diff --git a/.gitignore b/.gitignore index 456ec08..46302cd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -device-configuration.nix -hardware-configuration.nix +repl-result-* result -*.qcow2 \ No newline at end of file +result-* +*.qcow2 diff --git a/default.nix b/default.nix index 0c9248a..4647b38 100644 --- a/default.nix +++ b/default.nix @@ -3,49 +3,45 @@ # if evaluating inside the store, import the outputs.nix file let - contains = str: substr: let - str_length = builtins.stringLength str; - substr_length = builtins.stringLength substr; - listOfPossibleSubstrings = builtins.genList (i: builtins.substring i substr_length str) (str_length - substr_length + 1); - in if substr_length > str_length then false else builtins.any (x: x == substr) listOfPossibleSubstrings; - - endsWith = str: substr: let - str_length = builtins.stringLength str; - substr_length = builtins.stringLength substr; - in if substr_length > str_length then false else builtins.substring (str_length - substr_length) str_length str == substr; - - gitignore = builtins.filter (v: - # ignore comments and empty lines - if !(builtins.isString v) then false - else if !builtins.isNull(builtins.match "^#.*" v) then false - else if !builtins.isNull(builtins.match "^$" v) then false - else true - ) (builtins.split "\n" (builtins.readFile ./.gitignore)); - - # checks if a given path matches a gitignore pattern - # string -> bool - matchesGitIgnore = path: builtins.any (pattern: - let - patternLength = builtins.stringLength pattern; - unsupportedPatternMessage = "matchesGitIgnore: Unsupported pattern: ${pattern}"; - in - if pattern == "*" then true - else if pattern == ".*" then true - else if pattern == "*.*" then true - else if builtins.substring 0 2 pattern == "*." then endsWith path (builtins.substring 0 2 pattern) - else if contains pattern "*" then abort unsupportedPatternMessage - else if patternLength > 2 && builtins.substring 0 2 pattern == "./" then abort unsupportedPatternMessage - else if patternLength > 1 && builtins.substring 0 1 pattern == "/" then abort unsupportedPatternMessage - else contains path pattern - ) gitignore; + # Ideally this file should be selfcontained, but I like the utilities in nixpkgs lib + lib = (import "${(import ./inputs.nix {}).nixpkgs}/lib").extend (self: super: { + proot = import ./lib/gitignore-filter.nix { lib = self; }; + inherit (self.proot) parseGitignore runGitignoreFilter toGitignoreMatcher; + }); currentFilePath = (builtins.unsafeGetAttrPos "any" { any = "any"; }).file; storePathLength = builtins.stringLength (builtins.toString builtins.storeDir); evaluatingInStore = (builtins.substring 0 storePathLength currentFilePath) == builtins.storeDir; - selfInStore = builtins.filterSource (path: type: - type != "unknown" && builtins.baseNameOf path != ".git" && !matchesGitIgnore path - ) ./.; + gitlessSelfInStore = { + outPath = builtins.path { + path = ./.; + name = "source"; + filter = path: type: + let + selfPath = builtins.dirOf currentFilePath; + gitIgnoreFilters = lib.parseGitignore selfPath path; + result = type != "unknown" + && type != "symlink" + && builtins.baseNameOf path != ".git" + && lib.runGitignoreFilter gitIgnoreFilters path type; + in result; + }; + selfMode = "path"; + }; + gitfullSelfInStore = builtins.fetchGit "file://${builtins.toString ./.}" // { + selfMode = "git"; + }; + + selfInStore' = builtins.tryEval gitfullSelfInStore; + selfInStore = if selfInStore'.success then selfInStore'.value else gitlessSelfInStore; in -if !(evaluatingInStore) then { ... }@args: import selfInStore ({ selfPath = selfInStore; } // args ) -else { ... }@args: import ./outputs.nix ({ selfPath = selfInStore; } // args) +if !(evaluatingInStore) then { ... }@args: import selfInStore ({ + selfPath = selfInStore; +} // args ) +else { ... }@args: import ./outputs.nix ({ + selfPath = { + outPath = builtins.toString ./.; + selfMode = "store"; + }; +} // args) diff --git a/hosts/main/default.nix b/hosts/main/default.nix deleted file mode 100644 index d35b5bc..0000000 --- a/hosts/main/default.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ inputs, pkgs, ... }: - -{ - imports = [ - ../../nix-os/core.nix - ../../nix-os/core-desktop.nix - ../../nix-os/nvidia.nix - ../../nix-os/docker.nix - ../../nix-os/razer.nix - ../../nix-os/desktopManagers/gnome.nix - ../../nix-os/displayManagers/gdm.nix - ../../nix-os/shell.nix - ../../nix-os/virtualization.nix - ../../nix-os/polkit/disable-shutdown.nix - ../../nix-os/locale.nix - ../../nix-os/adb.nix - ../../nix-os/account.nix - ../../nix-os/xdg-default-apps.nix - ../../nix-os/services/nix-binary-cache.nix - ../../nix-os/udev.nix - ../../nix-os/gnupg.nix - - "${inputs.nixos-vscode-server}" - ]; - - config = { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "wroclaw-main"; - - services.xrdp.enable = true; - users.groups."tsusers".members = [ "wroclaw" ]; - - services.printing.drivers = with pkgs; [ - hplip - ]; - - # nixos-vscode-server module needs this - programs.nix-ld.enable = true; - services.vscode-server = { - enable = true; - extraRuntimeDependencies = with pkgs; [ - docker - ]; - }; - - services.pipewire.wireplumber.configPackages = [( - pkgs.stdenvNoCC.mkDerivation { - name = "wireplumber-config"; - src = ./wireplumber; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/share/wireplumber/wireplumber.conf.d - cp -r $src/* $out/share/wireplumber/wireplumber.conf.d - ''; - } - )]; - - services.printing.startWhenNeeded = false; - - system.stateVersion = "23.05"; - }; -} diff --git a/hosts/tablet.nix b/hosts/tablet.nix deleted file mode 100644 index ad06d9b..0000000 --- a/hosts/tablet.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ../nix-os/core.nix - ../nix-os/core-desktop.nix - ../nix-os/account.nix - ../nix-os/adb.nix - ../nix-os/locale.nix - ../nix-os/shell.nix - ../nix-os/gnupg.nix - - ../nix-os/desktopManagers/gnome.nix - ../nix-os/displayManagers/gdm.nix - ../nix-os/udev.nix - ]; - - config = { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "wroclaw-hp"; - networking.networkmanager.enable = true; - networking.firewall.enable = true; - hardware.sensor.iio.enable = true; - - networking.firewall.allowedTCPPortRanges = [ - # KDE Connect - rec { from = 1714; to = from + 50; } - ]; - - networking.firewall.allowedUDPPortRanges = [ - # KDE Connect - rec { from = 1714; to = from + 50; } - ]; - - services.logind.extraConfig = '' - HandlePowerKey=suspend - HandlePowerKeyLongPress=poweroff - HandleSuspendKey=suspend-then-hibernate - HandleSuspendKeyLongPress=hibernate - HandleLidSwitch=lock - HandleLidSwitchDocked=ignore - HandleLidSwitchExternalPower=lock - ''; - - system.stateVersion = "23.11"; - }; -} - diff --git a/hosts/vm-base.nix b/hosts/vm-base.nix deleted file mode 100644 index 1f3b796..0000000 --- a/hosts/vm-base.