nix: use 22.11 stable nixpkgs (#13)

nix: refac overlays nix: fix path to packages nix: use mkMerge nix: rename nixpkgs-unstable input user: remove my tools user: build use unstable packages for nil cannot be built on stable because it requires rustc 1.66 or newer, while the currently active rustc version is 1.64.0 host/magenta: use unstable gitea nix: fix rollback command nix: fix overlays user: use unstable haskell packages to build xmonad user: don't build woodpecker-cli host: import nix module for canigou and magenta pkgs: fix woodpecker host/home: use unstable kernel to use rtl88x2bu driver host: use unstable ipfs move ipfs to shared config user: use unstable woodpecker-cli Reviewed-on: #13
2023-03-31 17:40:22 +03:00 · 2023-03-31 17:40:22 +03:00 · dab505e62b
commit dab505e62b
parent d4b4c07305
19 changed files with 113 additions and 178 deletions
--- a/14
+++ b/14
@ -9,7 +9,7 @@ DEPS_MY := \

 DEPS_NIXOS := \
 	nixpkgs \
-	nixpkgs_unstable \
+	nixpkgs-unstable \
 	hardware \
 	home-manager \
 	agenix
@ -37,13 +37,21 @@ $(1): ;
 	systemctl --user reset-failed
 	$$(NIX_RUN)switch/$(1)

-.PHONY: $(1)-test
-$(1)-test: ; $$(NIX_RUN)test/$(1)
+.PHONY: rollback-$(1)
+rollback-$(1):
+	$$(NIX_RUN)rollback/$(1)
+
+.PHONY: test-$(1)
+test-$(1): ; $$(NIX_RUN)test/$(1)
 endef

 define vps_rule
 .PHONY: $(1)
 $(1): ; $$(NIX_RUN)deploy/$(1)
+
+.PHONY: rollback-$(1)
+rollback-$(1):
+	$$(NIX_RUN)rollback/$(1)
 endef

 $(foreach machine,$(MACHINES),$(eval $(call machine_rule,$(machine))))
--- a/flake.lock
+++ b/flake.lock
@ -380,30 +380,6 @@
        "url": "https://git.pleshevski.ru/mynix/neovim"
      }
    },
-    "mytools": {
-      "inputs": {
-        "flake-utils": [
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "poetry2nix": "poetry2nix"
-      },
-      "locked": {
-        "lastModified": 1679901802,
-        "narHash": "sha256-BT/2TqtolnSYqi1vpx0nBo5idlPLwl+5ZY+e/T+dm6o=",
-        "ref": "refs/heads/main",
-        "rev": "b5afe25a79bfefe1da34d70779658ea7f313938b",
-        "revCount": 32,
-        "type": "git",
-        "url": "https://git.pleshevski.ru/mynix/tools"
-      },
-      "original": {
-        "type": "git",
-        "url": "https://git.pleshevski.ru/mynix/tools"
-      }
-    },
    "neoformat": {
      "flake": false,
      "locked": {
@ -490,37 +466,7 @@
        "type": "indirect"
      }
    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1679944645,
-        "narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "4bb072f0a8b267613c127684e099a70e1f6ff106",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_3": {
-      "locked": {
-        "lastModified": 1679281263,
-        "narHash": "sha256-neMref1GTruSLt1jBgAw+lvGsZj8arQYfdxvSi5yp4Q=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "8276a165b9fa3db1a7a4f29ee29b680e0799b9dc",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "type": "indirect"
-      }
-    },
-    "nixpkgs_unstable": {
+    "nixpkgs-unstable": {
      "locked": {
        "lastModified": 1680110233,
        "narHash": "sha256-x8ob7Xk2mcGl6U+tVIIUYtXmiGVA304YXMJIzX+wVbA=",
@ -536,6 +482,22 @@
        "type": "github"
      }
    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1680122840,
+        "narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a575c243c23e2851b78c00e9fa245232926ec32f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-22.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nlsp-settings-nvim": {
      "flake": false,
      "locked": {
@ -665,31 +627,6 @@
        "type": "github"
      }
    },
-    "poetry2nix": {
-      "inputs": {
-        "flake-utils": [
-          "mytools",
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "mytools",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1679445660,
-        "narHash": "sha256-yhO+5d5Ilxybmt3/oGI7KJ/kjnDq50MLrPIvjc40qeg=",
-        "owner": "nix-community",
-        "repo": "poetry2nix",
-        "rev": "50ec694c27a12bc178fff961c4dd927fa6a47f18",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "poetry2nix",
-        "type": "github"
-      }
-    },
    "root": {
      "inputs": {
        "agenix": "agenix",
@ -698,12 +635,10 @@
        "home-manager": "home-manager",
        "mailserver": "mailserver",
        "myneovim": "myneovim",
-        "mytools": "mytools",
        "nil": "nil",
        "nixpkgs": "nixpkgs_2",
-        "nixpkgs_unstable": "nixpkgs_unstable",
+        "nixpkgs-unstable": "nixpkgs-unstable",
        "vnetod": "vnetod",
-        "wd2": "wd2",
        "wired": "wired"
      }
    },
@ -849,30 +784,6 @@
        "url": "https://git.pleshevski.ru/pleshevskiy/vnetod"
      }
    },
-    "wd2": {
-      "inputs": {
-        "flake-utils": [
-          "flake-utils"
-        ],
-        "nixpkgs": "nixpkgs_3",
-        "tools": [
-          "mytools"
-        ]
-      },
-      "locked": {
-        "lastModified": 1679321145,
-        "narHash": "sha256-XxNcy0ldrUKDZhaGaORtkAcnoZmnpc32KJVyeIGV2BY=",
-        "ref": "refs/heads/main",
-        "rev": "82d99a485c47870a92fb889af58908a41e695092",
-        "revCount": 18,
-        "type": "git",
-        "url": "https://git.pleshevski.ru/pleshevskiy/wd2"
-      },
-      "original": {
-        "type": "git",
-        "url": "https://git.pleshevski.ru/pleshevskiy/wd2"
-      }
-    },
    "wired": {
      "inputs": {
        "alejandra": "alejandra",
--- a/flake.nix
+++ b/flake.nix
@ -1,8 +1,8 @@
 {
  inputs = {
    flake-utils.url = "github:numtide/flake-utils";
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
-    nixpkgs_unstable.url = "github:NixOS/nixpkgs/master";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
    hardware.url = "github:NixOS/nixos-hardware/master";

