nix: use 22.11 stable nixpkgs (#13)

nix: refac overlays

nix: fix path to packages

nix: use mkMerge

nix: rename nixpkgs-unstable input

user: remove my tools

user: build use unstable packages for nil

cannot be built on stable because it requires rustc 1.66 or newer, while the currently active rustc version is 1.64.0

host/magenta: use unstable gitea

nix: fix rollback command

nix: fix overlays

user: use unstable haskell packages to build xmonad

user: don't build woodpecker-cli

host: import nix module for canigou and magenta

pkgs: fix woodpecker

host/home: use unstable kernel to use rtl88x2bu driver

host: use unstable ipfs

move ipfs to shared config

user: use unstable woodpecker-cli

Reviewed-on: #13
This commit is contained in:
Dmitriy Pleshevskiy 2023-03-31 17:40:22 +03:00
parent d4b4c07305
commit dab505e62b
19 changed files with 113 additions and 178 deletions

View file

@ -9,7 +9,7 @@ DEPS_MY := \
DEPS_NIXOS := \
nixpkgs \
nixpkgs_unstable \
nixpkgs-unstable \
hardware \
home-manager \
agenix
@ -37,13 +37,21 @@ $(1): ;
systemctl --user reset-failed
$$(NIX_RUN)switch/$(1)
.PHONY: $(1)-test
$(1)-test: ; $$(NIX_RUN)test/$(1)
.PHONY: rollback-$(1)
rollback-$(1):
$$(NIX_RUN)rollback/$(1)
.PHONY: test-$(1)
test-$(1): ; $$(NIX_RUN)test/$(1)
endef
define vps_rule
.PHONY: $(1)
$(1): ; $$(NIX_RUN)deploy/$(1)
.PHONY: rollback-$(1)
rollback-$(1):
$$(NIX_RUN)rollback/$(1)
endef
$(foreach machine,$(MACHINES),$(eval $(call machine_rule,$(machine))))

View file

@ -380,30 +380,6 @@
"url": "https://git.pleshevski.ru/mynix/neovim"
}
},
"mytools": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1679901802,
"narHash": "sha256-BT/2TqtolnSYqi1vpx0nBo5idlPLwl+5ZY+e/T+dm6o=",
"ref": "refs/heads/main",
"rev": "b5afe25a79bfefe1da34d70779658ea7f313938b",
"revCount": 32,
"type": "git",
"url": "https://git.pleshevski.ru/mynix/tools"
},
"original": {
"type": "git",
"url": "https://git.pleshevski.ru/mynix/tools"
}
},
"neoformat": {
"flake": false,
"locked": {
@ -490,37 +466,7 @@
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1679944645,
"narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4bb072f0a8b267613c127684e099a70e1f6ff106",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1679281263,
"narHash": "sha256-neMref1GTruSLt1jBgAw+lvGsZj8arQYfdxvSi5yp4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8276a165b9fa3db1a7a4f29ee29b680e0799b9dc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_unstable": {
"nixpkgs-unstable": {
"locked": {
"lastModified": 1680110233,
"narHash": "sha256-x8ob7Xk2mcGl6U+tVIIUYtXmiGVA304YXMJIzX+wVbA=",
@ -536,6 +482,22 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1680122840,
"narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a575c243c23e2851b78c00e9fa245232926ec32f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nlsp-settings-nvim": {
"flake": false,
"locked": {
@ -665,31 +627,6 @@
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"mytools",
"flake-utils"
],
"nixpkgs": [
"mytools",
"nixpkgs"
]
},
"locked": {
"lastModified": 1679445660,
"narHash": "sha256-yhO+5d5Ilxybmt3/oGI7KJ/kjnDq50MLrPIvjc40qeg=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "50ec694c27a12bc178fff961c4dd927fa6a47f18",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
@ -698,12 +635,10 @@
"home-manager": "home-manager",
"mailserver": "mailserver",
"myneovim": "myneovim",
"mytools": "mytools",
"nil": "nil",
"nixpkgs": "nixpkgs_2",
"nixpkgs_unstable": "nixpkgs_unstable",
"nixpkgs-unstable": "nixpkgs-unstable",
"vnetod": "vnetod",
"wd2": "wd2",
"wired": "wired"
}
},
@ -849,30 +784,6 @@
"url": "https://git.pleshevski.ru/pleshevskiy/vnetod"
}
},
"wd2": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": "nixpkgs_3",
"tools": [
"mytools"
]
},
"locked": {
"lastModified": 1679321145,
"narHash": "sha256-XxNcy0ldrUKDZhaGaORtkAcnoZmnpc32KJVyeIGV2BY=",
"ref": "refs/heads/main",
"rev": "82d99a485c47870a92fb889af58908a41e695092",
"revCount": 18,
"type": "git",
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
},
"original": {
"type": "git",
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
}
},
"wired": {
"inputs": {
"alejandra": "alejandra",

