diff --git a/inputs.nix b/inputs.nix index 78f008c..1c6c039 100644 --- a/inputs.nix +++ b/inputs.nix @@ -10,16 +10,14 @@ let self = { url = "https://github.com/nix-community/nixos-vscode-server/archive/${lock.nixos-vscode-server.revision}.tar.gz"; updateScript = pkgs.den-http-get-updater { fileLocation = lockFile; + previousHash = lock.nixos-vscode-server.sha256; previousVersion = lock.nixos-vscode-server.revision; versionUrl = "https://api.github.com/repos/nix-community/nixos-vscode-server/commits"; contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; - prefetchList = [{ - previousHash = lock.nixos-vscode-server.sha256; - prefetchUrlLocation = { - file = ./inputs.nix; - attrpath = "nixos-vscode-server.url"; - }; - }]; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixos-vscode-server.url"; + }; }; outPath = builtins.fetchTarball { inherit url; @@ -31,15 +29,13 @@ let self = { url = "https://github.com/NixOS/nixpkgs/archive/${lock.nixpkgs.revision}.tar.gz"; updateScript = pkgs.den-http-get-updater { fileLocation = lockFile; + previousHash = lock.nixpkgs.sha256; previousVersion = lock.nixpkgs.revision; versionUrl = "https://channels.nixos.org/nixos-24.11/git-revision"; - prefetchList = [{ - previousHash = lock.nixpkgs.sha256; - prefetchUrlLocation = { - file = ./inputs.nix; - attrpath = "nixpkgs.url"; - }; - }]; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixpkgs.url"; + }; }; outPath = builtins.fetchTarball { inherit url; @@ -51,15 +47,13 @@ let self = { url = "https://github.com/NixOS/nixpkgs/archive/${lock.nixpkgs-unstable.revision}.tar.gz"; updateScript = pkgs.den-http-get-updater { fileLocation = lockFile; + previousHash = lock.nixpkgs-unstable.sha256; previousVersion = lock.nixpkgs-unstable.revision; versionUrl = "https://channels.nixos.org/nixos-unstable/git-revision"; - prefetchList = [{ - previousHash = lock.nixpkgs-unstable.sha256; - prefetchUrlLocation = { - file = ./inputs.nix; - attrpath = "nixpkgs-unstable.url"; - }; - }]; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixpkgs-unstable.url"; + }; }; outPath = builtins.fetchTarball { inherit url; @@ -71,16 +65,14 @@ let self = { url = "https://github.com/lilyinstarlight/nixos-cosmic/archive/${lock.cosmic-modules.revision}.tar.gz"; updateScript = pkgs.den-http-get-updater { fileLocation = lockFile; + previousHash = lock.cosmic-modules.sha256; previousVersion = lock.cosmic-modules.revision; versionUrl = "https://api.github.com/repos/lilyinstarlight/nixos-cosmic/commits"; contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; - prefetchList = [{ - previousHash = lock.cosmic-modules.sha256; - prefetchUrlLocation = { - file = ./inputs.nix; - attrpath = "cosmic-modules.url"; - }; - }]; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "cosmic-modules.url"; + }; }; outPath = builtins.fetchTarball { inherit url; diff --git a/nix-os/nvidia.nix b/nix-os/nvidia.nix index 5da8b1d..a9433f3 100644 --- a/nix-os/nvidia.nix +++ b/nix-os/nvidia.nix @@ -1,10 +1,4 @@ -{ - config, - lib, - pkgs, - self, - ... -}: +{ config, lib, pkgs, ...