nix: use 22.11 stable nixpkgs (#13)
nix: refac overlays nix: fix path to packages nix: use mkMerge nix: rename nixpkgs-unstable input user: remove my tools user: build use unstable packages for nil cannot be built on stable because it requires rustc 1.66 or newer, while the currently active rustc version is 1.64.0 host/magenta: use unstable gitea nix: fix rollback command nix: fix overlays user: use unstable haskell packages to build xmonad user: don't build woodpecker-cli host: import nix module for canigou and magenta pkgs: fix woodpecker host/home: use unstable kernel to use rtl88x2bu driver host: use unstable ipfs move ipfs to shared config user: use unstable woodpecker-cli Reviewed-on: #13
This commit is contained in:
parent
d4b4c07305
commit
dab505e62b
19 changed files with 113 additions and 178 deletions
14
Makefile
14
Makefile
|
@ -9,7 +9,7 @@ DEPS_MY := \
|
|||
|
||||
DEPS_NIXOS := \
|
||||
nixpkgs \
|
||||
nixpkgs_unstable \
|
||||
nixpkgs-unstable \
|
||||
hardware \
|
||||
home-manager \
|
||||
agenix
|
||||
|
@ -37,13 +37,21 @@ $(1): ;
|
|||
systemctl --user reset-failed
|
||||
$$(NIX_RUN)switch/$(1)
|
||||
|
||||
.PHONY: $(1)-test
|
||||
$(1)-test: ; $$(NIX_RUN)test/$(1)
|
||||
.PHONY: rollback-$(1)
|
||||
rollback-$(1):
|
||||
$$(NIX_RUN)rollback/$(1)
|
||||
|
||||
.PHONY: test-$(1)
|
||||
test-$(1): ; $$(NIX_RUN)test/$(1)
|
||||
endef
|
||||
|
||||
define vps_rule
|
||||
.PHONY: $(1)
|
||||
$(1): ; $$(NIX_RUN)deploy/$(1)
|
||||
|
||||
.PHONY: rollback-$(1)
|
||||
rollback-$(1):
|
||||
$$(NIX_RUN)rollback/$(1)
|
||||
endef
|
||||
|
||||
$(foreach machine,$(MACHINES),$(eval $(call machine_rule,$(machine))))
|
||||
|
|
125
flake.lock
125
flake.lock
|
@ -380,30 +380,6 @@
|
|||
"url": "https://git.pleshevski.ru/mynix/neovim"
|
||||
}
|
||||
},
|
||||
"mytools": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"poetry2nix": "poetry2nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1679901802,
|
||||
"narHash": "sha256-BT/2TqtolnSYqi1vpx0nBo5idlPLwl+5ZY+e/T+dm6o=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "b5afe25a79bfefe1da34d70779658ea7f313938b",
|
||||
"revCount": 32,
|
||||
"type": "git",
|
||||
"url": "https://git.pleshevski.ru/mynix/tools"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.pleshevski.ru/mynix/tools"
|
||||
}
|
||||
},
|
||||
"neoformat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -490,37 +466,7 @@
|
|||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1679944645,
|
||||
"narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4bb072f0a8b267613c127684e099a70e1f6ff106",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1679281263,
|
||||
"narHash": "sha256-neMref1GTruSLt1jBgAw+lvGsZj8arQYfdxvSi5yp4Q=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8276a165b9fa3db1a7a4f29ee29b680e0799b9dc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_unstable": {
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1680110233,
|
||||
"narHash": "sha256-x8ob7Xk2mcGl6U+tVIIUYtXmiGVA304YXMJIzX+wVbA=",
|
||||
|
@ -536,6 +482,22 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1680122840,
|
||||
"narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a575c243c23e2851b78c00e9fa245232926ec32f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-22.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nlsp-settings-nvim": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -665,31 +627,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"poetry2nix": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"mytools",
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"mytools",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1679445660,
|
||||
"narHash": "sha256-yhO+5d5Ilxybmt3/oGI7KJ/kjnDq50MLrPIvjc40qeg=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "50ec694c27a12bc178fff961c4dd927fa6a47f18",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
