diff --git a/flake.lock b/flake.lock index bee1538..c79e005 100644 --- a/flake.lock +++ b/flake.lock @@ -86,6 +86,22 @@ "type": "github" } }, + "nixpkgs-darwin": { + "locked": { + "lastModified": 1676998680, + "narHash": "sha256-61gxdL3bqHWnRSiYq+sKWbSX6tuwaRnYfPvhpRK011s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a3d745e701c337e65ef467d5a9400d9336a303a1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-22.11-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { "dir": "lib", @@ -110,17 +126,18 @@ "flake-parts": "flake-parts", "napalm": "napalm", "nixpkgs": "nixpkgs", + "nixpkgs-darwin": "nixpkgs-darwin", "zitiConsole": "zitiConsole" } }, "zitiConsole": { "flake": false, "locked": { - "lastModified": 1675602946, - "narHash": "sha256-5k/h//YC8PBs4drJrYe3Efb30wN+uEK7GJyXq+Y2Yd0=", + "lastModified": 1677772886, + "narHash": "sha256-ft606tXgwQQ/0wuDzUnMjyXwehUfQkHdu9N8VGWV4Do=", "owner": "openziti", "repo": "ziti-console", - "rev": "a6525823cf5b7c16b04eceb3d0bf13891115fa71", + "rev": "1440a0fcb7034621215d11f1d8bcec1835f60b6f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index add8caa..9c21d16 100644 --- a/flake.nix +++ b/flake.nix @@ -3,6 +3,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-22.11-darwin"; flake-compat = { url = "github:edolstra/flake-compat"; @@ -25,13 +26,18 @@ outputs = { self, nixpkgs, + nixpkgs-darwin, flake-compat, flake-parts, napalm, zitiConsole, }: flake-parts.lib.mkFlake {inherit self;} { - systems = ["x86_64-linux"]; + systems = [ + "x86_64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; perSystem = { inputs', pkgs, @@ -69,13 +75,12 @@ (recursiveUpdate (mkZitiBinTypePkgs state "tunnel")) (recursiveUpdate (mkZitiCliFnPkgs state)) (recursiveUpdate (mkZitiConsole inputs' self)) - (recursiveUpdate (mkZitiEdgeTunnelPkgs state)) + (recursiveUpdate (mkZitiEdgeTunnelPkgs state system)) (recursiveUpdate {default = packages.ziti-edge-tunnel_latest;}) ]; }; flake = { - # darwinModules; nixosModules = { ziti-controller = import ./modules/ziti-controller.nix self; ziti-console = import ./modules/ziti-console.nix self; diff --git a/lib/lib.nix b/lib/lib.nix index 04fc568..67eb952 100644 --- a/lib/lib.nix +++ b/lib/lib.nix @@ -17,13 +17,24 @@ in url = "https://github.com/openziti/ziti/releases/download/v${version}/ziti-linux-amd64-${version}.tar.gz"; }; - srcBinZitiEdgeTunnel = version: sha256: - fetchzip { + srcBinZitiEdgeTunnel = version: sha256: { + x86_64-linux = fetchzip { inherit sha256; url = "https://github.com/openziti/ziti-tunnel-sdk-c/releases/download/v${version}/ziti-edge-tunnel-Linux_x86_64.zip"; }; - mkZitiPkg = v: state: { + x86_64-darwin = fetchzip { + inherit sha256; + url = "https://github.com/openziti/ziti-tunnel-sdk-c/releases/download/v${version}/ziti-edge-tunnel-Darwin_x86_64.zip"; + }; + + aarch64-darwin = fetchzip { + inherit sha256; + url = "https://github.com/openziti/ziti-tunnel-sdk-c/releases/download/v${version}/ziti-edge-tunnel-Darwin_arm64.zip"; + }; + }; + + mkZitiPkg = v: state: lib.optionalAttrs (system == "x86_64-linux") { "ziti_${v}" = stdenv.mkDerivation rec { inherit (state.srcBinZiti.