}: { config = { @@ -22,79 +16,14 @@ powerManagement.enable = true; open = false; nvidiaSettings = true; - package = let - mkDriverArgs = { - version = "570.133.07"; - sha256_64bit = "sha256-LUPmTFgb5e9VTemIixqpADfvbUX1QoTT2dztwI3E3CY="; - sha256_aarch64 = "sha256-yTovUno/1TkakemRlNpNB91U+V04ACTMwPEhDok7jI0="; - openSha256 = "sha256-9l8N83Spj0MccA8+8R1uqiXBS0Ag4JrLPjrU3TaXHnM="; - settingsSha256 = "sha256-XMk+FvTlGpMquM8aE8kgYK2PIEszUZD2+Zmj2OpYrzU="; - persistencedSha256 = "sha256-G1V7JtHQbfnSRfVjz/LE2fYTlh9okpCbE4dfX9oYSg8="; - }; - in ( config.boot.kernelPackages.nvidiaPackages.mkDriver mkDriverArgs ).overrideAttrs (super: { - passthru = super.passthru or {} // { - urls = { - x86_64 = [ - "https://download.nvidia.com/XFree86/Linux-x86_64/${mkDriverArgs.version}/NVIDIA-Linux-x86_64-${mkDriverArgs.version}.run" - "https://us.download.nvidia.com/XFree86/Linux-x86_64/${mkDriverArgs.version}/NVIDIA-Linux-x86_64-${mkDriverArgs.version}.run" - ]; - aarch64 = [ - "https://us.download.nvidia.com/XFree86/aarch64/${mkDriverArgs.version}/NVIDIA-Linux-aarch64-${mkDriverArgs.version}.run" - "https://download.nvidia.com/XFree86/Linux-aarch64/${mkDriverArgs.version}/NVIDIA-Linux-aarch64-${mkDriverArgs.version}.run" - ]; - }; - updateScript = pkgs.den-http-get-updater { - fileLocation = ( builtins.unsafeGetAttrPos "any" { any = null; } ).file; - previousVersion = mkDriverArgs.version; - versionUrl = "https://raw.githubusercontent.com/aaronp24/nvidia-versions/master/nvidia-versions.txt"; - extraPackages = with pkgs; [ - coreutils - gawk - gnugrep - ]; - contentParser = lib.concatStringsSep " | " [ - "echo \"$newVersion\"" - "grep current" - "awk '{print $3}'" - "sort -V" - "tail -n 1" - ]; - unpack = false; - prefetchList = lib.map (x: { - inherit (x) previousHash; - unpack = x.unpack or true; - prefetchUrlLocation = { - file = builtins.toString self + "/outputs.nix"; - # TODO: don't use already existing NixOS configuration - attrpath = "nixosConfigurations.main.config.hardware.nvidia.package.${x.locationAttrpath}"; - }; - }) [ - { - previousHash = mkDriverArgs.sha256_64bit; - locationAttrpath = "urls.x86_64"; - unpack = false; - } - { - previousHash = mkDriverArgs.sha256_aarch64; - locationAttrpath = "urls.aarch64"; - unpack = false; - } - { - previousHash = mkDriverArgs.openSha256; - locationAttrpath = "open.src.urls"; - } - { - previousHash = mkDriverArgs.settingsSha256; - locationAttrpath = "settings.src.urls"; - } - { - previousHash = mkDriverArgs.persistencedSha256; - locationAttrpath = "persistenced.src.urls"; - } - ]; - }; - }; - }); + package = config.boot.kernelPackages.nvidiaPackages.mkDriver { + version = "570.133.07"; + sha256_64bit = "sha256-LUPmTFgb5e9VTemIixqpADfvbUX1QoTT2dztwI3E3CY="; + sha256_aarch64 = "sha256-yTovUno/1TkakemRlNpNB91U+V04ACTMwPEhDok7jI0="; + openSha256 = "sha256-9l8N83Spj0MccA8+8R1uqiXBS0Ag4JrLPjrU3TaXHnM="; + settingsSha256 = "sha256-XMk+FvTlGpMquM8aE8kgYK2PIEszUZD2+Zmj2OpYrzU="; + persistencedSha256 = "sha256-G1V7JtHQbfnSRfVjz/LE2fYTlh9okpCbE4dfX9oYSg8="; + }; }; nixpkgs.config.nvidia.acceptLicense = true; }; diff --git a/pkgs/by-name/de/den-http-get-updater/package.nix b/pkgs/by-name/de/den-http-get-updater/package.nix index 484fa35..d22b0ac 100644 --- a/pkgs/by-name/de/den-http-get-updater/package.nix +++ b/pkgs/by-name/de/den-http-get-updater/package.nix @@ -2,7 +2,7 @@ lib, curl, - gnused, + gawk, jq, nix, writeScript, @@ -11,111 +11,67 @@ { # location of file to modify fileLocation, + previousHash, previousVersion, versionUrl, - - # { - # fileLocation: string?; - # previousHash: string; - # prefetchUrlLocation: { - # file: string; - # attrpath: string[]' - # }; - # prefetchHash: string?; - # targetHash: string?; - # unpack: bool?; - # name: string?; - # }[] - # - prefetchList ? [], - - # extra packages to add to the path - extraPackages ? [], - + prefetchUrlLocation ? null, # change newVersion variable in it, if the contents of the page # is not plaintext version # (json for example) contentParser ? "echo \"$newVersion\"", unpack ? true, - hashAlgo ? "sha256", - hashFormat ? "sri", + name ? if unpack then "source" else null, }: +assert builtins.isNull prefetchUrlLocation || lib.isAttrs prefetchUrlLocation; +assert lib.isAttrs prefetchUrlLocation && ( + lib.isString prefetchUrlLocation.file or null || + lib.isPath prefetchUrlLocation.file or null +); +assert lib.isAttrs prefetchUrlLocation && lib.isString prefetchUrlLocation.attrpath or null; + let realFileLocation = builtins.toString fileLocation; + mark = builtins.hashString "sha256" previousHash; - prefetchList' = lib.map (x: - assert builtins.isNull x.prefetchUrlLocation || lib.isAttrs x.prefetchUrlLocation; - assert lib.isAttrs x.prefetchUrlLocation && ( - lib.isString x.prefetchUrlLocation.file or null || - lib.isPath x.prefetchUrlLocation.file or null - ); - assert lib.isAttrs x.prefetchUrlLocation && lib.isString x.prefetchUrlLocation.attrpath or null; - rec { - inherit fileLocation hashAlgo hashFormat unpack; - name = if x.unpack or unpack then "source" else null; - mark = builtins.hashString "sha256" x.previousHash; - markRegexEscape = lib.escapeRegex mark; - realFileLocation = builtins.toString x.fileLocation or fileLocation; - realFileLocationShellEscape = lib.escapeShellArg realFileLocation; - prefetchUrlLocationShellEscape = lib.mapAttrs (_: lib.escapeShellArg) x.prefetchUrlLocation; - previousHashRegexEscape = lib.escapeRegex x.previousHash; - } // x) prefetchList; + mark' = lib.escapeShellArg mark; + prefetchUrlLocation' = lib.mapAttrs (_: lib.escapeShellArg) prefetchUrlLocation; + realFileLocation' = lib.escapeShellArg realFileLocation; + versionUrl' = lib.escapeShellArg versionUrl; - realFileLocationShellEscape = lib.escapeShellArg realFileLocation; - versionUrlShellEscape = lib.escapeShellArg versionUrl; + mark'' = lib.escapeShellArg (lib.escapeRegex mark); + previousVersion'' = lib.escapeShellArg (lib.escapeRegex previousVersion); - previousVersionRegexEscape = lib.escapeRegex previousVersion; + nixUnpack = lib.optionalString unpack "--unpack"; + nixName = lib.optionalString (!builtins.isNull name) "--name \"${lib.escapeShellArg name}\""; - - path = lib.makeBinPath ([ + path = lib.makeBinPath [ curl - gnused + gawk jq nix - ] ++ extraPackages); + ]; in writeScript "den-http-get-updater" ('' PATH="${lib.escapeShellArg path}" - prefetchFailed= - newVersion=$(curl -L "${versionUrlShellEscape}") + newVersion=$(curl -L "${versionUrl'}") if [[ "$?" != 0 ]]; then echo "error: fetching new version failed" 1>&2 exit 1 fi newVersion=$(${contentParser}) - sed -Ei "s!