|
@ -698,12 +635,10 @@
|
|||
"home-manager": "home-manager",
|
||||
"mailserver": "mailserver",
|
||||
"myneovim": "myneovim",
|
||||
"mytools": "mytools",
|
||||
"nil": "nil",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs_unstable": "nixpkgs_unstable",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"vnetod": "vnetod",
|
||||
"wd2": "wd2",
|
||||
"wired": "wired"
|
||||
}
|
||||
},
|
||||
|
@ -849,30 +784,6 @@
|
|||
"url": "https://git.pleshevski.ru/pleshevskiy/vnetod"
|
||||
}
|
||||
},
|
||||
"wd2": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"tools": [
|
||||
"mytools"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1679321145,
|
||||
"narHash": "sha256-XxNcy0ldrUKDZhaGaORtkAcnoZmnpc32KJVyeIGV2BY=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "82d99a485c47870a92fb889af58908a41e695092",
|
||||
"revCount": 18,
|
||||
"type": "git",
|
||||
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
|
||||
}
|
||||
},
|
||||
"wired": {
|
||||
"inputs": {
|
||||
"alejandra": "alejandra",
|
||||
|
|
23
flake.nix
23
flake.nix
|
@ -1,8 +1,8 @@
|
|||
{
|
||||
inputs = {
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
nixpkgs_unstable.url = "github:NixOS/nixpkgs/master";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
|
||||
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
|
||||
hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
|
||||
agenix = {
|
||||
|
@ -33,19 +33,6 @@
|
|||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
|
||||
# my nix tools
|
||||
mytools = {
|
||||
url = "git+https://git.pleshevski.ru/mynix/tools";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
# a wrapper for d2 tool
|
||||
wd2 = {
|
||||
url = "git+https://git.pleshevski.ru/pleshevskiy/wd2";
|
||||
inputs.tools.follows = "mytools";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
|
||||
# tool to change .env faster
|
||||
vnetod = {
|
||||
url = "git+https://git.pleshevski.ru/pleshevskiy/vnetod";
|
||||
|
@ -87,9 +74,7 @@
|
|||
|
||||
rollback = lib.recurseIntoAttrs (lib.mapAttrs
|
||||
(hostname: machine: pkgs.writeShellScript "rollback-${hostname}" ''
|
||||
${nixos-rebuild}/bin/nixos-rebuild test \
|
||||
--rollback \
|
||||
--flake .#${hostname}
|
||||
${nixos-rebuild}/bin/nixos-rebuild switch --rollback
|
||||
'')
|
||||
self.nixosConfigurations);
|
||||
|
||||
|
@ -128,6 +113,8 @@
|
|||
};
|
||||
})
|
||||
// {
|
||||
overlays.default = final: prev: import ./packages { inherit (prev) lib callPackage; };
|
||||
|
||||
nixosConfigurations =
|
||||
nixpkgs.lib.mapAttrs
|
||||
(hostname: { system
|
||||
|
|
|
@ -36,16 +36,14 @@ in
|
|||
bat # a cat clone with syntax highlighting and git integration
|
||||
ripgrep # a fuzzy finder
|
||||
vnetod # a tool to change env sections
|
||||
wd2 # my wrapper for d2
|
||||
gnumake
|
||||
libnotify # tool to send notifications via cli
|
||||
fawltydeps # Python dependency checker
|
||||
|
||||
deno
|
||||
nickel
|
||||
|
||||
nixpkgs-fmt # nix formatter
|
||||
nil # nix lsp server
|
||||
unstable.nil # nix lsp server
|
||||
|
||||
docker-compose
|
||||
];
|
||||
|
|
|
@ -14,6 +14,13 @@ let themeCfg = config.local.theme; in
|
|||
windowManager.xmonad = {
|
||||
enable = true;
|
||||
enableContribAndExtras = true;
|
||||
|
||||
haskellPackages = pkgs.unstable.haskellPackages;
|
||||
extraPackages = (hp: [
|
||||
hp.dbus
|
||||
hp.monad-logger
|
||||
]);
|
||||
|
||||
config = pkgs.substituteAll {
|
||||
src = ./xmonad_config.hs;
|
||||
inherit (themeCfg.bar) background mainText inactiveText;
|
||||
|
@ -21,10 +28,6 @@ let themeCfg = config.local.theme; in
|
|||
inherit (themeCfg.highlights) critical warning success;
|
||||
inherit (themeCfg.syntax) mark1 mark2 mark3;