    agenix = {
@ -33,19 +33,6 @@
      inputs.flake-utils.follows = "flake-utils";
    };

-    # my nix tools
-    mytools = {
-      url = "git+https://git.pleshevski.ru/mynix/tools";
-      inputs.nixpkgs.follows = "nixpkgs";
-      inputs.flake-utils.follows = "flake-utils";
-    };
-    # a wrapper for d2 tool
-    wd2 = {
-      url = "git+https://git.pleshevski.ru/pleshevskiy/wd2";
-      inputs.tools.follows = "mytools";
-      inputs.flake-utils.follows = "flake-utils";
-    };
-
    # tool to change .env faster
    vnetod = {
      url = "git+https://git.pleshevski.ru/pleshevskiy/vnetod";
@ -87,9 +74,7 @@

              rollback = lib.recurseIntoAttrs (lib.mapAttrs
                (hostname: machine: pkgs.writeShellScript "rollback-${hostname}" ''
-                  ${nixos-rebuild}/bin/nixos-rebuild test \
-                    --rollback \
-                    --flake .#${hostname}
+                  ${nixos-rebuild}/bin/nixos-rebuild switch --rollback
                '')
                self.nixosConfigurations);

@ -128,6 +113,8 @@
          };
        })
    // {
+      overlays.default = final: prev: import ./packages { inherit (prev) lib callPackage; };
+
      nixosConfigurations =
        nixpkgs.lib.mapAttrs
          (hostname: { system
--- a/home/modules/dev_tools.nix
+++ b/home/modules/dev_tools.nix
@ -36,16 +36,14 @@ in
    bat # a cat clone with syntax highlighting and git integration
    ripgrep # a fuzzy finder
    vnetod # a tool to change env sections
-    wd2 # my wrapper for d2
    gnumake
    libnotify # tool to send notifications via cli
-    fawltydeps # Python dependency checker

    deno
    nickel

    nixpkgs-fmt # nix formatter
-    nil # nix lsp server
+    unstable.nil # nix lsp server

    docker-compose
  ];
--- a/home/modules/window_manager/xmonad.nix
+++ b/home/modules/window_manager/xmonad.nix
@ -14,6 +14,13 @@ let themeCfg = config.local.theme; in
    windowManager.xmonad = {
      enable = true;
      enableContribAndExtras = true;
+
+      haskellPackages = pkgs.unstable.haskellPackages;
+      extraPackages = (hp: [
+        hp.dbus
+        hp.monad-logger
+      ]);
+
      config = pkgs.substituteAll {
        src = ./xmonad_config.hs;
        inherit (themeCfg.bar) background mainText inactiveText;
@ -21,10 +28,6 @@ let themeCfg = config.local.theme; in
        inherit (themeCfg.highlights) critical warning success;
        inherit (themeCfg.syntax) mark1 mark2 mark3;
      };
-      extraPackages = (hp: [
-        hp.dbus
-        hp.monad-logger
-      ]);
    };

    initExtra = ''
--- a/home/users/jan/default.nix
+++ b/home/users/jan/default.nix
@ -3,8 +3,6 @@
 {
  nixpkgs.overlays = lib.mkAfter [
    inputs.myneovim.overlays.default
-    inputs.mytools.overlays.all
-    inputs.wd2.overlays.default
    inputs.nil.overlays.default
    inputs.vnetod.overlays.default
    inputs.wired.overlays.default
--- a/home/users/jan/home.nix
+++ b/home/users/jan/home.nix
@ -51,8 +51,8 @@
    # ungoogled-chromium
    tor-browser-bundle-bin

