flake(pihole): restructure image info + update devShell for updating it

The Pi-hole image information is now contained in separate nix files per architecture `pihole-image-info.ARCH.nix`.
When updating these files with `update-pihole-image-info` the respective docker images are prefetched and the sha256 sum needed for the build are automatically included in the nix files.

flake.nix

@@ -16,17 +16,9 @@
     let
       pkgs = nixpkgs.legacyPackages.${curSystem};
 
-      imageBaseInfo = import ./pihole-image-base-info.nix;
       imageInfo = {
-        ${system.x86_64-linux}.pihole = imageBaseInfo // {
+        ${system.x86_64-linux}.pihole = import ./pihole-image-info.amd64.nix;
-          arch = "amd64";
+        ${system.aarch64-linux}.pihole = import ./pihole-image-info.arm64.nix;
-          sha256 = "sha256-ln5wM8DVxzEWqlEpzG+H7UVfsNfqYrfzv/2lKXaVXTI=";
-        };
-
-        ${system.aarch64-linux}.pihole = imageBaseInfo // {
-          arch = "arm64";
-          sha256 = "sha256-OIZf61nuPn+dJQdnLe807T2fJUJ5fKQqr5K4/Vt3IC4=";
-        };
       };
 
       piholeImage = pkgs.dockerTools.pullImage imageInfo.${curSystem}.pihole;
@@ -45,18 +37,35 @@
       devShells.default = let
         imageName = "pihole/pihole";
         updatePiholeImageInfoScript = pkgs.writeShellScriptBin "update-pihole-image-info" ''
+          while [[ $# -gt 0 ]]; do
+            case $1 in
+              --arch)
+                ARCH="$2"
+                if [[ ($ARCH != 'amd64') && ($ARCH != 'arm64') ]]; then
+                  echo '--arch must be either "amd64" or "arm64"'
+                  exit 1
+                fi
+                shift # past argument
+                shift # past value
+                ;;
+              *)
+                echo "Unknown option $1"
+                exit 1
+                ;;
+            esac
+          done
+
+          if [[ -z "$ARCH" ]]; then
+            echo 'You must provide the "--arch [amd64|arm64]" option to specify which Pi-hole image should be updated.'
+            exit 1
+          fi
+
           INSPECT_RESULT=`skopeo inspect "docker://${imageName}:latest"`
           IMAGE_DIGEST=`echo $INSPECT_RESULT | jq '.Digest'`
           LATEST_LABEL=`echo $INSPECT_RESULT | jq '.Labels."org.opencontainers.image.version"'`
 
-          cat >pihole-image-base-info.nix <<EOF
+          IMAGE_INFO=`nix-prefetch-docker --os linux --arch "$ARCH" --image-name '${imageName}' --image-digest "$IMAGE_DIGEST" --final-image-tag "$LATEST_LABEL"`
-          {
+          echo "$IMAGE_INFO" >"pihole-image-info.$ARCH.nix"
-            imageName = "${imageName}";
-            imageDigest = $IMAGE_DIGEST;
-            finalImageTag = $LATEST_LABEL;
-            os = "linux";
-          }
-          EOF
         '';
 
         in pkgs.mkShell {
@@ -64,10 +73,9 @@
             dig
             skopeo
             jq
+            nix-prefetch-docker
             updatePiholeImageInfoScript
           ];
-
-          inputsFrom = [ self.packages.${curSystem}.default ];
         };
     }
   );

pihole-image-base-info.nix

@@ -1,6 +0,0 @@
-{
-  imageName = "pihole/pihole";
-  imageDigest = "sha256:9da1360c747715c41cf327580d2cc064f04776674afe317abd99cac70cd65e82";
-  finalImageTag = "2022.10";
-  os = "linux";
-}

pihole-image-info.amd64.nix

@@ -0,0 +1,7 @@
+{
+  imageName = "pihole/pihole";
+  imageDigest = "sha256:586457b5ed6e888ca6674e27d3f063588a8b61fa0b61b80fecd8be3939ad2160";
+  sha256 = "1fn8dhwbq6078hm8z5s806sv9103h4ljgygmiq9jzaadmrzy8g8q";
+  finalImageName = "pihole/pihole";
+  finalImageTag = "2022.11.2";
+}

pihole-image-info.arm64.nix

@@ -0,0 +1,7 @@
+{
+  imageName = "pihole/pihole";
+  imageDigest = "sha256:586457b5ed6e888ca6674e27d3f063588a8b61fa0b61b80fecd8be3939ad2160";
+  sha256 = "191rak86a1q4m5i9wi594aqzyly5ci0g4sq90jvh1vgynf8flmp0";
+  finalImageName = "pihole/pihole";
+  finalImageTag = "2022.11.2";
+}