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ lib, modulesPath, ... }: - -{ - imports = [ - "${modulesPath}/virtualisation/qemu-vm.nix" - ../nix-os/account.nix - ../nix-os/core.nix - ../nix-os/locale.nix - ../nix-os/polkit/disable-shutdown.nix - ../nix-os/shell.nix - ../nix-os/udev.nix - ../nix-os/xdg-default-apps.nix - ]; - - config = { - services.syncthing.enable = lib.mkForce false; - virtualisation = { - memorySize = 4096; - }; - }; -} diff --git a/hosts/vm-gnome.nix b/hosts/vm-gnome.nix deleted file mode 100644 index 2b54493..0000000 --- a/hosts/vm-gnome.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ lib, ... }: - -{ - imports = [ - ./vm-base.nix - ../nix-os/desktopManagers/gnome.nix - ../nix-os/displayManagers/gdm.nix - ]; -} diff --git a/inputs.nix b/inputs.nix index 334379b..228abc4 100644 --- a/inputs.nix +++ b/inputs.nix @@ -1,24 +1,111 @@ -let self = { - lock ? import ./lock.nix -, lib ? import "${(self {}).nixpkgs}/lib" +{ + lock ? import lockFile, + lockFile ? ./lock.nix, + pkgs ? throw "inputs called without pkgs", }: -{ +let + +self = { inherit lock; - nixos-vscode-server = builtins.fetchTarball { - name = "nixos-vscode-server"; + nixos-vscode-server = rec { url = "https://github.com/nix-community/nixos-vscode-server/archive/${lock.nixos-vscode-server.revision}.tar.gz"; - sha256 = "${lock.nixos-vscode-server.sha256}"; + updateScript = pkgs.den-http-get-updater { + fileLocation = lockFile; + previousVersion = lock.nixos-vscode-server.revision; + versionUrl = "https://api.github.com/repos/nix-community/nixos-vscode-server/commits"; + contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; + prefetchList = [{ + previousHash = lock.nixos-vscode-server.sha256; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixos-vscode-server.url"; + }; + }]; + }; + outPath = builtins.fetchTarball { + inherit url; + sha256 = "${lock.nixos-vscode-server.sha256}"; + }; }; - nixpkgs = builtins.fetchTarball { - name = "nixpkgs"; + nixpkgs = rec { url = "https://github.com/NixOS/nixpkgs/archive/${lock.nixpkgs.revision}.tar.gz"; - sha256 = "${lock.nixpkgs.sha256}"; + updateScript = pkgs.den-http-get-updater { + fileLocation = lockFile; + previousVersion = lock.nixpkgs.revision; + versionUrl = "https://channels.nixos.org/nixos-25.05/git-revision"; + prefetchList = [{ + previousHash = lock.nixpkgs.sha256; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixpkgs.url"; + }; + }]; + }; + outPath = builtins.fetchTarball { + inherit url; + sha256 = "${lock.nixpkgs.sha256}"; + }; }; - cosmic-modules = builtins.fetchTarball { - name = "cosmic-modules"; + nixpkgs-unstable = rec { + url = "https://github.com/NixOS/nixpkgs/archive/${lock.nixpkgs-unstable.revision}.tar.gz"; + updateScript = pkgs.den-http-get-updater { + fileLocation = lockFile; + previousVersion = lock.nixpkgs-unstable.revision; + versionUrl = "https://channels.nixos.org/nixos-unstable/git-revision"; + prefetchList = [{ + previousHash = lock.nixpkgs-unstable.sha256; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nixpkgs-unstable.url"; + }; + }]; + }; + outPath = builtins.fetchTarball { + inherit url; + sha256 = "${lock.nixpkgs-unstable.sha256}"; + }; + }; + nix-bitcoin = rec { + url = "https://github.com/fort-nix/nix-bitcoin/archive/${lock.nix-bitcoin.revision}.tar.gz"; + updateScript = pkgs.den-http-get-updater { + fileLocation = lockFile; + previousVersion = lock.nix-bitcoin.revision; + versionUrl = "https://api.github.com/repos/fort-nix/nix-bitcoin/commits"; + contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; + prefetchList = [{ + previousHash = lock.nix-bitcoin.sha256; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "nix-bitcoin.url"; + }; + }]; + }; + outPath = builtins.fetchTarball { + inherit url; + sha256 = "${lock.nix-bitcoin.sha256}"; + }; + }; + cosmic-modules = rec { url = "https://github.com/lilyinstarlight/nixos-cosmic/archive/${lock.cosmic-modules.revision}.tar.gz"; - sha256 = "${lock.cosmic-modules.sha256}"; + updateScript = pkgs.den-http-get-updater { + fileLocation = lockFile; + previousVersion = lock.cosmic-modules.revision; + versionUrl = "https://api.github.com/repos/amozeo/nixos-cosmic/commits"; + contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; + prefetchList = [{ + previousHash = lock.cosmic-modules.sha256; + prefetchUrlLocation = { + file = ./inputs.nix; + attrpath = "cosmic-modules.url"; + }; + }]; + }; + outPath = builtins.fetchTarball { + inherit url; + sha256 = "${lock.cosmic-modules.sha256}"; + }; }; }; + in self diff --git a/lib/gitignore-filter.nix b/lib/gitignore-filter.nix new file mode 100644 index 0000000..42c8740 --- /dev/null +++ b/lib/gitignore-filter.nix @@ -0,0 +1,112 @@ +{ lib }: { + # function that takes gitignore file pattern and returns filter function + # true - include file + # false - exclude file + # null - no match + # string -> string -> [(string -> string -> (bool | null))] + toGitignoreMatcher = gitignorePath: pattern: lib.pipe pattern [ + (v: { pattern = v; invalid = false; }) + # trim whitespaces not preceded by backslash + (v: v // { pattern = let + stringLength = builtins.stringLength v.pattern; + leftPaddingLength = builtins.stringLength (lib.trimWith { start = true; end = false; } v.pattern) - stringLength; + rightPaddingLength = builtins.stringLength (lib.trimWith { start = false; end = true; } v.pattern) - stringLength; + isLastCharBackslash = if stringLength == 0 then false + else builtins.substring (stringLength - rightPaddingLength - 1) 1 v.pattern == "\\"; + trimmedString = builtins.substring leftPaddingLength (stringLength - leftPaddingLength - rightPaddingLength) v.pattern; + in if isLastCharBackslash && rightPaddingLength > 0 then trimmedString + " " else trimmedString; }) + # ignore empty lines + (v: if v.pattern != "" then v else v // { invalid = true; }) + # ignore comments + (v: if !v.invalid && builtins.substring 0 1 v.pattern != "#" then v else v // { invalid = true; }) + # mark negated patterns + (v: + if !v.invalid && builtins.substring 0 1 v.pattern == "!" + then v // { + negated = true; + pattern = builtins.substring 1 (builtins.stringLength v) v; + } + else v // { negated = false; } + ) + # ignore escapes + (v: if v.invalid then v else v // { pattern = builtins.replaceStrings ["\\"] [""] v.pattern; }) + # convert parsed pattern to matchers + ({ pattern, negated, invalid }: { + __functor = _: path: type: let + relative = builtins.match "^/.