nix: use 22.11 stable nixpkgs (#13)

nix: refac overlays

nix: fix path to packages

nix: use mkMerge

nix: rename nixpkgs-unstable input

user: remove my tools

user: build use unstable packages for nil

cannot be built on stable because it requires rustc 1.66 or newer, while the currently active rustc version is 1.64.0

host/magenta: use unstable gitea

nix: fix rollback command

nix: fix overlays

user: use unstable haskell packages to build xmonad

user: don't build woodpecker-cli

host: import nix module for canigou and magenta

pkgs: fix woodpecker

host/home: use unstable kernel to use rtl88x2bu driver

host: use unstable ipfs

move ipfs to shared config

user: use unstable woodpecker-cli

Reviewed-on: #13
This commit is contained in:
Dmitriy Pleshevskiy 2023-03-31 17:40:22 +03:00
parent d4b4c07305
commit dab505e62b
19 changed files with 113 additions and 178 deletions

View file

@ -9,7 +9,7 @@ DEPS_MY := \
DEPS_NIXOS := \ DEPS_NIXOS := \
nixpkgs \ nixpkgs \
nixpkgs_unstable \ nixpkgs-unstable \
hardware \ hardware \
home-manager \ home-manager \
agenix agenix
@ -37,13 +37,21 @@ $(1): ;
systemctl --user reset-failed systemctl --user reset-failed
$$(NIX_RUN)switch/$(1) $$(NIX_RUN)switch/$(1)
.PHONY: $(1)-test .PHONY: rollback-$(1)
$(1)-test: ; $$(NIX_RUN)test/$(1) rollback-$(1):
$$(NIX_RUN)rollback/$(1)
.PHONY: test-$(1)
test-$(1): ; $$(NIX_RUN)test/$(1)
endef endef
define vps_rule define vps_rule
.PHONY: $(1) .PHONY: $(1)
$(1): ; $$(NIX_RUN)deploy/$(1) $(1): ; $$(NIX_RUN)deploy/$(1)
.PHONY: rollback-$(1)
rollback-$(1):
$$(NIX_RUN)rollback/$(1)
endef endef
$(foreach machine,$(MACHINES),$(eval $(call machine_rule,$(machine)))) $(foreach machine,$(MACHINES),$(eval $(call machine_rule,$(machine))))

View file

@ -380,30 +380,6 @@
"url": "https://git.pleshevski.ru/mynix/neovim" "url": "https://git.pleshevski.ru/mynix/neovim"
} }
}, },
"mytools": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1679901802,
"narHash": "sha256-BT/2TqtolnSYqi1vpx0nBo5idlPLwl+5ZY+e/T+dm6o=",
"ref": "refs/heads/main",
"rev": "b5afe25a79bfefe1da34d70779658ea7f313938b",
"revCount": 32,
"type": "git",
"url": "https://git.pleshevski.ru/mynix/tools"
},
"original": {
"type": "git",
"url": "https://git.pleshevski.ru/mynix/tools"
}
},
"neoformat": { "neoformat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -490,37 +466,7 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs_2": { "nixpkgs-unstable": {
"locked": {
"lastModified": 1679944645,
"narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4bb072f0a8b267613c127684e099a70e1f6ff106",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1679281263,
"narHash": "sha256-neMref1GTruSLt1jBgAw+lvGsZj8arQYfdxvSi5yp4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8276a165b9fa3db1a7a4f29ee29b680e0799b9dc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_unstable": {
"locked": { "locked": {
"lastModified": 1680110233, "lastModified": 1680110233,
"narHash": "sha256-x8ob7Xk2mcGl6U+tVIIUYtXmiGVA304YXMJIzX+wVbA=", "narHash": "sha256-x8ob7Xk2mcGl6U+tVIIUYtXmiGVA304YXMJIzX+wVbA=",
@ -536,6 +482,22 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": {
"locked": {
"lastModified": 1680122840,
"narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a575c243c23e2851b78c00e9fa245232926ec32f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nlsp-settings-nvim": { "nlsp-settings-nvim": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -665,31 +627,6 @@
"type": "github" "type": "github"
} }
}, },
"poetry2nix": {
"inputs": {
"flake-utils": [
"mytools",
"flake-utils"
],
"nixpkgs": [
"mytools",
"nixpkgs"
]
},
"locked": {
"lastModified": 1679445660,
"narHash": "sha256-yhO+5d5Ilxybmt3/oGI7KJ/kjnDq50MLrPIvjc40qeg=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "50ec694c27a12bc178fff961c4dd927fa6a47f18",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
@ -698,12 +635,10 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"mailserver": "mailserver", "mailserver": "mailserver",
"myneovim": "myneovim", "myneovim": "myneovim",
"mytools": "mytools",
"nil": "nil", "nil": "nil",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs_unstable": "nixpkgs_unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"vnetod": "vnetod", "vnetod": "vnetod",
"wd2": "wd2",
"wired": "wired" "wired": "wired"
} }
}, },
@ -849,30 +784,6 @@
"url": "https://git.pleshevski.ru/pleshevskiy/vnetod" "url": "https://git.pleshevski.ru/pleshevskiy/vnetod"
} }
}, },
"wd2": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": "nixpkgs_3",
"tools": [
"mytools"
]
},
"locked": {
"lastModified": 1679321145,
"narHash": "sha256-XxNcy0ldrUKDZhaGaORtkAcnoZmnpc32KJVyeIGV2BY=",
"ref": "refs/heads/main",
"rev": "82d99a485c47870a92fb889af58908a41e695092",
"revCount": 18,
"type": "git",
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
},
"original": {
"type": "git",
"url": "https://git.pleshevski.ru/pleshevskiy/wd2"
}
},
"wired": { "wired": {
"inputs": { "inputs": {
"alejandra": "alejandra", "alejandra": "alejandra",

