flake.nix: fix broken flake (#85)

mikeodr · web-flow · commit 3877b43a4658 · 2025-10-15T13:36:23.000-04:00
Signed-off-by: Mike O'Driscoll &lt;mike@unusedbytes.ca&gt;
diff --git a/flake.nix b/flake.nix
@@ -41,10 +41,11 @@
       formatter = eachSystem (pkgs: pkgs.nixfmt-tree);
 
       packages = eachSystem (pkgs: {
-        default = pkgs.buildGo124Module {
+        tsidp = pkgs.buildGo124Module {
           pname = "tsidp";
           version = if (self ? shortRev) then self.shortRev else "dev";
           src = pkgs.nix-gitignore.gitignoreSource [ ] ./.;
+          meta.mainProgram = "tsidp";
           ldflags =
             let
               tsVersion =
@@ -59,8 +60,14 @@
             ];
           vendorHash = "sha256-obtcJTg7V4ij3fGVmZMD7QQwKJX6K5PPslpM1XKCk9Q="; # SHA based on vendoring go.mod
         };
+
+        default = self.packages.${pkgs.system}.tsidp;
       });
 
+      overlays.default = final: prev: {
+        tsidp = self.packages.${final.system}.tsidp;
+      };
+
       devShells = eachSystem (pkgs: {
         default = pkgs.mkShell {
           packages = [
@@ -95,12 +102,18 @@
             ;
 
           cfg = config.services.tsidp;
+
+          stateDir = "/var/lib/tsidp";
         in
         {
           options.services.tsidp = {
             enable = mkEnableOption "tsidp server";
 
-            package = mkPackageOption pkgs "tsidp" { };
+            package = mkOption {
+              type = lib.types.package;
+              default = self.packages.${pkgs.system}.tsidp;
+              description = "Package to use for the tsidp service.";
+            };
 
             environmentFile = mkOption {
               type = nullOr lib.types.path;
@@ -225,7 +238,7 @@
                 ];
 
                 environment = {
-                  HOME = "/var/lib/tsidp";
+                  HOME = stateDir;
                   TAILSCALE_USE_WIP_CODE = "1"; # Needed while tsidp is in development (< v1.0.0).
                 };
 
@@ -243,15 +256,16 @@
                         log = cfg.settings.logLevel;
                         debug-all-requests = cfg.settings.debugAllRequests;
                         debug-tsnet = cfg.settings.debugTsnet;
+                        dir = stateDir;
                       };
                     in
                     "${getExe cfg.package} ${args}";
                   Restart = "always";
                   RestartSec = "15";
 
                   DynamicUser = true;
-                  StateDirectory = "tsidp";
-                  WorkingDirectory = "/var/lib/tsidp";
+                  StateDirectory = baseNameOf stateDir;
+                  WorkingDirectory = stateDir;
                   ReadWritePaths = mkIf (cfg.settings.useLocalTailscaled) [
                     "/var/run/tailscale" # needed due to `ProtectSystem = "strict";`
                     "/var/lib/tailscale"
