Move NixOS and home-manager stable to 22.05

2022-05-28 18:38:03 +01:00 · 2022-05-28 18:38:03 +01:00 · c841b37f19
commit c841b37f19
parent 64def7f564
14 changed files with 128 additions and 103 deletions
--- a/devshell/commands.nix
+++ b/devshell/commands.nix
@ -97,5 +97,29 @@ in
      help = "Build home-manager configuration";
      command = ''nix build "''${@:2}" ".#homeConfigurations.\"$1\".activationPackage"'';
    }
+    {
+      name = "update-inputs";
+      category = "tasks";
+      help = "Update flake inputs";
+      command = ''
+        args=()
+        for f in "$@"; do
+          args+=(--update-input "$f")
+        done
+        nix flake lock "''${args[@]}"
+      '';
+    }
+    {
+      name = "update-nixpkgs";
+      category = "tasks";
+      help = "Update nixpkgs flake inputs";
+      command = ''update-inputs nixpkgs-{unstable,stable,mine,mine-stable}'';
+    }
+    {
+      name = "update-home-manager";
+      category = "tasks";
+      help = "Update home-manager flake inputs";
+      command = ''update-inputs home-manager-{unstable,stable}'';
+    }
  ];
 }
--- a/flake.lock
+++ b/flake.lock
@ -29,11 +29,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1643787431,
-        "narHash": "sha256-8IwuVgXulRE3ZWq6z8mytarawC32pKPKR20EyDtSH+w=",
+        "lastModified": 1653594315,
+        "narHash": "sha256-kJ0ENmnQJ4qL2FeYKZba9kvv1KmIuB3NVpBwMeI7AJQ=",
        "owner": "serokell",
        "repo": "deploy-rs",
-        "rev": "4154ba1aaaf7333a916384c348d867d03b6f1409",
+        "rev": "184349d8149436748986d1bdba087e4149e9c160",
        "type": "github"
      },
      "original": {
@ -50,11 +50,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1644227066,
-        "narHash": "sha256-FHcFZtpZEWnUh62xlyY3jfXAXHzJNEDLDzLsJxn+ve0=",
+        "lastModified": 1653308769,
+        "narHash": "sha256-9bylbRkrmaUiYYjcVLd0JyvqpKveOUw5q2mBf2+pR0c=",
        "owner": "numtide",
        "repo": "devshell",
-        "rev": "7033f64dd9ef8d9d8644c5030c73913351d2b660",
+        "rev": "a00abaeb902ff568f9542d4b6f335e3a4db5c548",
        "type": "github"
      },
      "original": {
@ -66,11 +66,11 @@
    "flake-compat": {
      "flake": false,
      "locked": {
-        "lastModified": 1641205782,
-        "narHash": "sha256-4jY7RCWUoZ9cKD8co0/4tFARpWB+57+r1bLLvXNJliY=",
+        "lastModified": 1648199409,
+        "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "b7547d3eed6f32d06102ead8991ec52ab0a4f1a7",
+        "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03",
        "type": "github"
      },
      "original": {
@ -116,16 +116,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1643933536,
-        "narHash": "sha256-yRmsWAG4DnLxLIUtlaZsl0kH7rN5xSoyNRlf0YZrcH4=",
+        "lastModified": 1653518057,
+        "narHash": "sha256-cam3Nfae5ADeEs6mRPzr0jXB7+DhyMIXz0/0Q13r/yk=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "2860d7e3bb350f18f7477858f3513f9798896831",
+        "rev": "64831f938bd413cefde0b0cf871febc494afaa4f",
        "type": "github"
      },
      "original": {
        "id": "home-manager",
-        "ref": "release-21.11",
+        "ref": "release-22.05",
        "type": "indirect"
      }
    },
@ -136,11 +136,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1651886851,
-        "narHash": "sha256-kbXOJSf1uho0/7P54nZkJdJY3oAelIjyc6tfiRhaXJI=",
