phaseflow/flake.nix

# ABOUTME: Nix flake for PhaseFlow development environment and Docker build.
# ABOUTME: Provides Node.js 24, pnpm, turbo, lefthook, and Docker image output.
{
  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";

  outputs = { nixpkgs, ... }:
    let
      system = "x86_64-linux";
      pkgs = nixpkgs.legacyPackages.${system};

      # Custom Python package: garth (not in nixpkgs)
      garth = pkgs.python3Packages.buildPythonPackage {
        pname = "garth";
        version = "0.5.21";
        src = pkgs.fetchPypi {
          pname = "garth";
          version = "0.5.21";
          sha256 = "sha256-jZeVldHU6iOhtGarSmCVXRObcfiG9GSQvhQPzuWE2rQ=";
        };
        format = "pyproject";
        nativeBuildInputs = [ pkgs.python3Packages.hatchling ];
        propagatedBuildInputs = with pkgs.python3Packages; [
          pydantic
          requests-oauthlib
          requests
        ];
        doCheck = false;
      };

      # Python with garth for Garmin auth scripts
      pythonWithGarth = pkgs.python3.withPackages (ps: [ garth ]);

      # Common packages for development
      commonPackages = [
        pkgs.nodejs_24
        pkgs.pnpm
        pkgs.git
        pkgs.pocketbase
        pythonWithGarth
      ];
    in {
      # Docker image for production deployment
      packages.${system} = {
        dockerImage = import ./docker.nix { inherit pkgs; };
        default = import ./docker.nix { inherit pkgs; };
      };

      devShells.${system} = {
        # Default development shell with all tools
        default = pkgs.mkShell {
          packages = commonPackages ++ (with pkgs; [
            turbo
            lefthook
          ]);

          # For native modules (sharp, better-sqlite3, etc.)
          LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath [ pkgs.stdenv.cc.cc ];
        };

        # Ralph sandbox shell with minimal permissions
        # Used for autonomous Ralph loop execution
        ralph = pkgs.mkShell {
          packages = commonPackages ++ (with pkgs; [
            # Claude CLI (assumes installed globally or via npm)
            # Add any other tools Ralph needs here
          ]);

          # Restrictive environment for sandboxed execution
          shellHook = ''
            echo "🔒 Ralph Sandbox Environment"
            echo "   Limited to: nodejs, pnpm, git"
            echo ""
          '';

          # For native modules
          LD_LIBRARY_PATH = pkgs.lib.makeLibraryPath [ pkgs.stdenv.cc.cc ];
        };
      };
    };
}