metadata ".0.name";
persistent_volume_claim.claim_name = "\${resource.kubernetes_persistent_volume_claim.home.metadata.0.name}"; }
} {
{ name = "tmp";
name = "nix-store"; empty_dir = {
persistent_volume_claim.claim_name = "\${resource.kubernetes_persistent_volume_claim.nix-store.metadata.0.name}"; medium = "Memory";
} # not used for now
{ # sizeLimit = "200Mi";
name = "tmp"; };
empty_dir = { }
medium = "Memory"; ];
# not used for now }
# sizeLimit = "200Mi"; ];
};
}
];
};
}; };
kubernetes_persistent_volume_claim."home" = { kubernetes_persistent_volume_claim."home" = {
metadata = { metadata = [
name = "coder-home-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; {
namespace = "\${var.namespace}"; name = "coder-home-${identifier}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}"; namespace = ref.var.namespace;
labels = { annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
"app.kubernetes.io/instance" = "coder-pvc-home-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; labels = {
"app.kubernetes.io/name" = "coder-pvc"; "app.kubernetes.io/instance" = "coder-pvc-home-${identifier}";
"app.kubernetes.io/part-of" = "coder"; "app.kubernetes.io/name" = "coder-pvc";
"com.coder.resource" = "true"; "app.kubernetes.io/part-of" = "coder";
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}"; "com.coder.resource" = "true";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}"; "com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}"; "com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}"; "com.coder.workspace.id" = ref.data.coder_workspace.me.id;
}; "com.coder.workspace.name" = ref.data.coder_workspace.me.name;
}; };
spec = { }
access_modes = ["ReadWriteOnce"]; ];
resources.requests.storage = "\${data.coder_parameter.home_disk_size.value}Gi"; spec = [
}; {
access_modes = ["ReadWriteOnce"];
resources.requests.storage = "${ref.data.coder_parameter.home_disk_size.value}Gi";
}
];
wait_until_bound = false; wait_until_bound = false;
}; };
kubernetes_persistent_volume_claim."nix-store" = { kubernetes_persistent_volume_claim."nix-store" = {
metadata = { metadata = [
name = "coder-nix-store-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; {
namespace = "\${var.namespace}"; name = "coder-nix-store-${identifier}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}"; namespace = ref.var.namespace;
labels = { annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
"app.kubernetes.io/instance" = "coder-pvc-nix-store-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}"; labels = {
"app.kubernetes.io/name" = "coder-pvc"; "app.kubernetes.io/instance" = "coder-pvc-nix-store-${identifier}";
"app.kubernetes.io/part-of" = "coder"; "app.kubernetes.io/name" = "coder-pvc";
"com.coder.resource" = "true"; "app.kubernetes.io/part-of" = "coder";
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}"; "com.coder.resource" = "true";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}"; "com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}"; "com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}"; "com.coder.workspace.id" = ref.data.coder_workspace.me.id;
}; "com.coder.workspace.name" = ref.data.coder_workspace.me.name;
}; };
spec = { }
access_modes = ["ReadWriteOnce"]; ];
resources.requests.storage = "\${data.coder_parameter.nix_store_disk_size.value}Gi"; spec = [
}; {
access_modes = ["ReadWriteOnce"];
resources.requests.storage = "${ref.data.coder_parameter.nix_store_disk_size.value}Gi";
}
];
wait_until_bound = false; wait_until_bound = false;
}; };
}; };