+        "lastModified": 1653518057,
+        "narHash": "sha256-cam3Nfae5ADeEs6mRPzr0jXB7+DhyMIXz0/0Q13r/yk=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "882bd8118bdbff3a6e53e5ced393932b351ce2f6",
+        "rev": "64831f938bd413cefde0b0cf871febc494afaa4f",
        "type": "github"
      },
      "original": {
@ -164,27 +164,13 @@
        "type": "github"
      }
    },
-    "nixpkgs-master": {
-      "locked": {
-        "lastModified": 1645013224,
-        "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "type": "indirect"
-      }
-    },
    "nixpkgs-mine": {
      "locked": {
-        "lastModified": 1652907688,
-        "narHash": "sha256-esMEnvt45KUlT27Qqouwe5Yp5kCmMq1HBmp65zpwBF4=",
+        "lastModified": 1653750319,
+        "narHash": "sha256-V4rzHt2NxGPghmVBy3XA68f2Fisygcil8a/bf/xQ4J0=",
        "owner": "devplayer0",
        "repo": "nixpkgs",
-        "rev": "0231cfd37dd08514d4d49f2b5b0fa6451dacb6f4",
+        "rev": "b29604b752136d79c27ba7d0849fe38469302102",
        "type": "github"
      },
      "original": {
@ -194,28 +180,44 @@
        "type": "github"
      }
    },
+    "nixpkgs-mine-stable": {
+      "locked": {
+        "lastModified": 1653750790,
+        "narHash": "sha256-3QxjU8oJyRDRCK6tHl7AeG4GDqWDJSuFL7hfaMojp04=",
+        "owner": "devplayer0",
+        "repo": "nixpkgs",
+        "rev": "edab7137ddaa8022f28ecd4a2b26f5515e7de67c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "devplayer0",
+        "ref": "devplayer0-stable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1645010845,
-        "narHash": "sha256-hO9X4PvxkSLMQnGGB7tOrKPwufhLMiNQMNXNwzLqneo=",
+        "lastModified": 1653504306,
+        "narHash": "sha256-bqjEskV+/tqOQqSEaCu4e6uWZ0F7ekBiMR16xpn4V0k=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "2128d0aa28edef51fd8fef38b132ffc0155595df",
+        "rev": "6efc186e6079ff3f328a2497ff3d36741ac60f6e",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "nixos-21.11",
+        "ref": "nixos-22.05",
        "type": "indirect"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1648390671,
-        "narHash": "sha256-u69opCeHUx3CsdIerD0wVSR+DjfDQjnztObqfk9Trqc=",
+        "lastModified": 1653581809,
+        "narHash": "sha256-Uvka0V5MTGbeOfWte25+tfRL3moECDh1VwokWSZUdoY=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "ce8cbe3c01fd8ee2de526ccd84bbf9b82397a510",
+        "rev": "83658b28fe638a170a19b8933aa008b30640fbd1",
        "type": "github"
      },
      "original": {
@ -233,19 +235,19 @@
        "home-manager-stable": "home-manager-stable",
        "home-manager-unstable": "home-manager-unstable",
        "impermanence": "impermanence",
-        "nixpkgs-master": "nixpkgs-master",
        "nixpkgs-mine": "nixpkgs-mine",
+        "nixpkgs-mine-stable": "nixpkgs-mine-stable",
        "nixpkgs-stable": "nixpkgs-stable",
        "nixpkgs-unstable": "nixpkgs-unstable"
      }
    },
    "utils": {
      "locked": {
-        "lastModified": 1642700792,
-        "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
+        "lastModified": 1648297722,
+        "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
+        "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -6,14 +6,14 @@
    devshell.url = "github:numtide/devshell";
    devshell.inputs.nixpkgs.follows = "nixpkgs-unstable";