View file

@ -1,8 +1,8 @@
{ {
inputs = { inputs = {
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nixpkgs_unstable.url = "github:NixOS/nixpkgs/master"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
hardware.url = "github:NixOS/nixos-hardware/master"; hardware.url = "github:NixOS/nixos-hardware/master";
agenix = { agenix = {
@ -33,19 +33,6 @@
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
}; };
# my nix tools
mytools = {
url = "git+https://git.pleshevski.ru/mynix/tools";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
# a wrapper for d2 tool
wd2 = {
url = "git+https://git.pleshevski.ru/pleshevskiy/wd2";
inputs.tools.follows = "mytools";
inputs.flake-utils.follows = "flake-utils";
};
# tool to change .env faster # tool to change .env faster
vnetod = { vnetod = {
url = "git+https://git.pleshevski.ru/pleshevskiy/vnetod"; url = "git+https://git.pleshevski.ru/pleshevskiy/vnetod";
@ -87,9 +74,7 @@
rollback = lib.recurseIntoAttrs (lib.mapAttrs rollback = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "rollback-${hostname}" '' (hostname: machine: pkgs.writeShellScript "rollback-${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild test \ ${nixos-rebuild}/bin/nixos-rebuild switch --rollback
--rollback \
--flake .#${hostname}
'') '')
self.nixosConfigurations); self.nixosConfigurations);
@ -128,6 +113,8 @@
}; };
}) })
// { // {
overlays.default = final: prev: import ./packages { inherit (prev) lib callPackage; };
nixosConfigurations = nixosConfigurations =
nixpkgs.lib.mapAttrs nixpkgs.lib.mapAttrs
(hostname: { system (hostname: { system

View file

@ -36,16 +36,14 @@ in
bat # a cat clone with syntax highlighting and git integration bat # a cat clone with syntax highlighting and git integration
ripgrep # a fuzzy finder ripgrep # a fuzzy finder
vnetod # a tool to change env sections vnetod # a tool to change env sections
wd2 # my wrapper for d2
gnumake gnumake
libnotify # tool to send notifications via cli libnotify # tool to send notifications via cli
fawltydeps # Python dependency checker
deno deno
nickel nickel
nixpkgs-fmt # nix formatter nixpkgs-fmt # nix formatter
nil # nix lsp server unstable.nil # nix lsp server
docker-compose docker-compose
]; ];

View file

@ -14,6 +14,13 @@ let themeCfg = config.local.theme; in
windowManager.xmonad = { windowManager.xmonad = {
enable = true; enable = true;
enableContribAndExtras = true; enableContribAndExtras = true;
haskellPackages = pkgs.unstable.haskellPackages;
extraPackages = (hp: [
hp.dbus
hp.monad-logger
]);
config = pkgs.substituteAll { config = pkgs.substituteAll {
src = ./xmonad_config.hs; src = ./xmonad_config.hs;
inherit (themeCfg.bar) background mainText inactiveText; inherit (themeCfg.bar) background mainText inactiveText;
@ -21,10 +28,6 @@ let themeCfg = config.local.theme; in
inherit (themeCfg.highlights) critical warning success; inherit (themeCfg.highlights) critical warning success;
inherit (themeCfg.syntax) mark1 mark2 mark3; inherit (themeCfg.syntax) mark1 mark2 mark3;
}; };
extraPackages = (hp: [
hp.dbus
hp.monad-logger
]);
}; };
initExtra = '' initExtra = ''

