{ description = "USDA Vision camera management system"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; # For secrets management ragenix = { url = "github:yaxitech/ragenix"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, nixpkgs, flake-utils, ragenix }: flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; config.allowUnfree = true; }; # Import our package definition usda-vision-package = pkgs.callPackage ./package.nix { }; camera-sdk = pkgs.callPackage ./camera-sdk.nix { }; in { packages = { default = usda-vision-package; usda-vision = usda-vision-package; camera-sdk = camera-sdk; }; devShells.default = pkgs.mkShell { name = "usda-vision-dev"; # Input packages for the development shell buildInputs = with pkgs; [ # Core development tools git vim curl wget # Docker for local development docker docker-compose # Supabase CLI supabase-cli # Node.js for web app development nodejs_20 nodePackages.npm nodePackages.pnpm # Python for camera API python311 python311Packages.pip python311Packages.virtualenv # Camera SDK camera-sdk # Secrets management ragenix.packages.${system}.default age ssh-to-age # Utilities jq yq rsync gnused gawk ]; # Environment variables for development shellHook = '' export LD_LIBRARY_PATH="${camera-sdk}/lib:$LD_LIBRARY_PATH" export CAMERA_SDK_PATH="${camera-sdk}" # Set up Python virtual environment if [ ! -d .venv ]; then echo "Creating Python virtual environment..." python -m venv .venv fi echo "USDA Vision Development Environment" echo "====================================" echo "Camera SDK: ${camera-sdk}" echo "" echo "Available commands:" echo " - docker-compose: Manage containers" echo " - supabase: Supabase CLI" echo " - ragenix: Manage encrypted secrets" echo " - age: Encrypt/decrypt files" echo "" echo "To activate Python venv: source .venv/bin/activate" echo "To edit secrets: ragenix -e secrets/env.age" echo "" ''; # Additional environment configuration DOCKER_BUILDKIT = "1"; COMPOSE_DOCKER_CLI_BUILD = "1"; }; # NixOS module for easy integration nixosModules.default = { config, lib, ... }: { options.services.usda-vision = { enable = lib.mkEnableOption "USDA Vision camera management system"; secretsFile = lib.mkOption { type = lib.types.path; description = "Path to the ragenix-managed secrets file"; }; dataDir = lib.mkOption { type = lib.types.str; default = "/var/lib/usda-vision"; description = "Directory for USDA Vision application data"; }; }; config = lib.mkIf config.services.usda-vision.enable { environment.systemPackages = [ usda-vision-package camera-sdk pkgs.docker-compose ]; environment.variables.LD_LIBRARY_PATH = "${camera-sdk}/lib"; virtualisation.docker = { enable = true; autoPrune.enable = true; }; systemd.services.usda-vision = { description = "USDA Vision Docker Compose Stack"; after = [ "docker.service" "network-online.target" ]; wants = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' # Sync application code ${pkgs.rsync}/bin/rsync -av --delete \ --checksum \ --exclude='node_modules' \ --exclude='.env' \ --exclude='__pycache__' \ --exclude='.venv' \ ${usda-vision-package}/opt/usda-vision/ ${config.services.usda-vision.dataDir}/ # Copy secrets if managed by ragenix if [ -f "${config.services.usda-vision.secretsFile}" ]; then cp "${config.services.usda-vision.secretsFile}" ${config.services.usda-vision.dataDir}/.env fi ''; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; WorkingDirectory = config.services.usda-vision.dataDir; ExecStart = "${pkgs.docker-compose}/bin/docker-compose up -d --build"; ExecStop = "${pkgs.docker-compose}/bin/docker-compose down"; TimeoutStartSec = 300; }; }; }; }; } ); }