|
||||
};
|
||||
extraPackages = (hp: [
|
||||
hp.dbus
|
||||
hp.monad-logger
|
||||
]);
|
||||
};
|
||||
|
||||
initExtra = ''
|
||||
|
|
|
@ -3,8 +3,6 @@
|
|||
{
|
||||
nixpkgs.overlays = lib.mkAfter [
|
||||
inputs.myneovim.overlays.default
|
||||
inputs.mytools.overlays.all
|
||||
inputs.wd2.overlays.default
|
||||
inputs.nil.overlays.default
|
||||
inputs.vnetod.overlays.default
|
||||
inputs.wired.overlays.default
|
||||
|
|
|
@ -51,8 +51,8 @@
|
|||
# ungoogled-chromium
|
||||
tor-browser-bundle-bin
|
||||
|
||||
(pkgs.callPackage ../../../packages/myip.nix { })
|
||||
(pkgs.callPackage ../../../packages/woodpecker { }).woodpecker-cli
|
||||
myip
|
||||
unstable.woodpecker-cli
|
||||
];
|
||||
|
||||
local.git = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -11,6 +11,7 @@
|
|||
../../shared/gnupg.nix
|
||||
../../shared/garbage-collector.nix
|
||||
../../shared/networking.secret.nix
|
||||
../../shared/ipfs.nix
|
||||
];
|
||||
|
||||
# Use latest kernel
|
||||
|
@ -58,13 +59,6 @@
|
|||
# Enable the Docker
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
# Enable ipfs
|
||||
services.kubo = {
|
||||
enable = true;
|
||||
localDiscovery = true;
|
||||
enableGC = true;
|
||||
};
|
||||
|
||||
# Additional nix configs
|
||||
local.nix.enableMyRegistry = true;
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ in
|
|||
./hardware-configuration.nix
|
||||
./networking.secret.nix # generated at runtime by nixos-infect
|
||||
|
||||
../../modules/nix.nix
|
||||
../../shared/common.nix
|
||||
../../shared/fail2ban.nix
|
||||
../../shared/garbage-collector.nix
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -11,11 +11,13 @@
|
|||
../../shared/gnupg.nix
|
||||
../../shared/garbage-collector.nix
|
||||
../../shared/networking.secret.nix
|
||||
../../shared/ipfs.nix
|
||||
];
|
||||
|
||||
# Configure kernel
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxPackages_6_1;
|
||||
# I cannot use rtl88x2bu driver in stable
|
||||
kernelPackages = pkgs.unstable.linuxPackages_6_1;
|
||||
extraModulePackages = with config.boot.kernelPackages; [
|
||||
rtl88x2bu
|
||||
];
|
||||
|
@ -82,13 +84,6 @@
|
|||
# Enable the Docker
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
# Enable ipfs
|
||||
services.kubo = {
|
||||
enable = true;
|
||||
localDiscovery = true;
|
||||
enableGC = true;
|
||||
};
|
||||
|
||||
# Additional nix configs
|
||||
local.nix.enableMyRegistry = true;
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ in
|
|||
./hardware-configuration.nix
|
||||
./networking.secret.nix # generated at runtime by nixos-infect
|
||||
|
||||
../../modules/nix.nix
|
||||
../../shared/common.nix
|
||||
../../shared/fail2ban.nix
|
||||
../../shared/garbage-collector.nix
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, inputs, ... }:
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
hostname = "git.pleshevski.ru";
|
||||
|
@ -17,7 +17,7 @@ in
|
|||
services.gitea = {
|
||||
enable = true;
|
||||
httpPort = 9901;
|
||||
package = inputs.nixpkgs_unstable.legacyPackages.${pkgs.system}.gitea;
|
||||
package = pkgs.unstable.gitea;
|
||||
domain = hostname;
|
||||
rootUrl = "https://${hostname}";
|
||||
appName = "Pleshevskiy's Gitea";
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
|
||||
|
||||
canigouData = import ../../data.secret.nix;
|
||||
|
||||
data = import ./data.secret.nix;
|
||||
|
@ -30,7 +28,7 @@ in
|
|||
"WOODPECKER_BACKEND=docker"
|
||||
"WOODPECKER_BACKEND_DOCKER_VOLUMES=${dockerSockVolume},${dockerConfVolume}"
|
||||
];
|
||||
ExecStart = "${nextPkgs.woodpecker-agent}/bin/woodpecker-agent";
|
||||
ExecStart = "${pkgs.unstable.woodpecker-agent}/bin/woodpecker-agent";
|
||||
User = userAgent;
|
||||
Group = group;
|
||||
};
|
||||
|
|
|
@ -2,8 +2,6 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
