# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ ... }@ch:
let
  nixpkgsConfig = {
    allowUnfree = true;
    permittedInsecurePackages = [
      "p7zip-16.02"
    ];
  };
  nixpkgs = import ./nixpkgs {
    config = nixpkgsConfig;
  };
  crate2nixSrc = nixpkgs.fetchFromGitHub {
    owner = "kolloch";
    repo = "crate2nix";
    rev = "e07af104b8e41d1cd7e41dc7ac3fdcdf4953efae";
    hash = "sha256:07syygn1rc5n1big7hf42pzgm5wc1r0mzglzvlbcb7rkzgqqhbqx";
  };
in
rec {
  inherit nixpkgsConfig nixpkgs;
  nixos = import ./nixpkgs/nixos;
  nixeval = import ./nixpkgs/nixos/lib/eval-config.nix;
  buildGo =
    let orig = import ./tvl/nix/buildGo { pkgs = nixpkgs; };
    in orig // {
      program = { dockerData ? [], ... }@args:
        let
          origOut = orig.program (nixpkgs.lib.filterAttrs (n: v: n != "dockerData") args);
        in origOut // {
          dockerImage = nixpkgs.dockerTools.buildImage {
            name = args.name;
            contents = dockerData;
            config = {
              Entrypoint = [ "${origOut}/bin/${args.name}" ];
              Env = [
                "SSL_CERT_FILE=${nixpkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
              ];
            };
          };
        };
    };
  readTree = import ./tvl/nix/readTree {};
  gopkgs = readTree ch ./gopkgs;

  crate2nix = import "${crate2nixSrc}" { pkgs = ch.depot.pkgs; };
}