| # If you're on NixOS, use me! `nix-shell --pure`. |
| { pkgs ? (import ./third_party/nix { }), extraConf ? "" }: |
| let |
| wrapper = pkgs.writeScript "wrapper.sh" |
| '' |
| # Fancy colorful PS1 to make people notice easily they're in the Monogon Nix shell. |
| PS1='\[\033]0;\u/monogon:\w\007\]' |
| if type -P dircolors >/dev/null ; then |
| PS1+='\[\033[01;35m\]\u/monogon\[\033[01;36m\] \w \$\[\033[00m\] ' |
| fi |
| export PS1 |
| |
| # Use Nix-provided cert store. |
| export NIX_SSL_CERT_FILE="${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" |
| export SSL_CERT_FILE="${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" |
| |
| # Let some downstream machinery know we're on NixOS. This is used mostly to |
| # work around Bazel/NixOS interactions. |
| export MONOGON_NIXOS=yep |
| |
| # Convince rules_go to use /bin/bash and not a NixOS store bash which has |
| # no idea how to resolve other things in the nix store once PATH is |
| # stripped by (host_)action_env. |
| export BAZEL_SH=/bin/bash |
| |
| # buildFHSEnv makes /etc a tmpfs and symlinks some files from host /etc. |
| # Create some additional symlinks for files we want from host /etc. |
| for i in bazel.bazelrc gitconfig; do |
| if [[ -e "/.host-etc/$i" ]] && [[ ! -e "/etc/$i" ]]; then |
| ln -s "/.host-etc/$i" "/etc/$i" |
| fi |
| done |
| |
| ${extraConf} |
| |
| # Allow passing a custom command via env since nix-shell doesn't support |
| # this yet: https://github.com/NixOS/nix/issues/534 |
| if [ ! -n "$COMMAND" ]; then |
| COMMAND="bash --noprofile --norc" |
| fi |
| exec $COMMAND |
| ''; |
| in |
| (pkgs.buildFHSEnv { |
| name = "monogon-nix"; |
| targetPkgs = targetPkgs: with targetPkgs; [ |
| bazel-unwrapped # Our custom bazel package based on upstream |
| zlib # Bazel dependency |
| python3 # Workspace status script |
| git # Bazel expects git to be available |
| gnupg # our gopass integration requires gpg in the PATH |
| niv # For updating third_party/nix |
| google-cloud-sdk # Pushing containers to GCR |
| ]; |
| runScript = wrapper; |
| }).env |