diff --git a/flake.nix b/flake.nix index afb2b853fa..2a12659fa7 100644 --- a/flake.nix +++ b/flake.nix @@ -27,70 +27,74 @@ { devShells = forEachSupportedSystem ( { pkgs, ... }: + let + inherit (pkgs) lib; + + # only bump toolchain versions here + go = pkgs.go_1_26; + nodejs = pkgs.nodejs_24; + python3 = pkgs.python314; + pnpm = pkgs.pnpm_10; + + commonPackages = with pkgs; [ + # generic + git + git-lfs + gnumake + gnused + gnutar + gzip + zip + + # frontend + nodejs + pnpm + cairo + pixman + pkg-config + + # linting + python3 + uv + + # backend + go + gofumpt + sqlite + golangci-lint + govulncheck + tea + ]; + + commonEnv = { + GO = "${go}/bin/go"; + GOROOT = "${go}/share/go"; + TAGS = ""; + }; + in { - default = - let - inherit (pkgs) lib; + # production build shell: cgo links statically against glibc.static + default = pkgs.mkShell { + packages = + commonPackages + ++ lib.optionals pkgs.stdenv.isLinux [ pkgs.glibc.static ]; - # only bump toolchain versions here - go = pkgs.go_1_26; - nodejs = pkgs.nodejs_24; - python3 = pkgs.python314; - pnpm = pkgs.pnpm_10; - - # Platform-specific dependencies - linuxOnlyInputs = lib.optionals pkgs.stdenv.isLinux [ - pkgs.glibc.static - ]; - - linuxOnlyEnv = lib.optionalAttrs pkgs.stdenv.isLinux { + env = + commonEnv + // { + STATIC = "true"; + } + // lib.optionalAttrs pkgs.stdenv.isLinux { CFLAGS = "-I${pkgs.glibc.static.dev}/include"; LDFLAGS = "-L ${pkgs.glibc.static}/lib"; }; - in - pkgs.mkShell { - packages = - with pkgs; - [ - # generic - git - git-lfs - gnumake - gnused - gnutar - gzip - zip + }; - # frontend - nodejs - pnpm - cairo - pixman - pkg-config - - # linting - python3 - uv - - # backend - go - gofumpt - sqlite - golangci-lint - govulncheck - tea - ] - ++ linuxOnlyInputs; - - env = { - GO = "${go}/bin/go"; - GOROOT = "${go}/share/go"; - - TAGS = ""; - STATIC = "true"; - } - // linuxOnlyEnv; - }; + # test/dev shell: no static glibc — avoids cgo NSS segfaults in `go test` + test = pkgs.mkShell { + packages = commonPackages; + env = commonEnv; + }; } ); };