+[^/]$" pattern == []; + directory = builtins.match "/$" pattern == []; + regexPattern = lib.pipe pattern [ + (v: if relative then "${gitignorePath}/${v}" else v) + (builtins.split "/") + (builtins.filter (v: v != [])) + (builtins.map (builtins.split "(\\*\\*|\\*)")) + (builtins.concatMap (v: + # v: (string | [string])[] + if v == [ "" ] then [] + # TODO: check and add support for .. if git supports + else if v == [ "." ] then [] + else [( builtins.foldl' (acc: vp: + # vp: string | [string] + if builtins.isString vp then acc + lib.escapeRegex vp + else if vp == [ "**" ] then acc + ".*" + else if vp == [ "*" ] then acc + "[^/]*" + else throw "unreachable" + ) "" v )] + )) + (builtins.concatStringsSep "/" ) + (v: if relative then v else ".*/${v}") + ]; + matches = (!directory || type == "directory") + && (builtins.match regexPattern path == []); + in if invalid then null + else if matches then negated + else null; + # for debug purposes + inherit pattern negated; + # for filtering purposes + inherit invalid; + }) + ]; + + # TODO: optimize this so if match is found in a given gitignore, + # no further checks in gitignores in parent directories are performed + + parseGitignore = gitRepositoryPath: filePath: lib.pipe filePath [ + (builtins.dirOf) + (builtins.split "/" ) + (builtins.filter (v: v != [] && v != "")) + # ["a" "b" "c"] -> ["/" "/a/" "/a/b/" "/a/b/c/"] + ( + builtins.foldl' (acc: v: acc ++ [( + (builtins.elemAt acc (builtins.length acc - 1)) + "${v}/" + )] ) ["/"] + ) + (builtins.map (v: "${v}.gitignore")) + # Filter out paths that are not part of git repository and don't exist + (builtins.filter (v: lib.hasPrefix gitRepositoryPath v && builtins.pathExists v)) + (builtins.map (v: { + path = v; + # Split gitignore files into lines + contents = lib.pipe v [ + builtins.readFile + (builtins.split "\n") + # builtins.split uses lists for matches + (builtins.filter (v: v != [])) + ]; + })) + # Convert gitignore patterns to matchers + (builtins.map (v: + builtins.map (lib.toGitignoreMatcher v.path) v.contents) + ) + lib.flatten + (lib.filter (v: !v.invalid)) + ]; + + runGitignoreFilter = filters: path: type: lib.pipe filters [ + (builtins.map (v: v path type)) + (builtins.filter (v: v != null)) + # If any filter didn't match anything, include the file + (v: if v == [] then [ true ] else v) + (v: builtins.elemAt v (builtins.length v - 1)) + ]; +} diff --git a/lib/overlays/version-info-fixup.nix b/lib/overlays/version-info-fixup.nix index b413842..104840a 100644 --- a/lib/overlays/version-info-fixup.nix +++ b/lib/overlays/version-info-fixup.nix @@ -1,8 +1,8 @@ -{ inputs ? import ../../inputs.nix {} }: +{ revision }: selfLib: superLib: { trivial = superLib.trivial // { - versionSuffix = ".git.${builtins.substring 0 12 inputs.lock.nixpkgs.revision}"; - revisionWithDefault = default: inputs.lock.nixpkgs.revision or default; + versionSuffix = ".git.${builtins.substring 0 12 revision}"; + revisionWithDefault = default: revision; }; } diff --git a/lock.nix b/lock.nix index 28a61ca..c5133b2 100644 --- a/lock.nix +++ b/lock.nix @@ -1,14 +1,22 @@ { nixos-vscode-server = { - revision = "fc900c16efc6a5ed972fb6be87df018bcf3035bc"; - sha256 = "1rq8mrlmbzpcbv9ys0x88alw30ks70jlmvnfr2j8v830yy5wvw7h"; + revision = "4ec4859b12129c0436b0a471ed1ea6dd8a317993"; + sha256 = "sha256-Bx7DOPLhkr8Z60U9Qw4l0OidzHoqLDKQH5rDV5ef59A="; }; nixpkgs = { - revision = "883180e6550c1723395a3a342f830bfc5c371f6b"; - sha256 = "01axrf25mahbxmp6vgfgx09dflbyaavr5liynkp6rpm4lkacr27f"; + revision = "b43c397f6c213918d6cfe6e3550abfe79b5d1c51"; + sha256 = "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y="; + }; + nixpkgs-unstable = { + revision = "3016b4b15d13f3089db8a41ef937b13a9e33a8df"; + sha256 = "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY="; + }; + nix-bitcoin = { + revision = "aec8331f261dacc116a17f034d0dd2fde8ef66eb"; + sha256 = "sha256-rEppXe8E4q0GWB3uU3I/tzdeu4tDOy6O3jB6yDW7KaE="; }; cosmic-modules = { - revision = "d8b2b9aee034c10ca67848653171f576f87434a8"; - sha256 = "03i8smxgx2fdb9kkys81dihb5yja3nk9wjs1rx5h7f3b5kii1fd7"; + revision = "7e3fc3ea3e05fd90632433d02674cd9afe0513c9"; + sha256 = "sha256-OBmdkDj6jhkO5W76ZSSUZLfKt+TrQtxxYlcvXS+6cAs="; }; } diff --git a/nix-os/account.nix b/nix-os/account.nix deleted file mode 100644 index e7bb85c..0000000 --- a/nix-os/account.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ config, lib, pkgs, unstablePkgs, ... }: - -{ - imports = [ - ./unstable-packages.nix - ]; - users.users.wroclaw = { - isNormalUser = true; - description = "Rafał"; - group = "wroclaw"; - extraGroups = [ - "users" - "wheel" - ] ++ lib.optional config.programs.adb.enable "adbusers"; - linger = true; - initialPassword = "nixos"; - packages = with pkgs; [ - firefox - (vivaldi.override { - proprietaryCodecs = true; - commandLineArgs = [ "--ozone-platform=wayland" ]; - }) - vesktop - unstablePkgs.vscode - gimp - inkscape - krita - unstablePkgs.zettlr - ]; - }; - users.groups.wroclaw.gid = 1000; - - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - }; - - services.syncthing = { - enable = true; - user = "wroclaw"; - group = "wroclaw"; - dataDir = "/home/wroclaw"; - configDir = "/home/wroclaw/.config/syncthing"; - }; -} diff --git a/nix-os/core-desktop.nix b/nix-os/core-desktop.nix deleted file mode 100644 index 81725dd..0000000 --- a/nix-os/core-desktop.nix +++ /dev/null @@ -1,35 +0,0 @@ -{config, lib, pkgs, ... }: - -{ - config = { - services.printing.enable = true; - - sound.enable = false; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - - # Enable audio interfaces renaming - wireplumber.enable = true; - }; - - environment.systemPackages = with pkgs; [ - mpv - ]; - - services.openssh.extraConfig = '' - X11Forwarding yes - ''; - - # Fonts - fonts.packages = with pkgs; [ - corefonts - nerdfonts - roboto - ]; - }; -} diff --git a/nix-os/core.nix b/nix-os/core.nix deleted file mode 100644 index 53eaab8..0000000 --- a/nix-os/core.nix +++ /dev/null @@ -1,96 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running 'nixos-help'). - -{ inputs, lib, pkgs, ... }: - -let - inherit (pkgs) mkWrappedExecutable; - - # bool -> nixpkgs[] - wrappedNixExecutables = inEnvironment: assert builtins.isBool inEnvironment; [ - (mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-build"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar${lib.optionalString inEnvironment "-with-logs"}"];}) - (mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-shell"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar"];}) - ]; - wrappedNixosExecutables = [ - (mkWrappedExecutable {pkg = pkgs.nixos-rebuild; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar"];}) - ]; - wrappedNix = (pkgs.buildEnv { - name = "wrappedNix-${pkgs.nix.version}"; - paths = [ pkgs.nix ] ++ wrappedNixExecutables false; - }).overrideAttrs { - version = pkgs.nix.version; - }; -in -{ - # kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Enable networking - networking.networkmanager.enable = true; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - nix = { - package = wrappedNix; - channel.enable = false; - settings.nix-path = [ - "nixpkgs=${pkgs.selfExpr { useConfig = false; }}" - "systemNixpkgs=${pkgs.selfExpr { useConfig = true; name = "systemNixpkgs-self"; }}" - # don't garbage collect the nixpkgs input - "inputsNixpkgs=${inputs.nixpkgs}" - ]; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - wget - ffmpeg - yt-dlp - htop - btop - fastfetch - smartmontools - ddrescue - ] ++ wrappedNixExecutables true - ++ wrappedNixosExecutables; - - programs.git.enable = true; - programs.git.config = { - init.defaultBranch = "main"; - merge.conflictstyle = "diff3"; - rerere.enabled = true; - }; - - # Use nix-index for command-not-found handler - programs.command-not-found.enable = false; - programs.nix-index = { - package = pkgs.nix-index.override { - nix-index-unwrapped = pkgs.nix-index-unwrapped.overrideAttrs (oldAttrs: { - patches = oldAttrs.patches or [] ++ [ - ../pkgs/by-name/ni/nix-index/cnfOutput.patch - ]; - }); - - }; - enable = true; - enableBashIntegration = true; - }; - - # Enable fail2ban because of the OpenSSH server - services.fail2ban = { - enable = true; - maxretry = 10; - bantime = "7d"; - }; - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - ports = [ - 22 - 8022 - ]; - }; -} diff --git a/nix-os/desktopManagers/cosmic.nix b/nix-os/desktopManagers/cosmic.nix deleted file mode 100644 index 96a1bf3..0000000 --- a/nix-os/desktopManagers/cosmic.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ inputs, lib, pkgs, ... }: - -{ - imports = [ - "${inputs.cosmic-modules}/nixos/cosmic/module.nix" - ]; - config = { - services.desktopManager.cosmic.enable = true; - }; -} diff --git a/nix-os/docker.nix b/nix-os/docker.nix deleted file mode 100644 index 4583f6f..0000000 --- a/nix-os/docker.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, config, pkgs, ... }: - -{ - config.virtualisation.docker = { - enable = true; - enableOnBoot = true; - storageDriver = if config.fileSystems."/".fsType == "btrfs" then "btrfs" else null; - rootless.enable = true; - rootless.setSocketVariable = true; - daemon.settings = { - default-address-pools = [ - {base = "10.64.0.0/10"; size = 24;} - ]; - bip = "10.127.0.1/16"; - }; - }; - config.users.users.indocker = { - isSystemUser = true; - hashedPassword = "!"; - uid = 900; - group = "indocker"; - }; - config.users.groups.indocker = { - gid = 900; - }; - config.environment.systemPackages = with pkgs; [ - docker-compose - ]; - - # Docker enables firewall anyway, let's enable the firewall for it if it's disabled - # TODO: Apply only when config.networking.firewall is false - config.networking.firewall = { - enable = lib.mkOverride 90 true; - allowedTCPPorts = lib.mkOverride 90 []; - allowedUDPPorts = lib.mkOverride 90 []; - allowedTCPPortRanges = lib.mkOverride 90 [{ from = 0; to = 65535;}]; - allowedUDPPortRanges = lib.mkOverride 90 [{ from = 0; to = 65535;}]; - }; -} diff --git a/nix-os/nvidia.nix b/nix-os/nvidia.nix deleted file mode 100644 index c166ac5..0000000 --- a/nix-os/nvidia.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ...}: - -{ - hardware.opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - }; - services.xserver.videoDrivers = ["nvidia"]; - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = true; - open = false; - nvidiaSettings = true; - package = config.boot.kernelPackages.nvidiaPackages.mkDriver { - version = "555.58.02"; - sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM="; - sha256_aarch64 = "sha256-wb20isMrRg8PeQBU96lWJzBMkjfySAUaqt4EgZnhyF8="; - openSha256 = "sha256-8hyRiGB+m2hL3c9MDA/Pon+Xl6E788MZ50WrrAGUVuY="; - settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8="; - persistencedSha256 = "sha256-a1D7ZZmcKFWfPjjH1REqPM5j/YLWKnbkP9qfRyIyxAw="; - }; - }; - nixpkgs.config.nvidia.acceptLicense = true; -} diff --git a/nix-os/polkit/disable-shutdown.nix b/nix-os/polkit/disable-shutdown.nix deleted file mode 100644 index 24571dd..0000000 --- a/nix-os/polkit/disable-shutdown.