diff --git a/devshell/commands.nix b/devshell/commands.nix index 914204c..97f138e 100644 --- a/devshell/commands.nix +++ b/devshell/commands.nix @@ -97,5 +97,29 @@ in help = "Build home-manager configuration"; command = ''nix build "''${@:2}" ".#homeConfigurations.\"$1\".activationPackage"''; } + { + name = "update-inputs"; + category = "tasks"; + help = "Update flake inputs"; + command = '' + args=() + for f in "$@"; do + args+=(--update-input "$f") + done + nix flake lock "''${args[@]}" + ''; + } + { + name = "update-nixpkgs"; + category = "tasks"; + help = "Update nixpkgs flake inputs"; + command = ''update-inputs nixpkgs-{unstable,stable,mine,mine-stable}''; + } + { + name = "update-home-manager"; + category = "tasks"; + help = "Update home-manager flake inputs"; + command = ''update-inputs home-manager-{unstable,stable}''; + } ]; } diff --git a/flake.lock b/flake.lock index 9616862..44cae71 100644 --- a/flake.lock +++ b/flake.lock @@ -29,11 +29,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1643787431, - "narHash": "sha256-8IwuVgXulRE3ZWq6z8mytarawC32pKPKR20EyDtSH+w=", + "lastModified": 1653594315, + "narHash": "sha256-kJ0ENmnQJ4qL2FeYKZba9kvv1KmIuB3NVpBwMeI7AJQ=", "owner": "serokell", "repo": "deploy-rs", - "rev": "4154ba1aaaf7333a916384c348d867d03b6f1409", + "rev": "184349d8149436748986d1bdba087e4149e9c160", "type": "github" }, "original": { @@ -50,11 +50,11 @@ ] }, "locked": { - "lastModified": 1644227066, - "narHash": "sha256-FHcFZtpZEWnUh62xlyY3jfXAXHzJNEDLDzLsJxn+ve0=", + "lastModified": 1653308769, + "narHash": "sha256-9bylbRkrmaUiYYjcVLd0JyvqpKveOUw5q2mBf2+pR0c=", "owner": "numtide", "repo": "devshell", - "rev": "7033f64dd9ef8d9d8644c5030c73913351d2b660", + "rev": "a00abaeb902ff568f9542d4b6f335e3a4db5c548", "type": "github" }, "original": { @@ -66,11 +66,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1641205782, - "narHash": "sha256-4jY7RCWUoZ9cKD8co0/4tFARpWB+57+r1bLLvXNJliY=", + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b7547d3eed6f32d06102ead8991ec52ab0a4f1a7", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", "type": "github" }, "original": { @@ -116,16 +116,16 @@ ] }, "locked": { - "lastModified": 1643933536, - "narHash": "sha256-yRmsWAG4DnLxLIUtlaZsl0kH7rN5xSoyNRlf0YZrcH4=", + "lastModified": 1653518057, + "narHash": "sha256-cam3Nfae5ADeEs6mRPzr0jXB7+DhyMIXz0/0Q13r/yk=", "owner": "nix-community", "repo": "home-manager", - "rev": "2860d7e3bb350f18f7477858f3513f9798896831", + "rev": "64831f938bd413cefde0b0cf871febc494afaa4f", "type": "github" }, "original": { "id": "home-manager", - "ref": "release-21.11", + "ref": "release-22.05", "type": "indirect" } }, @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1651886851, - "narHash": "sha256-kbXOJSf1uho0/7P54nZkJdJY3oAelIjyc6tfiRhaXJI=", + "lastModified": 1653518057, + "narHash": "sha256-cam3Nfae5ADeEs6mRPzr0jXB7+DhyMIXz0/0Q13r/yk=", "owner": "nix-community", "repo": "home-manager", - "rev": "882bd8118bdbff3a6e53e5ced393932b351ce2f6", + "rev": "64831f938bd413cefde0b0cf871febc494afaa4f", "type": "github" }, "original": { @@ -164,27 +164,13 @@ "type": "github" } }, - "nixpkgs-master": { - "locked": { - "lastModified": 1645013224, - "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, "nixpkgs-mine": { "locked": { - "lastModified": 1652907688, - "narHash": "sha256-esMEnvt45KUlT27Qqouwe5Yp5kCmMq1HBmp65zpwBF4=", + "lastModified": 1653750319, + "narHash": "sha256-V4rzHt2NxGPghmVBy3XA68f2Fisygcil8a/bf/xQ4J0=", "owner": "devplayer0", "repo": "nixpkgs", - "rev": "0231cfd37dd08514d4d49f2b5b0fa6451dacb6f4", + "rev": "b29604b752136d79c27ba7d0849fe38469302102", "type": "github" }, "original": { @@ -194,28 +180,44 @@ "type": "github" } }, + "nixpkgs-mine-stable": { + "locked": { + "lastModified": 