24
nix-kubernetes/parameters.nix
View file

@ -1,6 +1,6 @@
{...}: { {
data.coder_parameter = { data.coder_parameter = {
dotfiles_repo = { "dotfiles_repo" = {
name = "Dotfiles Repository (passed to home-manager)"; name = "Dotfiles Repository (passed to home-manager)";
description = '' description = ''
Nix flake URI to your dotfiles repository, eg. Nix flake URI to your dotfiles repository, eg.
@ -13,7 +13,7 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
git_repo = { "git_repo" = {
name = "Git Repository"; name = "Git Repository";
description = '' description = ''
URI for a git repository which should automatically be cloned to ~/repos/<name> URI for a git repository which should automatically be cloned to ~/repos/<name>
@ -23,7 +23,7 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
image_tag = { "image_tag" = {
name = "Image Tag"; name = "Image Tag";
description = '' description = ''
Which container image tag should be used. Which container image tag should be used.
@ -33,7 +33,7 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
cpu = { "cpu" = {
name = "CPU"; name = "CPU";
description = '' description = ''
CPU Limit for Kubernetes Pod. Kubernetes Notation (eg. 500m) CPU Limit for Kubernetes Pod. Kubernetes Notation (eg. 500m)
@ -43,7 +43,7 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
memory = { "memory" = {
name = "Memory"; name = "Memory";
description = '' description = ''
Memory Limit for Kubernetes Pod. Kubernetes Notation (eg. 1Gi) Memory Limit for Kubernetes Pod. Kubernetes Notation (eg. 1Gi)
@ -53,12 +53,12 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
home_disk_size = { "home_disk_size" = {
name = "Home Disk Size"; name = "Home Disk Size";
description = '' description = ''
Size for the /home PV in GB Size for the /home PV in GB
''; '';
default = 5; default = "5";
order = 6; order = 6;
type = "number"; type = "number";
mutable = true; mutable = true;
@ -70,12 +70,12 @@
} }
]; ];
}; };
nix_store_disk_size = { "nix_store_disk_size" = {
name = "Nix Store Disk Size"; name = "Nix Store Disk Size";
description = '' description = ''
Size for the /nix PV in GB. This might grow pretty big. Size for the /nix PV in GB. This might grow pretty big.
''; '';
default = 5; default = "5";
order = 7; order = 7;
type = "number"; type = "number";
mutable = true; mutable = true;
@ -87,7 +87,7 @@
} }
]; ];
}; };
timezone = { "timezone" = {
name = "Timezone"; name = "Timezone";
description = '' description = ''
Content of the TZ environment variable. Content of the TZ environment variable.
@ -97,7 +97,7 @@
type = "string"; type = "string";
mutable = true; mutable = true;
}; };
nix_config = { "nix_config" = {
name = "Nix Config"; name = "Nix Config";
description = '' description = ''
Nix config, will be put into $NIX_CONFIG Nix config, will be put into $NIX_CONFIG

10
nix-kubernetes/variables.nix
View file

@ -1,10 +1,10 @@
{...}: { {
variable = { variable = {
namespace = { "namespace" = {
type = "string"; type = "string";
description = "Kubernetes namespace (must exist prior to creating workspaces)"; description = "Kubernetes namespace (must exist prior to creating workspaces)";
}; };
arch = { "arch" = {
type = "string"; type = "string";
description = "Architecture of the host"; description = "Architecture of the host";
validation = { validation = {
@ -12,12 +12,12 @@
error_message = "Invalid architecture selected"; error_message = "Invalid architecture selected";
}; };
}; };
cpu_request = { "cpu_request" = {
type = "string"; type = "string";
description = "CPU request to apply to workspaces. Kubernetes Notation (eg. 500m)"; description = "CPU request to apply to workspaces. Kubernetes Notation (eg. 500m)";
default = "0"; default = "0";
}; };
memory_request = { "memory_request" = {
type = "string"; type = "string";
description = "Memory request to apply to workspaces. Kubernetes Notation (eg. 1Gi)"; description = "Memory request to apply to workspaces. Kubernetes Notation (eg. 1Gi)";
default = "0"; default = "0";

28
nix/packages/flake.lock generated Normal file
View file

@ -0,0 +1,28 @@
{
"nodes": {
"root": {
"inputs": {
"tofunix-lib": "tofunix-lib"
}
},
"tofunix-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763484138,
"narHash": "sha256-4WuyFH0OxRD1urqKQR62LioYRStit63s4sFo18CDJOA=",
"owner": "TECHNOFAB",
"repo": "tofunix",
"rev": "cb0605cf53f61286407345d1ee32395e54ba42d1",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "tofunix",
"type": "gitlab"
}
}
},
"root": "root",
"version": 7
}

10
nix/packages/flake.nix Normal file
View file

@ -0,0 +1,10 @@
{
inputs = {
tofunix-lib.url = "gitlab:TECHNOFAB/tofunix?dir=lib";
};
outputs = i:
i
// {
tofulib = i.tofunix-lib.lib {inherit (i.parent) pkgs;};
};
}