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ ... }: - -{ - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - polkit.log("action=" + action); - polkit.log("subject=" + subject); - if ( - action.id == "org.freedesktop.login1.halt" || - action.id == "org.freedesktop.login1.halt-ignore-inhibit" || - action.id == "org.freedesktop.login1.halt-multiple-sessions" || - action.id == "org.freedesktop.login1.hibernate" || - action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" || - action.id == "org.freedesktop.login1.hibernate-multiple-sessions" || - action.id == "org.freedesktop.login1.inhibit-block-idle" || - action.id == "org.freedesktop.login1.inhibit-block-shutdown" || - action.id == "org.freedesktop.login1.inhibit-block-sleep" || - action.id == "org.freedesktop.login1.inhibit-delay-shutdown" || - action.id == "org.freedesktop.login1.inhibit-delay-sleep" || - action.id == "org.freedesktop.login1.inhibit-handle-hibernate-key" || - action.id == "org.freedesktop.login1.inhibit-handle-lid-switch" || - action.id == "org.freedesktop.login1.inhibit-handle-power-key" || - action.id == "org.freedesktop.login1.inhibit-handle-reboot-key" || - action.id == "org.freedesktop.login1.inhibit-handle-suspend-key" || - action.id == "org.freedesktop.login1.power-off" || - action.id == "org.freedesktop.login1.power-off-ignore-inhibit" || - action.id == "org.freedesktop.login1.power-off-multiple-sessions" || - action.id == "org.freedesktop.login1.reboot" || - action.id == "org.freedesktop.login1.reboot-ignore-inhibit" || - action.id == "org.freedesktop.login1.reboot-multiple-sessions" || - action.id == "org.freedesktop.login1.set-reboot-parameter" || - action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-entry" || - action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-menu" || - action.id == "org.freedesktop.login1.set-reboot-to-firmware-setup" || - action.id == "org.freedesktop.login1.set-self-linger" || - action.id == "org.freedesktop.login1.set-user-linger" || - action.id == "org.freedesktop.login1.set-wall-message" || - action.id == "org.freedesktop.login1.suspend" || - action.id == "org.freedesktop.login1.suspend-ignore-inhibit" || - action.id == "org.freedesktop.login1.suspend-multiple-sessions" - ) { - return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO; - }; - }); - ''; -} diff --git a/nix-os/razer.nix b/nix-os/razer.nix deleted file mode 100644 index cd9dcf1..0000000 --- a/nix-os/razer.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib, config, pkgs, ... }: -{ - hardware.openrazer = { - enable = true; - users = [ - "wroclaw" - ]; - }; -# users.groups.openrazer.members = [ -# "wroclaw" -# ]; - environment.systemPackages = with pkgs; [ - openrazer-daemon - polychromatic - ]; -} diff --git a/nix-os/services/nix-binary-cache.nix b/nix-os/services/nix-binary-cache.nix deleted file mode 100644 index aaff003..0000000 --- a/nix-os/services/nix-binary-cache.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ - config = { - services.nix-serve = { - enable = true; - secretKeyFile = "/var/cache-priv-key.pem"; - }; - }; -} diff --git a/nix-os/shell.nix b/nix-os/shell.nix deleted file mode 100644 index bdbd0c8..0000000 --- a/nix-os/shell.nix +++ /dev/null @@ -1,159 +0,0 @@ -{ config, pkgs, unstablePkgs, lib, ... }: - -let - rangerGit = pkgs.ranger.overrideAttrs (old: { - version = "git"; - src = pkgs.fetchFromGitHub { - owner = "ranger"; - repo = "ranger"; - rev = "c7777d558d5b69843b21f986e9af1af311c83887"; - hash = "sha256-DTVoEfc4dAaBTDLFujvWIYj5KHL89YknUiinIs9Rkeg="; - }; - propagatedBuildInputs = with pkgs.python3Packages; [ - # required for test suite, it's being ran during package build for some reason - flake8 - pylint - pytest - setuptools - ] ++ old.propagatedBuildInputs; - }); - aliasDrag = pkgs.writeScriptBin "drag" '' - ${unstablePkgs.ripdrag}/bin/ripdrag -Axd $@ - ''; -in -{ - imports = [ - ./unstable-packages.nix - ]; - environment.systemPackages = with pkgs; [ - aliasDrag - rangerGit - kitty - zoxide - ]; - - programs.bash.shellInit = '' - HISTCONTROL=ignoreboth - ''; - - programs.bash.interactiveShellInit = '' - HISTCONTROL=ignoreboth - if test -n "$KITTY_INSTALLATION_DIR"; then - export KITTY_SHELL_INTEGRATION="enabled,no-sudo" - source "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash" - fi - eval "''$(zoxide init bash)" - alias bye=exit - ''; - - environment.etc."xdg/kitty/kitty.conf".text = '' - font_family MesloLGS Nerd Font - font_size 10.0 - scrollback_lines 10000 - window_border_width 0.5 - window_padding_width 3 - ${if config.services.xserver.desktopManager.gnome.enable then "hide_window_decorations yes" else ""} - background_opacity 0.8 - dynamic_background_opacity yes - - map kitty_mod+alt+c copy_ansi_to_clipboard - ''; - - environment.etc."ranger/rc.conf".text = '' - eval import os; fm.set_option_from_string("preview_images", "true") if "KITTY_INSTALLATION_DIR" in os.environ else None; - eval import os; fm.set_option_from_string("preview_images_method", "kitty") if "KITTY_INSTALLATION_DIR" in os.environ else None; - set vcs_aware true - set show_hidden true - - alias drag shell ${unstablePkgs.ripdrag}/bin/ripdrag -Axd %p & - map drag - ''; - - environment.etc."ranger/plugins/zoxide.py".source = pkgs.fetchFromGitHub { - owner = "jchook"; - repo = "ranger-zoxide"; - rev = "281828de060299f73fe0b02fcabf4f2f2bd78ab3"; - hash = "sha256-JEuyYSVa1NS3aftezEJx/k19lwwzf7XhqBCL0jH6VT4="; - } + /__init__.py; - - programs.direnv.enable = true; - - programs.neovim = { - enable = true; - viAlias = true; - vimAlias = true; - configure = { - customRC = '' - set number - set hlsearch - set incsearch - set tabstop=4 - set softtabstop=4 - set shiftwidth=4 - set expandtab - set autoindent - set updatetime=500 - - syntax on - set encoding=utf-8 - set wildmode=longest,list,full - set listchars=space:·,tab:┄┄» - set indentkeys-=0# - - " rainbow-delimeters-nvim - let g:rainbow_delimiters = { - \ 'strategy': { - \ ${"''"}: rainbow_delimiters#strategy.global, - \ }, - \ } - - " vim-gitguter - set signcolumn=yes - highlight SignColumn ctermbg=NONE - highlight GitGutterAdd ctermfg=2 - highlight GitGutterChange ctermfg=4 - highlight GitGutterDelete ctermfg=1 - - lua require('guess-indent').setup {} - ''; - packages.myVimPackage = with pkgs.vimPlugins; { - start = [ - guess-indent-nvim - vim-visual-multi - autoclose-nvim - rainbow-delimiters-nvim - vimagit - vim-gitgutter - ]; - }; - }; - }; - - environment.variables = lib.mkIf config.programs.neovim.enable rec { - EDITOR = "/run/current-system/sw/bin/nvim"; - VISUAL = EDITOR; - }; - - programs.starship = { - enable = true; - settings = { - format = "$all$line_break\${custom.ranger}$jobs$battery$time$status$os$container$shell$character"; - directory = { - truncation_length = 5; - truncation_symbol = "…/"; - }; - hostname = { - ssh_only = false; - }; - username = { - show_always = true; - }; - status.disabled = false; - custom.ranger = { - when = "test $RANGER_LEVEL"; - command = "echo \"✦\""; - style = "bold 208"; - }; - }; - }; -} diff --git a/nix-os/virtualization.nix b/nix-os/virtualization.nix