-    nixpkgs-master.url = "nixpkgs";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
-    nixpkgs-stable.url = "nixpkgs/nixos-21.11";
+    nixpkgs-stable.url = "nixpkgs/nixos-22.05";
    nixpkgs-mine.url = "github:devplayer0/nixpkgs/devplayer0";
+    nixpkgs-mine-stable.url = "github:devplayer0/nixpkgs/devplayer0-stable";

    home-manager-unstable.url = "home-manager";
    home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
-    home-manager-stable.url = "home-manager/release-21.11";
+    home-manager-stable.url = "home-manager/release-22.05";
    home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable";

    # Stuff used by the flake for build / deployment
@ -33,7 +33,7 @@

      flake-utils,

-      nixpkgs-master, nixpkgs-unstable, nixpkgs-stable, nixpkgs-mine,
+      nixpkgs-unstable, nixpkgs-stable, nixpkgs-mine, nixpkgs-mine-stable,
      home-manager-unstable, home-manager-stable,

      ...
@ -54,14 +54,18 @@

      # Override the flake-level lib since we're going to use it for non-config specific stuff
      pkgsFlakes = mapAttrs (_: pkgsFlake: pkgsFlake // { lib = pkgsFlake.lib.extend libOverlay; }) {
-        master = nixpkgs-master;
        unstable = nixpkgs-unstable;
        stable = nixpkgs-stable;
        mine = nixpkgs-mine;
+        mine-stable = nixpkgs-mine-stable;
      };
-      hmFlakes = {
+      hmFlakes = rec {
        unstable = home-manager-unstable;
        stable = home-manager-stable;
+
+        # Don't actually have a fork right now...
+        mine = unstable;
+        mine-stable = stable;
      };

      # Should only be used for platform-independent flake stuff! This should never leak into a NixOS or home-manager
--- a/home-manager/configs/castle.nix
+++ b/home-manager/configs/castle.nix
@ -1,6 +1,7 @@
 {
  home-manager.homes."dev@castle" = {
    system = "x86_64-linux";
+    home-manager = "mine";
    nixpkgs = "mine";
    homeDirectory = "/home/dev";
    username = "dev";
--- a/home-manager/default.nix
+++ b/home-manager/default.nix
@ -1,7 +1,7 @@
 { lib, hmFlakes, inputs, pkgs', config, ... }:
 let
  inherit (builtins) head tail mapAttrs attrValues;
-  inherit (lib) flatten optional mkOption mkOptionType;
+  inherit (lib) flatten optional mkOption mkDefault mkOptionType;
  inherit (lib.my) homeStateVersion mkOpt' commonOpts inlineModule';

  cfg = config.home-manager;
@ -60,6 +60,10 @@ let
        };
      };
    };
+
+    config = {
+      nixpkgs = mkDefault config.home-manager;
+    };
  };
 in
 {
--- a/home-manager/modules/common.nix
+++ b/home-manager/modules/common.nix
@ -26,12 +26,25 @@ in
        };
      };
    };
-
-    # Only present in >=22.05, so forward declare
-    nix.registry = dummyOption;
  };
  config = mkMerge [
-    (mkIf (versionAtLeast config.home.stateVersion "22.05") {
+    {
+      my = {
+        isStandalone = !(args ? osConfig);
+
+        shell = mkDefault "${config.programs.fish.package}/bin/fish";
+      };
+
+      home = {
+        file.".ssh/authorized_keys" = with config.my.ssh.authKeys;
+          mkIf (config.programs.ssh.enable && (literal != [ ] || files != [ ])) {
+            text = ''
+              ${concatStringsSep "\n" literal}
+              ${concatMapStrings (f: readFile f + "\n") files}
+            '';
+          };
+      };
+
      nix = {
        package = pkgs.nix;
        registry = {
@ -48,21 +61,6 @@ in
          max-jobs = mkDefault "auto";
        };
      };
-    })
-    {
-      my = {
-        isStandalone = !(args ? osConfig);
-
-        shell = mkDefault "${config.programs.fish.package}/bin/fish";
-      };
-
-      home.file.".ssh/authorized_keys" = with config.my.ssh.authKeys;
-        mkIf (config.programs.ssh.enable && (literal != [ ] || files != [ ])) {
-          text = ''
-            ${concatStringsSep "\n" literal}
-            ${concatMapStrings (f: readFile f + "\n") files}
-          '';
-        };