1653750790, + "narHash": "sha256-3QxjU8oJyRDRCK6tHl7AeG4GDqWDJSuFL7hfaMojp04=", + "owner": "devplayer0", + "repo": "nixpkgs", + "rev": "edab7137ddaa8022f28ecd4a2b26f5515e7de67c", + "type": "github" + }, + "original": { + "owner": "devplayer0", + "ref": "devplayer0-stable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-stable": { "locked": { - "lastModified": 1645010845, - "narHash": "sha256-hO9X4PvxkSLMQnGGB7tOrKPwufhLMiNQMNXNwzLqneo=", + "lastModified": 1653504306, + "narHash": "sha256-bqjEskV+/tqOQqSEaCu4e6uWZ0F7ekBiMR16xpn4V0k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2128d0aa28edef51fd8fef38b132ffc0155595df", + "rev": "6efc186e6079ff3f328a2497ff3d36741ac60f6e", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-21.11", + "ref": "nixos-22.05", "type": "indirect" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1648390671, - "narHash": "sha256-u69opCeHUx3CsdIerD0wVSR+DjfDQjnztObqfk9Trqc=", + "lastModified": 1653581809, + "narHash": "sha256-Uvka0V5MTGbeOfWte25+tfRL3moECDh1VwokWSZUdoY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ce8cbe3c01fd8ee2de526ccd84bbf9b82397a510", + "rev": "83658b28fe638a170a19b8933aa008b30640fbd1", "type": "github" }, "original": { @@ -233,19 +235,19 @@ "home-manager-stable": "home-manager-stable", "home-manager-unstable": "home-manager-unstable", "impermanence": "impermanence", - "nixpkgs-master": "nixpkgs-master", "nixpkgs-mine": "nixpkgs-mine", + "nixpkgs-mine-stable": "nixpkgs-mine-stable", "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable" } }, "utils": { "locked": { - "lastModified": 1642700792, - "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index dd0406a..cdaa2b2 100644 --- a/flake.nix +++ b/flake.nix @@ -6,14 +6,14 @@ devshell.url = "github:numtide/devshell"; devshell.inputs.nixpkgs.follows = "nixpkgs-unstable"; - nixpkgs-master.url = "nixpkgs"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; - nixpkgs-stable.url = "nixpkgs/nixos-21.11"; + nixpkgs-stable.url = "nixpkgs/nixos-22.05"; nixpkgs-mine.url = "github:devplayer0/nixpkgs/devplayer0"; + nixpkgs-mine-stable.url = "github:devplayer0/nixpkgs/devplayer0-stable"; home-manager-unstable.url = "home-manager"; home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable"; - home-manager-stable.url = "home-manager/release-21.11"; + home-manager-stable.url = "home-manager/release-22.05"; home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable"; # Stuff used by the flake for build / deployment @@ -33,7 +33,7 @@ flake-utils, - nixpkgs-master, nixpkgs-unstable, nixpkgs-stable, nixpkgs-mine, + nixpkgs-unstable, nixpkgs-stable, nixpkgs-mine, nixpkgs-mine-stable, home-manager-unstable, home-manager-stable, ... @@ -54,14 +54,18 @@ # Override the flake-level lib since we're going to use it for non-config specific stuff pkgsFlakes = mapAttrs (_: pkgsFlake: pkgsFlake // { lib = pkgsFlake.lib.extend libOverlay; }) { - master = nixpkgs-master; unstable = nixpkgs-unstable; stable = nixpkgs-stable; mine = nixpkgs-mine; + mine-stable = nixpkgs-mine-stable; }; - hmFlakes = { + hmFlakes = rec { unstable = home-manager-unstable; stable = home-manager-stable; + + # Don't actually have a fork right now... + mine = unstable; + mine-stable = stable; }; # Should only be used for platform-independent flake stuff! This should never leak into a NixOS or home-manager diff --git a/home-manager/configs/castle.nix b/home-manager/configs/castle.nix index 0d83069..68290d9 100644 --- a/home-manager/configs/castle.nix +++ b/home-manager/configs/castle.nix @@ -1,6 +1,7 @@ { home-manager.homes."dev@castle" = { system = "x86_64-linux"; + home-manager = "mine"; nixpkgs = "mine"; homeDirectory = "/home/dev"; username = "dev"; diff --git a/home-manager/default.nix b/home-manager/default.nix index 05f0e3c..144fd7f 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -1,7 +1,7 @@ { lib, hmFlakes, inputs, pkgs', config, ... }: let inherit (builtins) head tail mapAttrs attrValues; - inherit (lib) flatten optional