View file

@ -3,8 +3,6 @@
{ {
nixpkgs.overlays = lib.mkAfter [ nixpkgs.overlays = lib.mkAfter [
inputs.myneovim.overlays.default inputs.myneovim.overlays.default
inputs.mytools.overlays.all
inputs.wd2.overlays.default
inputs.nil.overlays.default inputs.nil.overlays.default
inputs.vnetod.overlays.default inputs.vnetod.overlays.default
inputs.wired.overlays.default inputs.wired.overlays.default

View file

@ -51,8 +51,8 @@
# ungoogled-chromium # ungoogled-chromium
tor-browser-bundle-bin tor-browser-bundle-bin
(pkgs.callPackage ../../../packages/myip.nix { }) myip
(pkgs.callPackage ../../../packages/woodpecker { }).woodpecker-cli unstable.woodpecker-cli
]; ];
local.git = { local.git = {

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [
@ -11,6 +11,7 @@
../../shared/gnupg.nix ../../shared/gnupg.nix
../../shared/garbage-collector.nix ../../shared/garbage-collector.nix
../../shared/networking.secret.nix ../../shared/networking.secret.nix
../../shared/ipfs.nix
]; ];
# Use latest kernel # Use latest kernel
@ -58,13 +59,6 @@
# Enable the Docker # Enable the Docker
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
};
# Additional nix configs # Additional nix configs
local.nix.enableMyRegistry = true; local.nix.enableMyRegistry = true;

View file

@ -8,6 +8,7 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
./networking.secret.nix # generated at runtime by nixos-infect ./networking.secret.nix # generated at runtime by nixos-infect
../../modules/nix.nix
../../shared/common.nix ../../shared/common.nix
../../shared/fail2ban.nix ../../shared/fail2ban.nix
../../shared/garbage-collector.nix ../../shared/garbage-collector.nix

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [
@ -11,11 +11,13 @@
../../shared/gnupg.nix ../../shared/gnupg.nix
../../shared/garbage-collector.nix ../../shared/garbage-collector.nix
../../shared/networking.secret.nix ../../shared/networking.secret.nix
../../shared/ipfs.nix
]; ];
# Configure kernel # Configure kernel
boot = { boot = {
kernelPackages = pkgs.linuxPackages_6_1; # I cannot use rtl88x2bu driver in stable
kernelPackages = pkgs.unstable.linuxPackages_6_1;
extraModulePackages = with config.boot.kernelPackages; [ extraModulePackages = with config.boot.kernelPackages; [
rtl88x2bu rtl88x2bu
]; ];
@ -82,13 +84,6 @@
# Enable the Docker # Enable the Docker
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
};
# Additional nix configs # Additional nix configs
local.nix.enableMyRegistry = true; local.nix.enableMyRegistry = true;

View file

@ -8,6 +8,7 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
./networking.secret.nix # generated at runtime by nixos-infect ./networking.secret.nix # generated at runtime by nixos-infect
../../modules/nix.nix
../../shared/common.nix ../../shared/common.nix
../../shared/fail2ban.nix ../../shared/fail2ban.nix
../../shared/garbage-collector.nix ../../shared/garbage-collector.nix

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, inputs, ... }: { config, pkgs, lib, ... }:
let let
hostname = "git.pleshevski.ru"; hostname = "git.pleshevski.ru";
@ -17,7 +17,7 @@ in
services.gitea = { services.gitea = {
enable = true; enable = true;
httpPort = 9901; httpPort = 9901;
package = inputs.nixpkgs_unstable.legacyPackages.${pkgs.system}.gitea; package = pkgs.unstable.gitea;
domain = hostname; domain = hostname;
rootUrl = "https://${hostname}"; rootUrl = "https://${hostname}";
appName = "Pleshevskiy's Gitea"; appName = "Pleshevskiy's Gitea";

View file

@ -1,8 +1,6 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
let let
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
canigouData = import ../../data.secret.nix; canigouData = import ../../data.secret.nix;
data = import ./data.secret.nix; data = import ./data.secret.nix;
@ -30,7 +28,7 @@ in
"WOODPECKER_BACKEND=docker" "WOODPECKER_BACKEND=docker"
"WOODPECKER_BACKEND_DOCKER_VOLUMES=${dockerSockVolume},${dockerConfVolume}" "WOODPECKER_BACKEND_DOCKER_VOLUMES=${dockerSockVolume},${dockerConfVolume}"
]; ];
ExecStart = "${nextPkgs.woodpecker-agent}/bin/woodpecker-agent"; ExecStart = "${pkgs.unstable.woodpecker-agent}/bin/woodpecker-agent";
User = userAgent; User = userAgent;
Group = group; Group = group;
}; };