0
image.nix → nix/packages/image.nix
View file

23
nix/packages/packages.nix Normal file
View file

@ -0,0 +1,23 @@
{inputs, ...}: let
inherit (inputs) self pkgs tofulib;
in rec {
nix-coder-image = pkgs.callPackage ./image.nix {};
nix-kubernetes = nix-kubernetes-cli.tfjson;
nix-kubernetes-cli = tofulib.mkCliAio {
plugins = [
(tofulib.mkOpentofuProvider {
owner = "coder";
repo = "coder";
version = "2.8.0";
hash = "sha256-wnjgnD1c6U42ceizqfBG6SE4YXm7rZ7kyYkAdtE8t0k=";
})
(tofulib.mkOpentofuProvider {
owner = "hashicorp";
repo = "kubernetes";
version = "2.29.0";
hash = "sha256-r8DomSe+gUAbHuc8ciiuVl/6IeeIjJK6HFVaqAsnze8=";
})
];
moduleConfig = "${self}/nix-kubernetes";
};
}

95
nix/repo/ci.nix Normal file
View file

@ -0,0 +1,95 @@
{inputs, ...}: let
inherit (inputs) pkgs cilib;
inherit (pkgs.lib) concatStringsSep;
in
cilib.mkCI {
pipelines."default" = {
stages = ["build" "upload"];
jobs = let
SYSTEMS = ["aarch64-linux" "x86_64-linux"];
TEMPLATES = ["nix-kubernetes"];
in {
"build" = {
stage = "build";
parallel.matrix = [
{TEMPLATE = TEMPLATES;}
];
nix.deps = [pkgs.gnutar];
script = [
# sh
''
nix build .#''${TEMPLATE}
install -D result templates/''${TEMPLATE}.tf.json
tar -cf templates/''${TEMPLATE}.tar -C templates ''${TEMPLATE}.tf.json
''
];
artifacts.paths = ["templates/"];
};
"build:image" = {
stage = "build";
parallel.matrix = [
{SYSTEM = SYSTEMS;}
];
script = [
# sh
''
nix build .#nix-coder-image --system $SYSTEM
install -D result dist/nix-coder-image_''${SYSTEM}.tar.gz
''
];
artifacts.paths = ["dist/"];
};
"docs" = {
stage = "build";
script = [
# sh
''
nix build .#docs:default
mkdir -p public
cp -r result/. public/
''
];
artifacts.paths = ["public"];
};
"pages" = {
nix.enable = false;
image = "alpine:latest";
stage = "upload";
script = ["true"];
artifacts.paths = ["public"];
rules = [
{
"if" = "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH";
}
];
};
"upload" = {
stage = "upload";
nix.deps = [pkgs.buildah];
needs = ["build:image"];
before_script = [
# sh
''
export REGISTRY_AUTH_FILE=''${HOME}/auth.json
echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
mkdir -p /etc/containers
echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
mkdir -p /var/tmp
''
];
script = [
# sh
''
buildah manifest create localhost/nix-coder-image
${concatStringsSep "\n" (map (
sys: "buildah manifest add localhost/nix-coder-image docker-archive:dist/nix-coder-image_${sys}.tar.gz"
)
SYSTEMS)}
buildah manifest push --all localhost/nix-coder-image \
docker://''${CI_REGISTRY_IMAGE}/nix-coder-image:$CI_COMMIT_SHORT_SHA
''
];
};
};
};
}

23
nix/repo/devShells.nix Normal file
View file

@ -0,0 +1,23 @@
{
inputs,
cell,
...
}: let
inherit (inputs) pkgs devshell treefmt soonix;
inherit (cell) ci;
in {
default = devshell.mkShell {
imports = [
soonix.devshellModule
];
packages = [
(treefmt.mkWrapper pkgs {
programs = {
alejandra.enable = true;
mdformat.enable = true;
};
})
];
soonix.hooks.ci = ci.soonix;
};
}