      programs = {
        # Even when enabled this will only be actually installed in standalone mode
--- a/lib.nix
+++ b/lib.nix
@ -71,7 +71,9 @@ rec {

  homeStateVersion = hmBranch: {
    # The flake passes a default setting, but we don't care about that
-    home.stateVersion = mkForce (if hmBranch == "unstable" then "22.05" else "21.11");
+    # Currently don't need any logic here, but we might need to use a newer version later
+    #home.stateVersion = mkForce (if (hmBranch == "stable" || hmBranch == "mine-stable") then "22.05" else "22.11");
+    home.stateVersion = mkForce "22.05";
  };

  commonOpts = with types; {
@ -81,8 +83,8 @@ rec {
    };

    system = mkOpt' (enum defaultSystems) null "Nix-style system string.";
-    nixpkgs = mkOpt' (enum [ "master" "unstable" "stable" "mine" ]) "unstable" "Branch of nixpkgs to use.";
-    home-manager = mkOpt' (enum [ "unstable" "stable" ]) "unstable" "Branch of home-manager to use.";
+    nixpkgs = mkOpt' (enum [ "unstable" "stable" "mine" "mine-stable" ]) "unstable" "Branch of nixpkgs to use.";
+    home-manager = mkOpt' (enum [ "unstable" "stable" "mine" "mine-stable" ]) "unstable" "Branch of home-manager to use.";
  };

  networkdAssignment = iface: a: {
--- a/nixos/boxes/colony/default.nix
+++ b/nixos/boxes/colony/default.nix
@ -1,8 +1,8 @@
 {
  nixos.systems.colony = {
    system = "x86_64-linux";
-    nixpkgs = "mine";
-    home-manager = "unstable";
+    nixpkgs = "mine-stable";
+    home-manager = "mine-stable";

    assignments = {
      internal = {
--- a/nixos/default.nix
+++ b/nixos/default.nix
@ -15,25 +15,15 @@ let
      defs,
    }:
    let
-      # The flake contains `nixosSystem`, so we do need it (if we didn't have the TODO hacked version anyway)
+      # The flake contains `nixosSystem`, so we do need it
      pkgsFlake = pkgsFlakes.${config'.nixpkgs};
-      # TODO: This is mostly yoinked from nixpkgs/flake.nix master (as of 2022/02/11) since 21.11's version has hacky
-      # vm build stuff that breaks our impl. REMOVE WHEN 22.05 IS OUT!
-      nixosSystem' = args:
-        import "${pkgsFlake}/nixos/lib/eval-config.nix" (args // {
-          modules = args.modules ++ [{
-            system.nixos.versionSuffix =
-              ".${substring 0 8 pkgsFlake.lastModifiedDate}.${pkgsFlake.shortRev}";
-            system.nixos.revision = pkgsFlake.rev;
-          }];
-        });

      pkgs = pkgs'.${config'.nixpkgs}.${config'.system};
      allPkgs = mapAttrs (_: p: p.${config'.system}) pkgs';

