{ description = "WireGuard Go development environment"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; flake-utils.url = "github:numtide/flake-utils"; }; outputs = { self, nixpkgs, flake-utils }: flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; # Go version matching go.mod go = pkgs.go_1_23; # Additional Go tools for development goTools = with pkgs; [ # Core Go toolchain go # Language Server Protocol gopls # Formatting and imports # gofmt # goimports gofumpt # Stricter gofmt # Linting and static analysis golangci-lint gosec # Security checker ineffassign # Debugging delve # Code generation and refactoring gotests # Generate tests gomodifytags # Modify struct tags impl # Generate interface implementations govulncheck # Vulnerability scanner # Build and development tools air # Live reload gotools # Various tools (guru, gorename, etc.) # Testing and benchmarking gotestsum # Pretty test output # Documentation # godoc ]; # System tools systemTools = with pkgs; [ git gnumake direnv nix-direnv # Networking tools (useful for WireGuard development) iproute2 iptables wireguard-tools # Text processing jq yq-go # Shell and utilities fish ripgrep fd tree ]; in { devShells.default = pkgs.mkShell { buildInputs = goTools ++ systemTools; shellHook = '' echo "🚀 WireGuard Go development environment loaded!" echo "📦 Go version: $(go version)" echo "🔧 Available tools:" echo " • LSP: gopls" echo " • Linting: golangci-lint, staticcheck, gosec" echo " • Formatting: gofmt, goimports, gofumpt" echo " • Debugging: delve (dlv)" echo " • Testing: gotests, gotestsum" echo " • Security: govulncheck" echo " • Live reload: air" echo "" echo "💡 Quick commands:" echo " • go mod tidy # Clean dependencies" echo " • golangci-lint run # Run all linters" echo " • govulncheck ./... # Check for vulnerabilities" echo " • gotests -all # Generate tests" echo " • air # Live reload server" echo "" # Set up Go environment export GOPATH="$PWD/.go" export GOBIN="$GOPATH/bin" export PATH="$GOBIN:$PATH" # Create necessary directories mkdir -p "$GOPATH/bin" # Set Go build cache to project directory export GOCACHE="$PWD/.gocache" mkdir -p "$GOCACHE" # Ensure proper Go module mode export GO111MODULE=on # Development-friendly settings export GOTOOLCHAIN="go1.23.1" export CGO_ENABLED=1 # WireGuard specific export WG_COLOR_MODE=always ''; # Environment variables for tools CGO_ENABLED = "1"; GO111MODULE = "on"; GOFLAGS = "-buildvcs=false"; # Disable VCS stamping for reproducible builds }; # Optional: Create a package for the WireGuard binary packages.default = pkgs.buildGoModule { pname = "wireguard-go"; version = "0.0.0-dev"; src = ./.; vendorHash = null; # Let Nix handle dependencies meta = with pkgs.lib; { description = "Userspace Go implementation of WireGuard"; homepage = "https://www.wireguard.com/"; license = licenses.mit; platforms = platforms.linux ++ platforms.darwin; }; }; }); }