${v}) version; name = "ziti_${version}"; @@ -57,7 +68,7 @@ in }; }; - mkZitiBinTypePkg = v: binType: state: { + mkZitiBinTypePkg = v: binType: state: lib.optionalAttrs (system == "x86_64-linux") { "ziti-${binType}_${v}" = stdenv.mkDerivation rec { inherit (state.srcBinZiti.${v}) version; name = "ziti-${binType}_${version}"; @@ -80,7 +91,7 @@ in }; }; - mkZitiCliFnPkg = v: state: { + mkZitiCliFnPkg = v: state: lib.optionalAttrs (system == "x86_64-linux") { "ziti-cli-functions_${v}" = writeShellApplication { runtimeInputs = [coreutils curl hostname jq killall openssl]; name = "ziti-cli-functions.sh"; @@ -111,7 +122,7 @@ in }; }; - mkZitiConsole = inputs': self: { + mkZitiConsole = inputs': self: lib.optionalAttrs (system == "x86_64-linux") { ziti-console = let napalmPackage = inputs'.napalm.legacyPackages.buildPackage self.inputs.zitiConsole.outPath { npmCommands = "npm install --no-audit --loglevel verbose --ignore-scripts --nodedir=${nodejs}/include/node"; @@ -133,15 +144,15 @@ in }; }; - mkZitiEdgeTunnelPkg = v: state: { + mkZitiEdgeTunnelPkg = v: state: system: { "ziti-edge-tunnel_${v}" = stdenv.mkDerivation rec { - inherit (state.srcBinZitiEdgeTunnel.${v}) version; + inherit (state.srcBinZitiEdgeTunnel.${system}.${v}) version; name = "ziti-edge-tunnel_${version}"; - src = srcBinZitiEdgeTunnel version state.srcBinZitiEdgeTunnel.${v}.hash; + src = (srcBinZitiEdgeTunnel version state.srcBinZitiEdgeTunnel.${system}.${v}.hash).${system}; sourceRoot = "."; - nativeBuildInputs = [autoPatchelfHook]; - runtimeDependencies = [systemd]; + nativeBuildInputs = lib.optionals (system == "x86_64-linux") [autoPatchelfHook]; + runtimeDependencies = lib.optionals (system == "x86_64-linux") [systemd]; installPhase = '' install -m755 -D source/ziti-edge-tunnel $out/bin/ziti-edge-tunnel @@ -151,7 +162,7 @@ in homepage = "https://github.com/openziti/ziti-tunnel-sdk-c"; description = "Ziti: programmable network overlay and associated edge components for application-embedded, zero-trust networking"; license = licenses.asl20; - platforms = platforms.linux; + platforms = ["x86_64-linux" "x86_64-darwin" "aarch64-darwin"]; }; }; }; @@ -159,5 +170,5 @@ in mkZitiPkgs = state: foldl (acc: v: acc // (mkZitiPkg v state)) {} (attrNames state.srcBinZiti); mkZitiBinTypePkgs = state: binType: foldl (acc: v: acc // (mkZitiBinTypePkg v binType state)) {} (attrNames state.srcZiti); mkZitiCliFnPkgs = state: foldl (acc: v: acc // (mkZitiCliFnPkg v state)) {} (attrNames state.srcZiti); - mkZitiEdgeTunnelPkgs = state: foldl (acc: v: acc // (mkZitiEdgeTunnelPkg v state)) {} (attrNames state.srcBinZitiEdgeTunnel); + mkZitiEdgeTunnelPkgs = state: system: foldl (acc: v: acc // (mkZitiEdgeTunnelPkg v state system)) {} (attrNames state.srcBinZitiEdgeTunnel.