-    (pkgs.callPackage ../../../packages/myip.nix { })
-    (pkgs.callPackage ../../../packages/woodpecker { }).woodpecker-cli
+    myip
+    unstable.woodpecker-cli
  ];

  local.git = {
--- a/nixos/hosts/asus-gl553vd/default.nix
+++ b/nixos/hosts/asus-gl553vd/default.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, ... }:

 {
  imports = [
@ -11,6 +11,7 @@
    ../../shared/gnupg.nix
    ../../shared/garbage-collector.nix
    ../../shared/networking.secret.nix
+    ../../shared/ipfs.nix
  ];

  # Use latest kernel
@ -58,13 +59,6 @@
  # Enable the Docker
  virtualisation.docker.enable = true;

-  # Enable ipfs
-  services.kubo = {
-    enable = true;
-    localDiscovery = true;
-    enableGC = true;
-  };
-
  # Additional nix configs
  local.nix.enableMyRegistry = true;

--- a/nixos/hosts/canigou/default.nix
+++ b/nixos/hosts/canigou/default.nix
@ -8,6 +8,7 @@ in
    ./hardware-configuration.nix
    ./networking.secret.nix # generated at runtime by nixos-infect

+    ../../modules/nix.nix
    ../../shared/common.nix
    ../../shared/fail2ban.nix
    ../../shared/garbage-collector.nix
--- a/nixos/hosts/home/default.nix
+++ b/nixos/hosts/home/default.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, ... }:

 {
  imports = [
@ -11,11 +11,13 @@
    ../../shared/gnupg.nix
    ../../shared/garbage-collector.nix
    ../../shared/networking.secret.nix
+    ../../shared/ipfs.nix
  ];

  # Configure kernel
  boot = {
-    kernelPackages = pkgs.linuxPackages_6_1;
+    # I cannot use rtl88x2bu driver in stable
+    kernelPackages = pkgs.unstable.linuxPackages_6_1;
    extraModulePackages = with config.boot.kernelPackages; [
      rtl88x2bu
    ];
@ -82,13 +84,6 @@
  # Enable the Docker
  virtualisation.docker.enable = true;

-  # Enable ipfs
-  services.kubo = {
-    enable = true;
-    localDiscovery = true;
-    enableGC = true;
-  };
-
  # Additional nix configs
  local.nix.enableMyRegistry = true;

--- a/nixos/hosts/magenta/default.nix
+++ b/nixos/hosts/magenta/default.nix
@ -8,6 +8,7 @@ in
    ./hardware-configuration.nix
    ./networking.secret.nix # generated at runtime by nixos-infect

+    ../../modules/nix.nix
    ../../shared/common.nix
    ../../shared/fail2ban.nix
    ../../shared/garbage-collector.nix
--- a/nixos/hosts/magenta/services/gitea.nix
+++ b/nixos/hosts/magenta/services/gitea.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, inputs, ... }:
+{ config, pkgs, lib, ... }:

 let
  hostname = "git.pleshevski.ru";
@ -17,7 +17,7 @@ in
  services.gitea = {
    enable = true;
    httpPort = 9901;
-    package = inputs.nixpkgs_unstable.legacyPackages.${pkgs.system}.gitea;
+    package = pkgs.unstable.gitea;
    domain = hostname;
    rootUrl = "https://${hostname}";
    appName = "Pleshevskiy's Gitea";
--- a/nixos/hosts/magenta/services/woodpecker/agent-docker.nix
+++ b/nixos/hosts/magenta/services/woodpecker/agent-docker.nix
@ -1,8 +1,6 @@
 { pkgs, config, ... }:

 let
-  nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
-
  canigouData = import ../../data.secret.nix;

  data = import ./data.secret.nix;
@ -30,7 +28,7 @@ in
        "WOODPECKER_BACKEND=docker"
        "WOODPECKER_BACKEND_DOCKER_VOLUMES=${dockerSockVolume},${dockerConfVolume}"
      ];
-      ExecStart = "${nextPkgs.woodpecker-agent}/bin/woodpecker-agent";
+      ExecStart = "${pkgs.unstable.woodpecker-agent}/bin/woodpecker-agent";
      User = userAgent;
      Group = group;
    };
--- a/nixos/hosts/magenta/services/woodpecker/server.nix
+++ b/nixos/hosts/magenta/services/woodpecker/server.nix
@ -2,8 +2,6 @@
 { pkgs, config, ... }:

 let
-  nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
-
  data = import ./data.secret.nix;
  inherit (data) hostname port grpcPort userServer group database;
 in
@ -36,7 +34,7 @@ in
        "WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}"
        "WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true"
      ];
-      ExecStart = "${nextPkgs.woodpecker-server}/bin/woodpecker-server";
+      ExecStart = "${pkgs.unstable.woodpecker-server}/bin/woodpecker-server";
      User = userServer;
      Group = group;
    };
--- a/nixos/modules/nix.nix
+++ b/nixos/modules/nix.nix
@ -1,8 +1,14 @@
-{ lib, config, ... }:
+{ lib, inputs, config, ... }:

 let
  inherit (builtins) elem;
  cfg = config.local.nix;
+
+  gitple = "https://git.pleshevski.ru";
+  mkRegistry = id: url: {
+    from = { type = "indirect"; inherit id; };
+    to = { type = "git"; inherit url; };
+  };
 in
 {
  options.local.nix = with lib; {
@ -22,6 +28,15 @@ in
      (cfg.allowUnfreePackages != [ ])
      (pkg: elem (lib.getName pkg) cfg.allowUnfreePackages);

+    nixpkgs.overlays = lib.mkBefore [
+      inputs.self.overlays.default
+      (final: prev: {
+        unstable = import inputs.nixpkgs-unstable {
+          inherit (config.nixpkgs) config overlays system;
+        };
+      })
+    ];
+
    nix = {
      settings = {
        auto-optimise-store = true;
@ -36,16 +51,18 @@ in
        keep-outputs = true;
      };

-      registry = lib.mkIf cfg.enableMyRegistry (
-        let
-          gitple = "https://git.pleshevski.ru";
-          mkRegistry = id: url: {
-            from = { type = "indirect"; inherit id; };
-            to = { type = "git"; inherit url; };
-          };
-        in
-        { templates = mkRegistry "tmpl" "${gitple}/mynix/templates"; }
-      );
+      registry = lib.mkMerge [
+        {
+          nixpkgs.flake = inputs.nixpkgs;
+          nixpkgs-unstable.flake = inputs.nixpkgs-unstable;
+        }
+
+        (lib.mkIf cfg.enableMyRegistry {
+          templates = mkRegistry "tmpl" "${gitple}/mynix/templates";
+          tools = mkRegistry "tools" "${gitple}/mynix/tools";
+          tools_wd2 = mkRegistry "wd2" "${gitple}/pleshevskiy/wd2";
+        })
+      ];
    };
  };
 }
--- a/nixos/shared/ipfs.nix
+++ b/nixos/shared/ipfs.nix
@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+  # Enable ipfs
+  services.kubo = {
+    enable = true;
+    localDiscovery = true;
+    enableGC = true;
+    # it doesn't work in stable
+    package = pkgs.unstable.kubo;
+  };
+}
--- a/packages/default.nix
+++ b/packages/default.nix
@ -0,0 +1,7 @@
+{ lib, callPackage }:
+
+
+(import ./woodpecker { inherit callPackage; }) //
+{
+  myip = callPackage ./myip.nix { };
+}
--- a/packages/woodpecker/common.nix
+++ b/packages/woodpecker/common.nix
@ -1,7 +1,7 @@
 { lib, fetchFromGitea }:
 let
-  version = "36bdad8b00d3b8329dd414f3ccd22675660ec1bb";
-  srcSha256 = "sha256-c3fb/UP5flFuBvgLfxMAwSfQ24JlyjAiobBXeJhCvJk=";
+  version = "ef1f27d5e3fae7ae6278717f33dde61778a302d1";
+  srcSha256 = "sha256-4m9+SC4aMU8AVwrgdDoNFf02mh4R6PLmgnGQ2K8dEuk=";
  yarnSha256 = "sha256-DZHwITEG+d3Xtj2k4FaWTEFNjJtX7rD0OvG2uuv6xH0=";
 in
 {
--- a/packages/woodpecker/frontend.nix
+++ b/packages/woodpecker/frontend.nix
@ -1,4 +1,5 @@
-{ lib, callPackage, fetchFromGitHub, fetchYarnDeps, mkYarnPackage }:
+{ callPackage, fetchYarnDeps, mkYarnPackage }:
+
 let
  common = callPackage ./common.nix { };
 in
@ -14,6 +15,12 @@ mkYarnPackage {
    sha256 = common.yarnSha256;
  };

+  patchPhase = ''
+    cd src/assets/locales
+    rm $(ls | grep -v en.json)
+    cd -
+  '';
+
  buildPhase = ''
    runHook preBuild