mkOption mkOptionType; + inherit (lib) flatten optional mkOption mkDefault mkOptionType; inherit (lib.my) homeStateVersion mkOpt' commonOpts inlineModule'; cfg = config.home-manager; @@ -60,6 +60,10 @@ let }; }; }; + + config = { + nixpkgs = mkDefault config.home-manager; + }; }; in { diff --git a/home-manager/modules/common.nix b/home-manager/modules/common.nix index 42eb884..2d95204 100644 --- a/home-manager/modules/common.nix +++ b/home-manager/modules/common.nix @@ -26,12 +26,25 @@ in }; }; }; - - # Only present in >=22.05, so forward declare - nix.registry = dummyOption; }; config = mkMerge [ - (mkIf (versionAtLeast config.home.stateVersion "22.05") { + { + my = { + isStandalone = !(args ? osConfig); + + shell = mkDefault "${config.programs.fish.package}/bin/fish"; + }; + + home = { + file.".ssh/authorized_keys" = with config.my.ssh.authKeys; + mkIf (config.programs.ssh.enable && (literal != [ ] || files != [ ])) { + text = '' + ${concatStringsSep "\n" literal} + ${concatMapStrings (f: readFile f + "\n") files} + ''; + }; + }; + nix = { package = pkgs.nix; registry = { @@ -48,21 +61,6 @@ in max-jobs = mkDefault "auto"; }; }; - }) - { - my = { - isStandalone = !(args ? osConfig); - - shell = mkDefault "${config.programs.fish.package}/bin/fish"; - }; - - home.file.".ssh/authorized_keys" = with config.my.ssh.authKeys; - mkIf (config.programs.ssh.enable && (literal != [ ] || files != [ ])) { - text = '' - ${concatStringsSep "\n" literal} - ${concatMapStrings (f: readFile f + "\n") files} - ''; - }; programs = { # Even when enabled this will only be actually installed in standalone mode diff --git a/lib.nix b/lib.nix index e2c7730..e99918d 100644 --- a/lib.nix +++ b/lib.nix @@ -71,7 +71,9 @@ rec { homeStateVersion = hmBranch: { # The flake passes a default setting, but we don't care about that - home.stateVersion = mkForce (if hmBranch == "unstable" then "22.05" else "21.11"); + # Currently don't need any logic here, but we might need to use a newer version later + #home.stateVersion = mkForce (if (hmBranch == "stable" || hmBranch == "mine-stable") then "22.05" else "22.11"); + home.stateVersion = mkForce "22.05"; }; commonOpts = with types; { @@ -81,8 +83,8 @@ rec { }; system = mkOpt' (enum defaultSystems) null "Nix-style system string."; - nixpkgs = mkOpt' (enum [ "master" "unstable" "stable" "mine" ]) "unstable" "Branch of nixpkgs to use."; - home-manager = mkOpt' (enum [ "unstable" "stable" ]) "unstable" "Branch of home-manager to use."; + nixpkgs = mkOpt' (enum [ "unstable" "stable" "mine" "mine-stable" ]) "unstable" "Branch of nixpkgs to use."; + home-manager = mkOpt' (enum [ "unstable" "stable" "mine" "mine-stable" ]) "unstable" "Branch of home-manager to use."; }; networkdAssignment = iface: a: { diff --git a/nixos/boxes/colony/default.nix b/nixos/boxes/colony/default.nix index 2b58327..3519b21 100644 --- a/nixos/boxes/colony/default.nix +++ b/nixos/boxes/colony/default.nix @@ -1,8 +1,8 @@ { nixos.systems.colony = { system = "x86_64-linux"; - nixpkgs = "mine"; - home-manager = "unstable"; + nixpkgs = "mine-stable"; + home-manager = "mine-stable"; assignments = { internal = { diff --git a/nixos/default.nix b/nixos/default.nix index 766e76e..964104f 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -15,25 +15,15 @@ let defs, }: let - # The flake contains `nixosSystem`, so we do need it (if we didn't have the TODO hacked version anyway) + # The flake contains `nixosSystem`, so we do need it pkgsFlake = pkgsFlakes.${config'.nixpkgs}; - # TODO: This is mostly yoinked from nixpkgs/flake.nix master (as of 2022/02/11) since 21.11's version has hacky - # vm build stuff that breaks our impl. REMOVE WHEN 22.05 IS OUT! - nixosSystem' = args: - import "${pkgsFlake}/nixos/lib/eval-config.nix" (args // { - modules = args.modules ++ [{ - system.nixos.versionSuffix = - ".${substring 0 8 pkgsFlake.lastModifiedDate}.