View file

@ -1,8 +1,8 @@
{
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs_unstable.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
hardware.url = "github:NixOS/nixos-hardware/master";
agenix = {
@ -33,19 +33,6 @@
inputs.flake-utils.follows = "flake-utils";
};
# my nix tools
mytools = {
url = "git+https://git.pleshevski.ru/mynix/tools";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
# a wrapper for d2 tool
wd2 = {
url = "git+https://git.pleshevski.ru/pleshevskiy/wd2";
inputs.tools.follows = "mytools";
inputs.flake-utils.follows = "flake-utils";
};
# tool to change .env faster
vnetod = {
url = "git+https://git.pleshevski.ru/pleshevskiy/vnetod";
@ -87,9 +74,7 @@
rollback = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "rollback-${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild test \
--rollback \
--flake .#${hostname}
${nixos-rebuild}/bin/nixos-rebuild switch --rollback
'')
self.nixosConfigurations);
@ -128,6 +113,8 @@
};
})
// {
overlays.default = final: prev: import ./packages { inherit (prev) lib callPackage; };
nixosConfigurations =
nixpkgs.lib.mapAttrs
(hostname: { system

View file

@ -36,16 +36,14 @@ in
bat # a cat clone with syntax highlighting and git integration
ripgrep # a fuzzy finder
vnetod # a tool to change env sections
wd2 # my wrapper for d2
gnumake
libnotify # tool to send notifications via cli
fawltydeps # Python dependency checker
deno
nickel
nixpkgs-fmt # nix formatter
nil # nix lsp server
unstable.nil # nix lsp server
docker-compose
];

View file

@ -14,6 +14,13 @@ let themeCfg = config.local.theme; in
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
haskellPackages = pkgs.unstable.haskellPackages;
extraPackages = (hp: [
hp.dbus
hp.monad-logger
]);
config = pkgs.substituteAll {
src = ./xmonad_config.hs;
inherit (themeCfg.bar) background mainText inactiveText;
@ -21,10 +28,6 @@ let themeCfg = config.local.theme; in
inherit (themeCfg.highlights) critical warning success;
inherit (themeCfg.syntax) mark1 mark2 mark3;
};
extraPackages = (hp: [
hp.dbus
hp.monad-logger
]);
};
initExtra = ''

View file

@ -3,8 +3,6 @@
{
nixpkgs.overlays = lib.mkAfter [
inputs.myneovim.overlays.default
inputs.mytools.overlays.all
inputs.wd2.overlays.default
inputs.nil.overlays.default
inputs.vnetod.overlays.default
inputs.wired.overlays.default

View file

@ -51,8 +51,8 @@
# ungoogled-chromium
tor-browser-bundle-bin
(pkgs.callPackage ../../../packages/myip.nix { })
(pkgs.callPackage ../../../packages/woodpecker { }).woodpecker-cli
myip
unstable.woodpecker-cli
];
local.git = {

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }:
{ config, pkgs, ... }:
{
imports = [
@ -11,6 +11,7 @@
../../shared/gnupg.nix
../../shared/garbage-collector.nix
../../shared/networking.secret.nix
../../shared/ipfs.nix
];
# Use latest kernel
@ -58,13 +59,6 @@
# Enable the Docker
virtualisation.docker.enable = true;
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
};
# Additional nix configs
local.nix.enableMyRegistry = true;

View file

@ -8,6 +8,7 @@ in
./hardware-configuration.nix
./networking.secret.nix # generated at runtime by nixos-infect
../../modules/nix.nix
../../shared/common.nix
../../shared/fail2ban.nix
../../shared/garbage-collector.nix

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }:
{ config, pkgs, ... }:
{
imports = [
@ -11,11 +11,13 @@
../../shared/gnupg.nix
../../shared/garbage-collector.nix
../../shared/networking.secret.nix
../../shared/ipfs.nix
];
# Configure kernel
boot = {
kernelPackages = pkgs.linuxPackages_6_1;
# I cannot use rtl88x2bu driver in stable
kernelPackages = pkgs.unstable.linuxPackages_6_1;
extraModulePackages = with config.boot.kernelPackages; [
rtl88x2bu
];
@ -82,13 +84,6 @@
# Enable the Docker
virtualisation.docker.enable = true;
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
};
# Additional nix configs
local.nix.enableMyRegistry = true;

View file

@ -8,6 +8,7 @@ in
./hardware-configuration.nix
./networking.secret.nix # generated at runtime by nixos-infect
../../modules/nix.nix
../../shared/common.nix
../../shared/fail2ban.nix
../../shared/garbage-collector.nix