|
||||
|
||||
data = import ./data.secret.nix;
|
||||
inherit (data) hostname port grpcPort userServer group database;
|
||||
in
|
||||
|
@ -36,7 +34,7 @@ in
|
|||
"WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}"
|
||||
"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true"
|
||||
];
|
||||
ExecStart = "${nextPkgs.woodpecker-server}/bin/woodpecker-server";
|
||||
ExecStart = "${pkgs.unstable.woodpecker-server}/bin/woodpecker-server";
|
||||
User = userServer;
|
||||
Group = group;
|
||||
};
|
||||
|
|
|
@ -1,8 +1,14 @@
|
|||
{ lib, config, ... }:
|
||||
{ lib, inputs, config, ... }:
|
||||
|
||||
let
|
||||
inherit (builtins) elem;
|
||||
cfg = config.local.nix;
|
||||
|
||||
gitple = "https://git.pleshevski.ru";
|
||||
mkRegistry = id: url: {
|
||||
from = { type = "indirect"; inherit id; };
|
||||
to = { type = "git"; inherit url; };
|
||||
};
|
||||
in
|
||||
{
|
||||
options.local.nix = with lib; {
|
||||
|
@ -22,6 +28,15 @@ in
|
|||
(cfg.allowUnfreePackages != [ ])
|
||||
(pkg: elem (lib.getName pkg) cfg.allowUnfreePackages);
|
||||
|
||||
nixpkgs.overlays = lib.mkBefore [
|
||||
inputs.self.overlays.default
|
||||
(final: prev: {
|
||||
unstable = import inputs.nixpkgs-unstable {
|
||||
inherit (config.nixpkgs) config overlays system;
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
auto-optimise-store = true;
|
||||
|
@ -36,16 +51,18 @@ in
|
|||
keep-outputs = true;
|
||||
};
|
||||
|
||||
registry = lib.mkIf cfg.enableMyRegistry (
|
||||
let
|
||||
gitple = "https://git.pleshevski.ru";
|
||||
mkRegistry = id: url: {
|
||||
from = { type = "indirect"; inherit id; };
|
||||
to = { type = "git"; inherit url; };
|
||||
};
|
||||
in
|
||||
{ templates = mkRegistry "tmpl" "${gitple}/mynix/templates"; }
|
||||
);
|
||||
registry = lib.mkMerge [
|
||||
{
|
||||
nixpkgs.flake = inputs.nixpkgs;
|
||||
nixpkgs-unstable.flake = inputs.nixpkgs-unstable;
|
||||
}
|
||||
|
||||
(lib.mkIf cfg.enableMyRegistry {
|
||||
templates = mkRegistry "tmpl" "${gitple}/mynix/templates";
|
||||
tools = mkRegistry "tools" "${gitple}/mynix/tools";
|
||||
tools_wd2 = mkRegistry "wd2" "${gitple}/pleshevskiy/wd2";
|
||||
})
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
12
nixos/shared/ipfs.nix
Normal file
12
nixos/shared/ipfs.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
# Enable ipfs
|
||||
services.kubo = {
|
||||
enable = true;
|
||||
localDiscovery = true;
|
||||
enableGC = true;
|
||||
# it doesn't work in stable
|
||||
package = pkgs.unstable.kubo;
|
||||
};
|
||||
}
|
7
packages/default.nix
Normal file
7
packages/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{ lib, callPackage }:
|
||||
|
||||
|
||||
(import ./woodpecker { inherit callPackage; }) //
|
||||
{
|
||||
myip = callPackage ./myip.nix { };
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, fetchFromGitea }:
|
||||
let
|
||||
version = "36bdad8b00d3b8329dd414f3ccd22675660ec1bb";
|
||||
srcSha256 = "sha256-c3fb/UP5flFuBvgLfxMAwSfQ24JlyjAiobBXeJhCvJk=";
|
||||
version = "ef1f27d5e3fae7ae6278717f33dde61778a302d1";
|
||||
srcSha256 = "sha256-4m9+SC4aMU8AVwrgdDoNFf02mh4R6PLmgnGQ2K8dEuk=";
|
||||
yarnSha256 = "sha256-DZHwITEG+d3Xtj2k4FaWTEFNjJtX7rD0OvG2uuv6xH0=";
|
||||
in
|
||||
{
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ lib, callPackage, fetchFromGitHub, fetchYarnDeps, mkYarnPackage }:
|
||||
{ callPackage, fetchYarnDeps, mkYarnPackage }:
|
||||
|
||||
let
|
||||
common = callPackage ./common.nix { };
|
||||
in
|
||||
|
@ -14,6 +15,12 @@ mkYarnPackage {
|
|||
sha256 = common.yarnSha256;
|
||||
};
|
||||
|
||||
patchPhase = ''
|
||||
cd src/assets/locales
|
||||
rm $(ls | grep -v en.json)
|
||||
cd -
|
||||
'';
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
|
|
Loading…
Reference in a new issue