${system}); } diff --git a/modules/ziti-console.nix b/modules/ziti-console.nix index 59fa445..faa85c4 100644 --- a/modules/ziti-console.nix +++ b/modules/ziti-console.nix @@ -76,9 +76,16 @@ in { name = "ziti-console-preScript.sh"; text = '' if ! [ -f .bootstrap-pre-complete ]; then + echo "Creating ziti-console files and directories prior to startup..." cp -a ${ziti-console}/* /var/lib/ziti-console - - touch .bootstrap-pre-complete + echo ${ziti-console} > .bootstrap-pre-complete + else + if [ "$(cat .bootstrap-pre-complete)" != "${ziti-console}" ]; then + echo "Replacing ziti-console files and directories prior to startup with an update..." + rm -rf /var/lib/ziti-console/* + cp -a ${ziti-console}/* /var/lib/ziti-console + echo ${ziti-console} > .bootstrap-pre-complete + fi fi until [ -f "$ZAC_SERVER_CERT_CHAIN" ]; do diff --git a/versions.nix b/versions.nix index 5f6ea06..def283c 100644 --- a/versions.nix +++ b/versions.nix @@ -3,7 +3,7 @@ pkgs: let in { state = { srcZiti = rec { - latest = let l = v0-27-5; in {inherit (l) version hash;}; + latest = v0-27-5; v0-27-5 = { version = "0.27.5"; @@ -32,7 +32,7 @@ in { }; srcBinZiti = rec { - latest = let l = v0-27-5; in {inherit (l) version hash;}; + latest = v0-27-5; v0-27-5 = { version = "0.27.5"; @@ -60,37 +60,64 @@ in { }; }; - srcBinZitiEdgeTunnel = rec { - latest = let l = v0-20-20; in {inherit (l) version hash;}; + srcBinZitiEdgeTunnel = let + in rec { - v0-20-20 = { - version = "0.20.20"; - hash = "sha256-dlFY+U7p1yfFhphlU1UZJek85K0QanYIi457U7dcGMM="; - }; + x86_64-linux = rec { + latest = v0-20-21; - v0-20-18 = { - version = "0.20.18"; - hash = "sha256-D773ZeEs/NUp/lwVCKxYz5voq/MXeLiJU5YcB/Vcs8g="; - }; + v0-20-21 = { + version = "0.20.21"; + hash = "sha256-8/ci7ULITRcRpHnZcr7afcOt+y6aLfxeaRdJHN0Ma1U="; + }; - v0-20-6 = { - version = "0.20.6"; - hash = "sha256-fyOJJ88DvRCVHNtlWt1eUJdH1XRAyeSgHeJTwxWM8e0="; - }; + v0-20-20 = { + version = "0.20.20"; + hash = "sha256-dlFY+U7p1yfFhphlU1UZJek85K0QanYIi457U7dcGMM="; + }; + + v0-20-18 = { + version = "0.20.18"; + hash = "sha256-D773ZeEs/NUp/lwVCKxYz5voq/MXeLiJU5YcB/Vcs8g="; + }; + + v0-20-6 = { + version = "0.20.6"; + hash = "sha256-fyOJJ88DvRCVHNtlWt1eUJdH1XRAyeSgHeJTwxWM8e0="; + }; - v0-20-2 = { - version = "0.20.2"; - hash = "sha256-ZgeVSGqy12CQJEErzQ1gaXtJbv5bVncH66Li1X8D3P0="; + v0-20-2 = { + version = "0.20.2"; + hash = "sha256-ZgeVSGqy12CQJEErzQ1gaXtJbv5bVncH66Li1X8D3P0="; + }; + + v0-20-0 = { + version = "0.20.0"; + hash = "sha256-/AS8PUaBjfunEwXvWnVmwMQSdQ0CHYM+FpbCSploaeA="; + }; + + v0-19-11 = { + version = "0.19.11"; + hash = "sha256-cZne4M7XZV+bpOq5moRexMqhKCkBQ8pMpa7A7oBOcX8="; + }; }; - v0-20-0 = { - version = "0.20.0"; - hash = "sha256-/AS8PUaBjfunEwXvWnVmwMQSdQ0CHYM+FpbCSploaeA="; + x86_64-darwin = rec { + latest = v0-20-21; + + v0-20-21 = { + version = "0.20.21"; + hash = "sha256-HpnhiDSM3grranJ7gt3HM8Zfn4BBBTxQjnFy8ASsiFw="; + }; }; - v0-19-11 = { - version = "0.19.11"; - hash = "sha256-cZne4M7XZV+bpOq5moRexMqhKCkBQ8pMpa7A7oBOcX8="; + aarch64-darwin = rec { + latest = v0-20-21; + + v0-20-21 = { + version = "0.20.21"; + hash = "sha256-UwD91Hx4c95JT3rGc4WxnNQbpNP8xq6an7m31VB/9CM="; + }; }; }; }; diff --git a/zip/ziti-edge-tunnel-Darwin_arm64.zip b/zip/ziti-edge-tunnel-Darwin_arm64.zip new file mode 100644 index 0000000..dcebfd9 Binary files /dev/null and b/zip/ziti-edge-tunnel-Darwin_arm64.zip differ