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, inputs, ... }:
{ config, pkgs, lib, ... }:
let
hostname = "git.pleshevski.ru";
@ -17,7 +17,7 @@ in
services.gitea = {
enable = true;
httpPort = 9901;
package = inputs.nixpkgs_unstable.legacyPackages.${pkgs.system}.gitea;
package = pkgs.unstable.gitea;
domain = hostname;
rootUrl = "https://${hostname}";
appName = "Pleshevskiy's Gitea";

View file

@ -1,8 +1,6 @@
{ pkgs, config, ... }:
let
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
canigouData = import ../../data.secret.nix;
data = import ./data.secret.nix;
@ -30,7 +28,7 @@ in
"WOODPECKER_BACKEND=docker"
"WOODPECKER_BACKEND_DOCKER_VOLUMES=${dockerSockVolume},${dockerConfVolume}"
];
ExecStart = "${nextPkgs.woodpecker-agent}/bin/woodpecker-agent";
ExecStart = "${pkgs.unstable.woodpecker-agent}/bin/woodpecker-agent";
User = userAgent;
Group = group;
};

View file

@ -2,8 +2,6 @@
{ pkgs, config, ... }:
let
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
data = import ./data.secret.nix;
inherit (data) hostname port grpcPort userServer group database;
in
@ -36,7 +34,7 @@ in
"WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}"
"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true"
];
ExecStart = "${nextPkgs.woodpecker-server}/bin/woodpecker-server";
ExecStart = "${pkgs.unstable.woodpecker-server}/bin/woodpecker-server";
User = userServer;
Group = group;
};

View file

@ -1,8 +1,14 @@
{ lib, config, ... }:
{ lib, inputs, config, ... }:
let
inherit (builtins) elem;
cfg = config.local.nix;
gitple = "https://git.pleshevski.ru";
mkRegistry = id: url: {
from = { type = "indirect"; inherit id; };
to = { type = "git"; inherit url; };
};
in
{
options.local.nix = with lib; {
@ -22,6 +28,15 @@ in
(cfg.allowUnfreePackages != [ ])
(pkg: elem (lib.getName pkg) cfg.allowUnfreePackages);
nixpkgs.overlays = lib.mkBefore [
inputs.self.overlays.default
(final: prev: {
unstable = import inputs.nixpkgs-unstable {
inherit (config.nixpkgs) config overlays system;
};
})
];
nix = {
settings = {
auto-optimise-store = true;
@ -36,16 +51,18 @@ in
keep-outputs = true;
};
registry = lib.mkIf cfg.enableMyRegistry (
let
gitple = "https://git.pleshevski.ru";
mkRegistry = id: url: {
from = { type = "indirect"; inherit id; };
to = { type = "git"; inherit url; };
};
in
{ templates = mkRegistry "tmpl" "${gitple}/mynix/templates"; }
);
registry = lib.mkMerge [
{
nixpkgs.flake = inputs.nixpkgs;
nixpkgs-unstable.flake = inputs.nixpkgs-unstable;
}
(lib.mkIf cfg.enableMyRegistry {
templates = mkRegistry "tmpl" "${gitple}/mynix/templates";
tools = mkRegistry "tools" "${gitple}/mynix/tools";
tools_wd2 = mkRegistry "wd2" "${gitple}/pleshevskiy/wd2";
})
];
};
};
}

12
nixos/shared/ipfs.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs, ... }:
{
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
# it doesn't work in stable
package = pkgs.unstable.kubo;
};
}

7
packages/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ lib, callPackage }:
(import ./woodpecker { inherit callPackage; }) //
{
myip = callPackage ./myip.nix { };
}

View file

@ -1,7 +1,7 @@
{ lib, fetchFromGitea }:
let
version = "36bdad8b00d3b8329dd414f3ccd22675660ec1bb";
srcSha256 = "sha256-c3fb/UP5flFuBvgLfxMAwSfQ24JlyjAiobBXeJhCvJk=";
version = "ef1f27d5e3fae7ae6278717f33dde61778a302d1";
srcSha256 = "sha256-4m9+SC4aMU8AVwrgdDoNFf02mh4R6PLmgnGQ2K8dEuk=";
yarnSha256 = "sha256-DZHwITEG+d3Xtj2k4FaWTEFNjJtX7rD0OvG2uuv6xH0=";
in
{

View file

@ -1,4 +1,5 @@
{ lib, callPackage, fetchFromGitHub, fetchYarnDeps, mkYarnPackage }:
{ callPackage, fetchYarnDeps, mkYarnPackage }:
let
common = callPackage ./common.nix { };
in
@ -14,6 +15,12 @@ mkYarnPackage {
sha256 = common.yarnSha256;
};
patchPhase = ''
cd src/assets/locales
rm $(ls | grep -v en.json)
cd -
'';
buildPhase = ''
runHook preBuild