${pkgsFlake.shortRev}"; - system.nixos.revision = pkgsFlake.rev; - }]; - }); pkgs = pkgs'.${config'.nixpkgs}.${config'.system}; allPkgs = mapAttrs (_: p: p.${config'.system}) pkgs'; modules' = [ hmFlakes.${config'.home-manager}.nixosModule ] ++ (attrValues cfg.modules); in - nixosSystem' { + pkgsFlake.lib.nixosSystem { # Gotta override lib here unforunately, eval-config.nix likes to import its own (unextended) lib. We explicitly # don't pass pkgs so that it'll be imported with modularly applied config and overlays. lib = pkgs.lib; @@ -75,7 +65,7 @@ let home-manager = { extraSpecialArgs = { inherit inputs; }; # Optimise if system and home-manager nixpkgs are the same - useGlobalPkgs = mkDefault (config'.nixpkgs == config'.home-manager); + useGlobalPkgs = mkDefault (config'.nixpkgs == config'.hmNixpkgs); sharedModules = (attrValues config.home-manager.modules) ++ [ { warnings = flatten [ @@ -142,6 +132,11 @@ let }; }; }; + + config = { + home-manager = mkDefault config.nixpkgs; + hmNixpkgs = mkDefault config.nixpkgs; + }; }; in { diff --git a/nixos/installer.nix b/nixos/installer.nix index 2068049..bac27ae 100644 --- a/nixos/installer.nix +++ b/nixos/installer.nix @@ -1,7 +1,7 @@ { nixos.systems.installer = { system = "x86_64-linux"; - nixpkgs = "mine"; + nixpkgs = "unstable"; docCustom = false; configuration = diff --git a/nixos/modules/build.nix b/nixos/modules/build.nix index c4023df..ee7d50f 100644 --- a/nixos/modules/build.nix +++ b/nixos/modules/build.nix @@ -6,16 +6,12 @@ let cfg = config.my.build; asDevVM = extendModules { - # TODO: Hack because this is kinda broken on 21.11 (https://github.com/NixOS/nixpkgs/issues/148343) - specialArgs = { inherit baseModules; }; modules = [ "${modulesPath}/virtualisation/qemu-vm.nix" { my.build.isDevVM = true; } ]; }; asISO = extendModules { - # TODO: see previous - specialArgs = { inherit baseModules; }; modules = lib.flatten [ "${modulesPath}/installer/cd-dvd/iso-image.nix" (lib.optional config.my.build.allHardware { imports = [ "${modulesPath}/profiles/all-hardware.nix" ]; }) @@ -32,8 +28,6 @@ let ]; }; asContainer = extendModules { - # TODO: see previous - specialArgs = { inherit baseModules; }; modules = [ { boot.isContainer = true; diff --git a/nixos/modules/common.nix b/nixos/modules/common.nix index db89692..fdb2af1 100644 --- a/nixos/modules/common.nix +++ b/nixos/modules/common.nix @@ -25,7 +25,7 @@ in config = mkMerge [ { system = { - stateVersion = "21.11"; + stateVersion = "22.05"; configurationRevision = with inputs; mkIf (self ? rev) self.rev; }; @@ -48,12 +48,10 @@ in nix = { package = pkgs'.mine.nix; - # TODO: This has been renamed to nix.settings.trusted-users in 22.05 - trustedUsers = [ "@wheel" ]; - extraOptions = - '' - experimental-features = nix-command flakes ca-derivations - ''; + settings = { + trusted-users = [ "@wheel" ]; + experimental-features = [ "nix-command" "flakes" "ca-derivations" ]; + }; }; nixpkgs = { overlays = [ diff --git a/nixos/modules/tmproot.nix b/nixos/modules/tmproot.nix index c4820c7..70b9e84 100644 --- a/nixos/modules/tmproot.nix +++ b/nixos/modules/tmproot.nix @@ -220,6 +220,9 @@ in my.tmproot.persistence.config.files = concatMap (k: [ k.path "${k.path}.pub" ]) config.services.openssh.hostKeys; }) + (mkIf config.services.logrotate.enable { + my.tmproot.persistence.config.files = [ "/var/lib/logrotate.status" ]; + }) (mkIf config.my.build.isDevVM { fileSystems = mkVMOverride { # Hijack the "root" device for persistence in the VM diff --git a/nixos/vms/estuary/default.nix b/nixos/vms/estuary/default.nix index 52294dd..2824079 100644 --- a/nixos/vms/estuary/default.nix +++ b/nixos/vms/estuary/default.nix @@ -2,7 +2,7 @@ nixos.systems.estuary = { system = "x86_64-linux"; nixpkgs = "mine"; - home-manager = "unstable"; + home-manager = "mine"; assignments.internal = { name = "estuary-vm";