${previousVersionRegexEscape}!$newVersion!g" "${realFileLocationShellEscape}" -'' - -# invalidate hashes -+ lib.concatStringsSep "\n" (lib.map ({ - mark, - previousHash, - previousHashRegexEscape, - realFileLocationShellEscape, - ... -}: '' - sed -Ei "s!${previousHashRegexEscape}!${mark}!g" "${realFileLocationShellEscape}" -'') prefetchList') - -+ lib.concatStringsSep "\n" (lib.map ({ - fileLocation, - markRegexEscape, - name, - prefetchUrlLocationShellEscape, - realFileLocationShellEscape, - unpack, - ... -}: let - nixUnpack = lib.optionalString unpack "--unpack"; - nixName = lib.optionalString (!builtins.isNull name) "--name \"${lib.escapeShellArg name}\""; -in '' - nixUrlsResult=$(nix-instantiate --eval --json --strict \ - "${prefetchUrlLocationShellEscape.file}" \ - -A "${prefetchUrlLocationShellEscape.attrpath}" + awk -i inplace "{ + sub(/${previousVersion''}/, \"$newVersion\") + # invalidate hash + sub(/${previousHash}/, \"${mark'}\") + }1" "${realFileLocation'}" +'' + lib.optionalString (!builtins.isNull prefetchUrlLocation) '' + nixUrlsResult=$(nix-instantiate --eval --json \ + "${prefetchUrlLocation'.file}" \ + -A "${prefetchUrlLocation'.attrpath}" ) urlsType=$(jq -rc 'type' <<< "$nixUrlsResult") @@ -132,28 +88,19 @@ in '' prefetchSucceeded=1 for url in "''${prefetchUrls[@]}"; do echo "trying prefetch '$url'..."; - expectedHash=$(nix-prefetch-url "$url" ${nixUnpack} ${nixName} --type "${hashAlgo}") - expectedHash=$(nix --extra-experimental-features "nix-command" hash convert \ - --hash-algo "${hashAlgo}" \ - --to "${hashFormat}" \ - "$expectedHash" - ) + expectedHash=$(nix-prefetch-url "$url" ${nixUnpack} ${nixName}) if [[ -n $expectedHash ]]; then echo "prefetch succeeded!" echo "hash: $expectedHash" - sed -Ei "s!${markRegexEscape}!$expectedHash!g" "${realFileLocationShellEscape}" + awk -i inplace "{ + sub(/${mark''}/, \"$expectedHash\") + }1" "${realFileLocation'}" prefetchSucceeded= break fi done if [[ -n "$prefetchSucceeded" ]]; then echo "warning: prefetch failed" 1>&2 - prefetchFailed=1 - fi -'') (lib.filter (x: !builtins.isNull x.prefetchUrlLocation) prefetchList')) - -+ '' - if [[ -n "$prefetchFailed" ]]; then exit 1 fi '') diff --git a/update-list.nix b/update-list.nix index eaaa200..9ce74c3 100644 --- a/update-list.nix +++ b/update-list.nix @@ -11,26 +11,3 @@ in { "inputs/cosmic-modules" = inputsWithPackages.cosmic-modules; "inputs/nixos-vscode-server" = inputsWithPackages.nixos-vscode-server; }) - -# MARK: NixOS modules -// ( let - pkgs = self.modifiedNixpkgsPure { - localSystem = builtins.currentSystem; - config.allowUnfree = true; - }; - lib = pkgs.lib; - mkUpdater = path: attrpath: extraModule: let - system = pkgs.nixos { - imports = [ path extraModule ]; - config = { - _module.args = { - inherit self; - inherit (self) inputs; - }; - system.stateVersion = lib.versions.pad 2 lib.trivial.verison; - }; - }; - in lib.getAttrFromPath ( [ "config" ] ++ attrpath ) system; -in { - "NixOS/nvidia" = mkUpdater ./nix-os/nvidia.nix [ "hardware" "nvidia" "package" ] {}; -})