80
nix/repo/docs.nix Normal file
View file

@ -0,0 +1,80 @@
{inputs, ...}: let
inherit (inputs) cells doclib pkgs;
inherit (pkgs.lib) concatMapStringsSep;
in
(doclib.mkDocs {
docs."default" = {
base = "${inputs.self}";
path = "${inputs.self}/docs";
material = {
enable = true;
colors = {
primary = "green";
accent = "light blue";
};
umami = {
enable = true;
src = "https://analytics.tf/umami";
siteId = "dc8d1f6c-50f6-4019-9b0d-9b924dedb111";
domains = ["coder-templates.projects.tf"];
};
};
dynamic-nav = {
enable = true;
files."Parameters" = map (template: {
${template} =
builtins.toFile "${template}.md"
# md
''
# ${template} Parameters
${
concatMapStringsSep "\n" (param: ''
## ${param.name}
${param.description}
Type: `${param.type}` <br>
Mutable: `${
if param.mutable
then "true"
else "false"
}` <br>
${
if param.default != ""
then "Default: `${param.default}` <br>"
else ""
}
'')
(builtins.attrValues cells.packages.packages."${template}-cli".module.config.data.coder_parameter)
}
'';
}) ["nix-kubernetes"];
};
config = {
site_name = "Coder Templates";
site_url = "https://coder-templates.projects.tf";
repo_name = "TECHNOFAB/coder-templates";
repo_url = "https://gitlab.com/TECHNOFAB/coder-templates";
extra_css = ["style.css"];
theme = {
logo = "images/logo.svg";
icon.repo = "simple/gitlab";
favicon = "images/logo.svg";
};
nav = [
{"Introduction" = "index.md";}
];
markdown_extensions = [
{
"pymdownx.highlight".pygments_lang_class = true;
}
"pymdownx.inlinehilite"
"pymdownx.snippets"
"pymdownx.superfences"
"pymdownx.escapeall"
"fenced_code"
];
};
};
}).packages

100
nix/repo/flake.lock generated Normal file
View file

@ -0,0 +1,100 @@
{
"nodes": {
"devshell-lib": {
"locked": {
"dir": "lib",
"lastModified": 1758204313,
"narHash": "sha256-ainbY0Oajb1HMdvy+A8QxF/P5qwcbEzJGEY5pzKdDdc=",
"owner": "rensa-nix",
"repo": "devshell",
"rev": "7d0c4bc78d9f017a739b0c7eb2f4e563118353e6",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "rensa-nix",
"repo": "devshell",
"type": "gitlab"
}
},
"nix-gitlab-ci-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763066668,
"narHash": "sha256-mcNiuWf5R0qS7Be4EFAxPStl3SSYPhg4PSPAXgjKJj0=",
"owner": "TECHNOFAB",
"repo": "nix-gitlab-ci",
"rev": "524bdf9cdcfb8008c08d7e54a95992ebf05331d5",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"ref": "3.0.1",
"repo": "nix-gitlab-ci",
"type": "gitlab"
}
},
"nixmkdocs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763481845,
"narHash": "sha256-Bp0+9rDmlPWMcnKqGx+BG4+o5KO8FuDAOvXRnXrm3Fo=",
"owner": "TECHNOFAB",
"repo": "nixmkdocs",
"rev": "73d59093df94a894d25bc4bf71880b6f00faa62f",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "nixmkdocs",
"type": "gitlab"
}
},
"root": {
"inputs": {
"devshell-lib": "devshell-lib",
"nix-gitlab-ci-lib": "nix-gitlab-ci-lib",
"nixmkdocs-lib": "nixmkdocs-lib",
"soonix-lib": "soonix-lib",
"treefmt-nix": "treefmt-nix"
}
},
"soonix-lib": {
"locked": {
"dir": "lib",
"lastModified": 1758615778,
"narHash": "sha256-tggru+siXlLcLUjHtMojkJJWTS/8I3gm8nhnlz+qrTo=",
"owner": "TECHNOFAB",
"repo": "soonix",
"rev": "e04b71c07413251dcb52036b4a51c6c7c0dca2ad",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "soonix",
"type": "gitlab"
}
},
"treefmt-nix": {
"flake": false,
"locked": {
"lastModified": 1762410071,
"narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "97a30861b13c3731a84e09405414398fbf3e109f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

21
nix/repo/flake.nix Normal file
View file

@ -0,0 +1,21 @@
{
inputs = {
devshell-lib.url = "gitlab:rensa-nix/devshell?dir=lib";
soonix-lib.url = "gitlab:TECHNOFAB/soonix?dir=lib";
nixmkdocs-lib.url = "gitlab:TECHNOFAB/nixmkdocs?dir=lib";
nix-gitlab-ci-lib.url = "gitlab:TECHNOFAB/nix-gitlab-ci/3.0.1?dir=lib";
treefmt-nix = {
url = "github:numtide/treefmt-nix";
flake = false;
};
};
outputs = i:
i
// {
devshell = i.devshell-lib.lib {inherit (i.parent) pkgs;};
soonix = i.soonix-lib.lib {inherit (i.parent) pkgs;};
doclib = i.nixmkdocs-lib.lib {inherit (i.parent) pkgs;};
cilib = i.nix-gitlab-ci-lib.lib {inherit (i.parent) pkgs;};
treefmt = import i.treefmt-nix;
};
}