deleted file mode 100644 index c1e062f..0000000 --- a/nix-os/virtualization.nix +++ /dev/null @@ -1,16 +0,0 @@ - -{ lib, config, pkgs, ... }: - -{ - #virtualisation.waydroid.enable = true; - programs.virt-manager.enable = true; - virtualisation.libvirtd = { - enable = true; - qemu.ovmf = { - enable = true; - packages = [ - pkgs.OVMFFull.fd - ]; - }; - }; -} diff --git a/nix-os/xdg-default-apps.nix b/nix-os/xdg-default-apps.nix deleted file mode 100644 index 2211375..0000000 --- a/nix-os/xdg-default-apps.nix +++ /dev/null @@ -1,136 +0,0 @@ -{ ... }: - -{ - xdg.mime.enable = true; - xdg.mime.defaultApplications = { - # Browser - "x-scheme-handler/http" = "vivaldi-stable.desktop"; - "application/xhtml+xml" = "vivaldi-stable.desktop"; - "text/html" = "vivaldi-stable.desktop"; - "x-scheme-handler/https" = "vivaldi-stable.desktop"; - - # Audio - "audio/aiff" = "mpv.desktop"; - "audio/basic" = "mpv.desktop"; - "audio/it" = "mpv.desktop"; - "audio/make" = "mpv.desktop"; - "audio/make.my.funk" = "mpv.desktop"; - "audio/mid" = "mpv.desktop"; - "audio/midi" = "mpv.desktop"; - "audio/mod" = "mpv.desktop"; - "audio/mpeg" = "mpv.desktop"; - "audio/mpeg3" = "mpv.desktop"; - "audio/nspaudio" = "mpv.desktop"; - "audio/s3m" = "mpv.desktop"; - "audio/tsp-audio" = "mpv.desktop"; - "audio/tsplayer" = "mpv.desktop"; - "audio/vnd.qcelp" = "mpv.desktop"; - "audio/voc" = "mpv.desktop"; - "audio/voxware" = "mpv.desktop"; - "audio/wav" = "mpv.desktop"; - "audio/x-adpcm" = "mpv.desktop"; - "audio/x-aiff" = "mpv.desktop"; - "audio/x-au" = "mpv.desktop"; - "audio/x-gsm" = "mpv.desktop"; - "audio/x-jam" = "mpv.desktop"; - "audio/x-liveaudio" = "mpv.desktop"; - "audio/x-mid" = "mpv.desktop"; - "audio/x-midi" = "mpv.desktop"; - "audio/x-mod" = "mpv.desktop"; - "audio/x-mpeg" = "mpv.desktop"; - "audio/x-mpeg-3" = "mpv.desktop"; - "audio/x-mpequrl" = "mpv.desktop"; - "audio/x-nspaudio" = "mpv.desktop"; - "audio/x-pn-realaudio" = "mpv.desktop"; - "audio/x-pn-realaudio-plugin" = "mpv.desktop"; - "audio/x-psid" = "mpv.desktop"; - "audio/x-realaudio" = "mpv.desktop"; - "audio/x-twinvq" = "mpv.desktop"; - "audio/x-twinvq-plugin" = "mpv.desktop"; - "audio/x-vnd.audioexplosion.mjuicemediafile" = "mpv.desktop"; - "audio/x-voc" = "mpv.desktop"; - "audio/x-wav" = "mpv.desktop"; - "audio/xm" = "mpv.desktop"; - - # Video - "video/animaflex" = "mpv.desktop"; - "video/avi" = "mpv.desktop"; - "video/avs-video" = "mpv.desktop"; - "video/dl" = "mpv.desktop"; - "video/fli" = "mpv.desktop"; - "video/gl" = "mpv.desktop"; - "video/mpeg" = "mpv.desktop"; - "video/msvideo" = "mpv.desktop"; - "video/quicktime" = "mpv.desktop"; - "video/vdo" = "mpv.desktop"; - "video/vivo" = "mpv.desktop"; - "video/vnd.rn-realvideo" = "mpv.desktop"; - "video/vnd.vivo" = "mpv.desktop"; - "video/vosaic" = "mpv.desktop"; - "video/x-amt-demorun" = "mpv.desktop"; - "video/x-amt-showrun" = "mpv.desktop"; - "video/x-atomic3d-feature" = "mpv.desktop"; - "video/x-dl" = "mpv.desktop"; - "video/x-dv" = "mpv.desktop"; - "video/x-fli" = "mpv.desktop"; - "video/x-gl" = "mpv.desktop"; - "video/x-isvideo" = "mpv.desktop"; - "video/x-motion-jpeg" = "mpv.desktop"; - "video/x-mpeg" = "mpv.desktop"; - "video/x-mpeq2a" = "mpv.desktop"; - "video/x-ms-asf" = "mpv.desktop"; - "video/x-ms-asf-plugin" = "mpv.desktop"; - "video/x-msvideo" = "mpv.desktop"; - "video/x-qtc" = "mpv.desktop"; - "video/x-scm" = "mpv.desktop"; - "video/x-sgi-movie" = "mpv.desktop"; - - # Image - "image/bmp" = "org.gnome.Loupe.desktop"; - "image/cmu-raster" = "org.gnome.Loupe.desktop"; - "image/fif" = "org.gnome.Loupe.desktop"; - "image/florian" = "org.gnome.Loupe.desktop"; - "image/g3fax" = "org.gnome.Loupe.desktop"; - "image/gif" = "org.gnome.Loupe.desktop"; - "image/ief" = "org.gnome.Loupe.desktop"; - "image/jpeg" = "org.gnome.Loupe.desktop"; - "image/jutvision" = "org.gnome.Loupe.desktop"; - "image/naplps" = "org.gnome.Loupe.desktop"; - "image/pict" = "org.gnome.Loupe.desktop"; - "image/pjpeg" = "org.gnome.Loupe.desktop"; - "image/png" = "org.gnome.Loupe.desktop"; - "image/tiff" = "org.gnome.Loupe.desktop"; - "image/vasa" = "org.gnome.Loupe.desktop"; - "image/vnd.dwg" = "org.gnome.Loupe.desktop"; - "image/vnd.fpx" = "org.gnome.Loupe.desktop"; - "image/vnd.net-fpx" = "org.gnome.Loupe.desktop"; - "image/vnd.rn-realflash" = "org.gnome.Loupe.desktop"; - "image/vnd.rn-realpix" = "org.gnome.Loupe.desktop"; - "image/vnd.wap.wbmp" = "org.gnome.Loupe.desktop"; - "image/vnd.xiff" = "org.gnome.Loupe.desktop"; - "image/x-cmu-raster" = "org.gnome.Loupe.desktop"; - "image/x-dwg" = "org.gnome.Loupe.desktop"; - "image/x-icon" = "org.gnome.Loupe.desktop"; - "image/x-jg" = "org.gnome.Loupe.desktop"; - "image/x-jps" = "org.gnome.Loupe.desktop"; - "image/x-niff" = "org.gnome.Loupe.desktop"; - "image/x-pcx" = "org.gnome.Loupe.desktop"; - "image/x-pict" = "org.gnome.Loupe.desktop"; - "image/x-portable-anymap" = "org.gnome.Loupe.desktop"; - "image/x-portable-bitmap" = "org.gnome.Loupe.desktop"; - "image/x-portable-graymap" = "org.gnome.Loupe.desktop"; - "image/x-portable-greymap" = "org.gnome.Loupe.desktop"; - "image/x-portable-pixmap" = "org.gnome.Loupe.desktop"; - "image/x-quicktime" = "org.gnome.Loupe.desktop"; - "image/x-rgb" = "org.gnome.Loupe.desktop"; - "image/x-tiff" = "org.gnome.Loupe.desktop"; - "image/x-windows-bmp" = "org.gnome.Loupe.desktop"; - "image/x-xbitmap" = "org.gnome.Loupe.desktop"; - "image/x-xbm" = "org.gnome.Loupe.desktop"; - "image/x-xpixmap" = "org.gnome.Loupe.desktop"; - "image/x-xwd" = "org.gnome.Loupe.desktop"; - "image/x-xwindowdump" = "org.gnome.Loupe.desktop"; - "image/xbm" = "org.gnome.Loupe.desktop"; - "image/xpm" = "org.gnome.Loupe.desktop"; - }; -} diff --git a/nixos/hosts/main/cryptocurrency.nix b/nixos/hosts/main/cryptocurrency.nix new file mode 100644 index 0000000..0523912 --- /dev/null +++ b/nixos/hosts/main/cryptocurrency.nix @@ -0,0 +1,57 @@ +{ + inputs, + ... +}: + +{ + imports = [ + "${inputs.nix-bitcoin}/modules/modules.nix" + ]; + + config = { + + services.bitcoind = { + enable = true; + listen = true; + txindex = true; + disablewallet = true; + extraConfig = '' + coinstatsindex=1 + maxmempool=2048 + persistmempool=1 + ''; + tor.proxy = true; + rpc.address = "0.0.0.0"; + rpc.allowip = [ + "10.0.0.0/8" + "172.16.0.0/12" + "192.168.0.0/16" + ]; + }; + + services.electrs = { + enable = true; + }; + + services.monero = { + enable = true; + extraConfig = '' + proxy=127.0.0.1:9050 + igd=disabled + ''; + }; + + services.tor.client.enable = true; + + nix-bitcoin = { + onionServices = { + bitcoind = { + public = true; + }; + }; + generateSecrets = true; + secretsDir = "/var/nix-bitcoin"; + configVersion = "0.0.121"; + }; + }; +} diff --git a/nixos/hosts/main/default.nix b/nixos/hosts/main/default.nix new file mode 100644 index 0000000..c035fd0 --- /dev/null +++ b/nixos/hosts/main/default.nix @@ -0,0 +1,98 @@ +{ + inputs, + config, + pkgs, + self, + ... +}: + +{ + imports = [ + ../../modules/core.nix + ../../modules/core-desktop.nix + ../../modules/nvidia.nix + ../../modules/docker.nix + ../../modules/razer.nix + ../../modules/desktopManagers/cosmic.nix + ../../modules/displayManagers/cosmic-greeter.nix + ../../modules/shell.nix + ../../modules/virtualization.nix + ../../modules/polkit/disable-shutdown.nix + ../../modules/locale.nix + ../../modules/adb.nix + ../../modules/account.nix + ../../modules/services/nix-binary-cache.nix + ../../modules/udev.nix + ../../modules/gnupg.nix + + "${inputs.nixos-vscode-server}" + + ./cryptocurrency.nix + ]; + + config = { + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "wroclaw-main"; + + services.printing.drivers = with pkgs; [ + hplip + ]; + + nixpkgs.overlays = [ + self.overlays.cosmicPackages + ]; + nixpkgs.config = { + cudaSupport = true; + }; + + # nixos-vscode-server module needs this + programs.nix-ld.enable = true; + services.vscode-server = { + enable = true; + extraRuntimeDependencies = with pkgs; [ + docker + ]; + }; + + services.pipewire.wireplumber.configPackages = [( + pkgs.stdenvNoCC.mkDerivation { + name = "wireplumber-config"; + src = ./wireplumber; + phases = [ "installPhase" ]; + installPhase = '' + mkdir -p $out/share/wireplumber/wireplumber.conf.d + cp -r $src/* $out/share/wireplumber/wireplumber.conf.d + ''; + } + )]; + + services.printing.startWhenNeeded = false; + + # rgb control for razer, graphics card and motherboard + hardware.i2c.enable = true; + services.hardware.openrgb.enable = true; + + services.ollama = { + enable = true; + port = 1434; + acceleration = "cuda"; + package = pkgs.unstable.ollama; + host = "0.0.0.0"; + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + }; + + environment.sessionVariables = { + OLLAMA_HOST = "127.0.0.1:${builtins.toString config.services.ollama.port}"; + }; + + nixpkgs.hostPlatform = "x86_64-linux"; + + system.stateVersion = "24.11"; + }; +} diff --git a/hosts/main/wireplumber/51-digital-output.conf b/nixos/hosts/main/wireplumber/51-digital-output.conf similarity index 100% rename from hosts/main/wireplumber/51-digital-output.conf rename to nixos/hosts/main/wireplumber/51-digital-output.conf diff --git a/hosts/main/wireplumber/51-hdmi-otuput.conf b/nixos/hosts/main/wireplumber/51-hdmi-otuput.conf similarity index 100% rename from hosts/main/wireplumber/51-hdmi-otuput.conf rename to nixos/hosts/main/wireplumber/51-hdmi-otuput.conf diff --git a/hosts/main/wireplumber/51-razerHeadphones-device.conf b/nixos/hosts/main/wireplumber/51-razerHeadphones-device.conf similarity index 100% rename from hosts/main/wireplumber/51-razerHeadphones-device.conf rename to nixos/hosts/main/wireplumber/51-razerHeadphones-device.conf diff --git a/hosts/main/wireplumber/51-razerHeadphones-input.conf b/nixos/hosts/main/wireplumber/51-razerHeadphones-input.conf similarity index 100% rename from hosts/main/wireplumber/51-razerHeadphones-input.conf rename to nixos/hosts/main/wireplumber/51-razerHeadphones-input.conf diff --git a/hosts/main/wireplumber/51-razerHeadphones-output.conf b/nixos/hosts/main/wireplumber/51-razerHeadphones-output.conf similarity index 100% rename from hosts/main/wireplumber/51-razerHeadphones-output.conf rename to nixos/hosts/main/wireplumber/51-razerHeadphones-output.conf diff --git a/nixos/hosts/tablet.nix b/nixos/hosts/tablet.nix new file mode 100644 index 0000000..a2f6de1 --- /dev/null +++ b/nixos/hosts/tablet.nix @@ -0,0 +1,60 @@ +{ + self, + ... +}: + +{ + imports = [ + ../modules/core.nix + ../modules/core-desktop.nix + ../modules/account.nix + ../modules/adb.nix + ../modules/locale.nix + ../modules/shell.nix + ../modules/gnupg.nix + ../modules/polkit/network.nix + + ../modules/desktopManagers/cosmic.nix + ../modules/displayManagers/cosmic-greeter.nix + ../modules/udev.nix + ]; + + config = { + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "wroclaw-hp"; + networking.networkmanager.enable = true; + networking.firewall.enable = true; + hardware.sensor.iio.enable = true; + + nixpkgs.overlays = [ + self.overlays.cosmicPackages + ]; + + networking.firewall.allowedTCPPortRanges = [ + # KDE Connect + rec { from = 1714; to = from + 50; } + ]; + + networking.firewall.allowedUDPPortRanges = [ + # KDE Connect + rec { from = 1714; to = from + 50; } + ]; + + services.logind = { + powerKey = "suspend"; + powerKeyLongPress = "poweroff"; + suspendKey = "suspend-then-hibernate"; + suspendKeyLongPress = "hibernate"; + lidSwitch = "lock"; + lidSwitchDocked = "ignore"; + lidSwitchExternalPower = "lock"; + }; + + nixpkgs.hostPlatform = "x86_64-linux"; + + system.stateVersion = "24.11"; + }; +} + diff --git a/nixos/hosts/vm-base.nix b/nixos/hosts/vm-base.nix new file mode 100644 index 0000000..d7bb7c3 --- /dev/null +++ b/nixos/hosts/vm-base.nix @@ -0,0 +1,25 @@ +{ lib, modulesPath, ... }: + +{ + imports = [ + "${modulesPath}/virtualisation/qemu-vm.nix" + ../modules/account.nix + ../modules/core.nix + ../modules/core-desktop.nix + ../modules/locale.nix + ../modules/polkit/disable-shutdown.nix + ../modules/shell.nix + ../modules/udev.nix + ]; + + config = { + services.syncthing.enable = lib.mkForce false; + virtualisation = { + memorySize = 4096; + }; + virtualisation.forwardPorts = [ + { from = "host"; host.port = 2222; guest.port = 22; } + ]; + nixpkgs.hostPlatform = "x86_64-linux"; + }; +} diff --git a/hosts/vm-cosmic.nix b/nixos/hosts/vm-cosmic.nix similarity index 79% rename from hosts/vm-cosmic.nix rename to nixos/hosts/vm-cosmic.nix index c842604..dc5e77c 100644 --- a/hosts/vm-cosmic.nix +++ b/nixos/hosts/vm-cosmic.nix @@ -3,8 +3,8 @@ { imports = [ ./vm-base.nix - ../nix-os/desktopManagers/cosmic.nix - ../nix-os/displayManagers/cosmic-greeter.nix + ../modules/desktopManagers/cosmic.nix + ../modules/displayManagers/cosmic-greeter.nix ]; config = { diff --git a/nixos/hosts/vm-gnome.nix b/nixos/hosts/vm-gnome.nix new file mode 100644 index 0000000..ff6a41e --- /dev/null +++ b/nixos/hosts/vm-gnome.nix @@ -0,0 +1,9 @@ +{ lib, ... }: + +{ + imports = [ + ./vm-base.nix + ../modules/desktopManagers/gnome.nix + ../modules/displayManagers/gdm.nix + ]; +} diff --git a/nixos/modules/account.nix b/nixos/modules/account.nix new file mode 100644 index 0000000..35b48ae --- /dev/null +++ b/nixos/modules/account.