add README, move run files to run

Signed-off-by: Xe <me@christine.website>

README.md

@@ -0,0 +1,7 @@
+# grafanauth
+
+This is an example for how to authenticate to Grafana using your Tailscale
+identity. This uses Tailscale as a library to proxy Grafana only over Tailscale
+so that anyone outside your tailnet cannot connect to it.
+
+See TODO(Xe): link here for more information and the theory behind this.

flake.nix

@@ -1,5 +1,5 @@
 {
-  description = "A basic Go web server setup";
+  description = "Grafana Auth proxy using Tailscale Auth";
 
   inputs = {
     nixpkgs.url = "nixpkgs/nixos-unstable";
@@ -20,7 +20,12 @@
         defaultPackage = pkgs.buildGoModule {
           pname = "grafanauth";
           inherit version;
-          src = builtins.path { path = ./.; name = "grafanauth"; };
+          src = builtins.path {
+            path = ./.;
+            name = "grafanauth";
+          };
+
+          CGO_ENABLED = "0";
 
           # This hash locks the dependencies of this package. It is
           # necessary because of how Go requires network access to resolve
@@ -34,25 +39,7 @@
           vendorSha256 = "sha256-nPtSpqIXB75PYsMoULIxFRPbRxxfn2CqzVE3Mb7/1Jg=";
         };
 
-        packages = {
+        defaultApp = utils.lib.mkApp { drv = self.defaultPackage.${system}; };
-          docker = let grafanauth = self.defaultPackage.${system};
-          in pkgs.dockerTools.buildLayeredImage {
-            name = grafanauth.pname;
-            tag = grafanauth.version;
-            contents = [ grafanauth ];
-
-            config = {
-              Entrypoint = [ "/bin/grafanauth" ];
-              WorkingDir = [ "/" ];
-              Volumes = { "/data" = { }; };
-              Env = [ "XDG_CONFIG_HOME=/data" ];
-            };
-          };
-        };
-
-        defaultApp = utils.lib.mkApp {
-          drv = self.defaultPackage.${system};
-        };
 
         devShell = pkgs.mkShell {
           buildInputs = with pkgs; [ go gopls go-tools gotools ];