View file

@ -2,8 +2,6 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
let let
nextPkgs = pkgs.callPackage ../../../../../packages/woodpecker { };
data = import ./data.secret.nix; data = import ./data.secret.nix;
inherit (data) hostname port grpcPort userServer group database; inherit (data) hostname port grpcPort userServer group database;
in in
@ -36,7 +34,7 @@ in
"WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}" "WOODPECKER_DOCKER_CONFIG=${config.age.secrets.woodpecker-docker-config.path}"
"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true" "WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true"
]; ];
ExecStart = "${nextPkgs.woodpecker-server}/bin/woodpecker-server"; ExecStart = "${pkgs.unstable.woodpecker-server}/bin/woodpecker-server";
User = userServer; User = userServer;
Group = group; Group = group;
}; };

View file

@ -1,8 +1,14 @@
{ lib, config, ... }: { lib, inputs, config, ... }:
let let
inherit (builtins) elem; inherit (builtins) elem;
cfg = config.local.nix; cfg = config.local.nix;
gitple = "https://git.pleshevski.ru";
mkRegistry = id: url: {
from = { type = "indirect"; inherit id; };
to = { type = "git"; inherit url; };
};
in in
{ {
options.local.nix = with lib; { options.local.nix = with lib; {
@ -22,6 +28,15 @@ in
(cfg.allowUnfreePackages != [ ]) (cfg.allowUnfreePackages != [ ])
(pkg: elem (lib.getName pkg) cfg.allowUnfreePackages); (pkg: elem (lib.getName pkg) cfg.allowUnfreePackages);
nixpkgs.overlays = lib.mkBefore [
inputs.self.overlays.default
(final: prev: {
unstable = import inputs.nixpkgs-unstable {
inherit (config.nixpkgs) config overlays system;
};
})
];
nix = { nix = {
settings = { settings = {
auto-optimise-store = true; auto-optimise-store = true;
@ -36,16 +51,18 @@ in
keep-outputs = true; keep-outputs = true;
}; };
registry = lib.mkIf cfg.enableMyRegistry ( registry = lib.mkMerge [
let {
gitple = "https://git.pleshevski.ru"; nixpkgs.flake = inputs.nixpkgs;
mkRegistry = id: url: { nixpkgs-unstable.flake = inputs.nixpkgs-unstable;
from = { type = "indirect"; inherit id; }; }
to = { type = "git"; inherit url; };
}; (lib.mkIf cfg.enableMyRegistry {
in templates = mkRegistry "tmpl" "${gitple}/mynix/templates";
{ templates = mkRegistry "tmpl" "${gitple}/mynix/templates"; } tools = mkRegistry "tools" "${gitple}/mynix/tools";
); tools_wd2 = mkRegistry "wd2" "${gitple}/pleshevskiy/wd2";
})
];
}; };
}; };
} }

12
nixos/shared/ipfs.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs, ... }:
{
# Enable ipfs
services.kubo = {
enable = true;
localDiscovery = true;
enableGC = true;
# it doesn't work in stable
package = pkgs.unstable.kubo;
};
}

7
packages/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ lib, callPackage }:
(import ./woodpecker { inherit callPackage; }) //
{
myip = callPackage ./myip.nix { };
}

View file

@ -1,7 +1,7 @@
{ lib, fetchFromGitea }: { lib, fetchFromGitea }:
let let
version = "36bdad8b00d3b8329dd414f3ccd22675660ec1bb"; version = "ef1f27d5e3fae7ae6278717f33dde61778a302d1";
srcSha256 = "sha256-c3fb/UP5flFuBvgLfxMAwSfQ24JlyjAiobBXeJhCvJk="; srcSha256 = "sha256-4m9+SC4aMU8AVwrgdDoNFf02mh4R6PLmgnGQ2K8dEuk=";
yarnSha256 = "sha256-DZHwITEG+d3Xtj2k4FaWTEFNjJtX7rD0OvG2uuv6xH0="; yarnSha256 = "sha256-DZHwITEG+d3Xtj2k4FaWTEFNjJtX7rD0OvG2uuv6xH0=";
in in
{ {

View file

@ -1,4 +1,5 @@
{ lib, callPackage, fetchFromGitHub, fetchYarnDeps, mkYarnPackage }: { callPackage, fetchYarnDeps, mkYarnPackage }:
let let
common = callPackage ./common.nix { }; common = callPackage ./common.nix { };
in in
@ -14,6 +15,12 @@ mkYarnPackage {
sha256 = common.yarnSha256; sha256 = common.yarnSha256;
}; };
patchPhase = ''
cd src/assets/locales
rm $(ls | grep -v en.json)
cd -
'';
buildPhase = '' buildPhase = ''
runHook preBuild runHook preBuild