      modules' = [ hmFlakes.${config'.home-manager}.nixosModule ] ++ (attrValues cfg.modules);
    in
-    nixosSystem' {
+    pkgsFlake.lib.nixosSystem {
      # Gotta override lib here unforunately, eval-config.nix likes to import its own (unextended) lib. We explicitly
      # don't pass pkgs so that it'll be imported with modularly applied config and overlays.
      lib = pkgs.lib;
@ -75,7 +65,7 @@ let
          home-manager = {
            extraSpecialArgs = { inherit inputs; };
            # Optimise if system and home-manager nixpkgs are the same
-            useGlobalPkgs = mkDefault (config'.nixpkgs == config'.home-manager);
+            useGlobalPkgs = mkDefault (config'.nixpkgs == config'.hmNixpkgs);
            sharedModules = (attrValues config.home-manager.modules) ++ [
              {
                warnings = flatten [
@ -142,6 +132,11 @@ let
        };
      };
    };
+
+    config = {
+      home-manager = mkDefault config.nixpkgs;
+      hmNixpkgs = mkDefault config.nixpkgs;
+    };
  };
 in
 {
--- a/nixos/installer.nix
+++ b/nixos/installer.nix
@ -1,7 +1,7 @@
 {
  nixos.systems.installer = {
    system = "x86_64-linux";
-    nixpkgs = "mine";
+    nixpkgs = "unstable";
    docCustom = false;

    configuration =
--- a/nixos/modules/build.nix
+++ b/nixos/modules/build.nix
@ -6,16 +6,12 @@ let
  cfg = config.my.build;

  asDevVM = extendModules {
-    # TODO: Hack because this is kinda broken on 21.11 (https://github.com/NixOS/nixpkgs/issues/148343)
-    specialArgs = { inherit baseModules; };
    modules = [
      "${modulesPath}/virtualisation/qemu-vm.nix"
      { my.build.isDevVM = true; }
    ];
  };
  asISO = extendModules {
-    # TODO: see previous
-    specialArgs = { inherit baseModules; };
    modules = lib.flatten [
      "${modulesPath}/installer/cd-dvd/iso-image.nix"
      (lib.optional config.my.build.allHardware { imports = [ "${modulesPath}/profiles/all-hardware.nix" ]; })
@ -32,8 +28,6 @@ let
    ];
  };
  asContainer = extendModules {
-    # TODO: see previous
-    specialArgs = { inherit baseModules; };
    modules = [
      {
        boot.isContainer = true;
--- a/nixos/modules/common.nix
+++ b/nixos/modules/common.nix
@ -25,7 +25,7 @@ in
  config = mkMerge [
    {
      system = {
-        stateVersion = "21.11";
+        stateVersion = "22.05";
        configurationRevision = with inputs; mkIf (self ? rev) self.rev;
      };

@ -48,12 +48,10 @@ in

      nix = {
        package = pkgs'.mine.nix;
-        # TODO: This has been renamed to nix.settings.trusted-users in 22.05
-        trustedUsers = [ "@wheel" ];
-        extraOptions =
-          ''
-            experimental-features = nix-command flakes ca-derivations
-          '';
+        settings = {
+          trusted-users = [ "@wheel" ];
+          experimental-features = [ "nix-command" "flakes" "ca-derivations" ];
+        };
      };
      nixpkgs = {
        overlays = [
--- a/nixos/modules/tmproot.nix
+++ b/nixos/modules/tmproot.nix
@ -220,6 +220,9 @@ in
        my.tmproot.persistence.config.files =
          concatMap (k: [ k.path "${k.path}.pub" ]) config.services.openssh.hostKeys;
      })
+      (mkIf config.services.logrotate.enable {
+        my.tmproot.persistence.config.files = [ "/var/lib/logrotate.status" ];
+      })
      (mkIf config.my.build.isDevVM {
        fileSystems = mkVMOverride {
          # Hijack the "root" device for persistence in the VM
--- a/nixos/vms/estuary/default.nix
+++ b/nixos/vms/estuary/default.nix
@ -2,7 +2,7 @@
  nixos.systems.estuary = {
    system = "x86_64-linux";
    nixpkgs = "mine";
-    home-manager = "unstable";
+    home-manager = "mine";

    assignments.internal = {
      name = "estuary-vm";