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, unstablePkgs, ... }: + +{ + imports = [ + ./unstable-packages.nix + ]; + config = { + users.users.wroclaw = { + isNormalUser = true; + description = "Rafał"; + group = "wroclaw"; + extraGroups = [ + "users" + "wheel" + ] ++ lib.optional config.programs.adb.enable "adbusers"; + linger = true; + initialPassword = "nixos"; + packages = with pkgs; [ + firefox + (vivaldi.override { + proprietaryCodecs = true; + commandLineArgs = [ "--ozone-platform=wayland" ]; + }) + vesktop + unstablePkgs.vscode + gimp3 + inkscape + jitsi-meet-electron + krita + telegram-desktop + unstablePkgs.zettlr + ]; + }; + users.groups.wroclaw.gid = 1000; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + }; + + services.syncthing = { + enable = true; + user = "wroclaw"; + group = "wroclaw"; + dataDir = "/home/wroclaw"; + configDir = "/home/wroclaw/.config/syncthing"; + }; + }; +} diff --git a/nix-os/adb.nix b/nixos/modules/adb.nix similarity index 100% rename from nix-os/adb.nix rename to nixos/modules/adb.nix diff --git a/nixos/modules/core-desktop.nix b/nixos/modules/core-desktop.nix new file mode 100644 index 0000000..d81ceec --- /dev/null +++ b/nixos/modules/core-desktop.nix @@ -0,0 +1,176 @@ +{config, lib, pkgs, ... }: + +{ + imports = [ + ./generic/mpv.nix + ./xdg-default-apps.nix + ]; + config = { + services.printing.enable = true; + + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + + # Enable audio interfaces renaming + wireplumber.enable = true; + wireplumber.extraConfig = { + "dont-switch-device-profiles"."wireplumber.settings"."bluetooth.autoswitch-to-headset-profile" = false; + }; + }; + + environment.systemPackages = with pkgs; [ + kdePackages.kdeconnect-kde + pcmanfm + pwvucontrol + qimgv + ]; + + programs.mpv = let + fetchMpvScript = {url, hash, scriptName}: pkgs.fetchurl { + inherit url hash; + name = "mpv-script-${scriptName}"; + recursiveHash = true; + downloadToTemp = true; + postFetch = '' + mkdir -p $out/share/mpv/scripts + mv $downloadedFile $out/share/mpv/scripts/${scriptName} + ''; + passthru.scriptName = scriptName; + }; + in { + enable = true; + scripts = [ + pkgs.mpvScripts.sponsorblock + pkgs.mpvScripts.mpris + ] ++ lib.map (script: fetchMpvScript { + url = "https://raw.githubusercontent.com/occivink/mpv-scripts/d0390c8e802c2e888ff4a2e1d5e4fb040f855b89/scripts/${script.name}"; + hash = script.hash; + scriptName = script.name; + }) [ + { name = "crop.lua"; hash = "sha256-/uaTCtV8Aanvnxrt8afBbO4uu2xp8Ec6DxApMb+fg2s="; } + { name = "encode.lua"; hash = "sha256-yK/DV0cpGhl4Uobl7xA1myZiECJpsShrHnsJftBqzAY="; } + ]; + settings = { + mpv = { + keep-open = "yes"; + volume = "40"; + osd-fractions = "yes"; + background = "none"; + border = "no"; + }; + input = lib.mkMerge [ + # mpv core + '' + Alt+1 set window-scale 0.125 + Alt+2 set window-scale 0.25 + Alt+3 set window-scale 0.5 + Alt+4 set window-scale 1 + Alt+5 set window-scale 2 + '' + # crop.lua + '' + c script-message-to crop start-crop hard + alt+c script-message-to crop start-crop soft + ctrl+shift+c script-message-to crop start-crop delogo + C script-message-to crop toggle-crop hard + '' + # encode.lua + '' + b script-message-to encode encode_default + alt+b script-message-to encode set-timestamp encode_default + '' + ]; + script-opts = { + "encode_default.conf" = { + only_active_tracks = "no"; + preserve_filters = "yes"; + append_filder = ""; + codec = ""; + output_format = "$f_$n.$x"; + output_dir = "/tmp"; + detached = "no"; + ffmpeg_command = lib.getExe pkgs.ffmpeg; + }; + }; + }; + }; + + # Fonts + fonts.packages = with pkgs; [ + corefonts + nerd-fonts.meslo-lg + roboto + ]; + + # Pcmanfm configuration + environment.etc."xdg/pcmanfm/default/pcmanfm.conf".text = '' + [config] + bm_open_method=0 + + [volume] + mount_on_startup=0 + mount_removable=0 + autorun=0 + + [ui] + always_show_tabs=1 + max_tab_chars=32 + media_in_new_tab=0 + desktop_folder_new_win=0 + change_tab_on_drop=1 + close_on_unmount=1 + focus_previous=1 + side_pane_mode=places + view_mode=list + show_hidden=1 + sort=name;ascending; + toolbar=newwin;newtab;navigation;home; + show_statusbar=1 + pathbar_mode_buttons=0 + ''; + + environment.etc."xdg/libfm/libfm.conf".text = '' + [config] + single_click=0 + use_trash=1 + confirm_del=1 + confirm_trash=1 + advanced_mode=0 + si_unit=0 + force_startup_notify=1 + backup_as_hidden=1 + no_usb_trash=1 + no_child_non_expandable=0 + show_full_names=0 + only_user_templates=0 + drop_default_action=auto + terminal=${lib.optionalString (lib.elem pkgs.kitty config.environment.systemPackages) "kitty"} + archiver=file-roller + thumbnail_local=1 + thumbnail_max=16384 + + [ui] + big_icon_size=48 + small_icon_size=16 + pane_icon_size=16 + thumbnail_size=128 + show_thumbnail=1 + shadow_hidden=1 + + [places] + places_home=1 + places_desktop=1 + places_root=1 + places_computer=1 + places_trash=1 + places_applications=1 + places_network=1 + places_unmounted=1 + ''; + }; +} diff --git a/nixos/modules/core.nix b/nixos/modules/core.nix new file mode 100644 index 0000000..0fece8a --- /dev/null +++ b/nixos/modules/core.nix @@ -0,0 +1,93 @@ +{ + inputs, + lib, + pkgs, + self, + ... +}: + +{ + imports = [ + ./module-overrides.nix + ./nix.nix + ]; + config = { + + # kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + # Enable networking + networking.networkmanager.enable = true; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + nix = { + channel.enable = false; + settings = { + auto-optimise-store = true; + experimental-features = [ + "no-url-literals" + ]; + }; + nixPath = [ + "nixpkgs=${pkgs.selfExpr { useConfig = false; }}" + "systemNixpkgs=${pkgs.selfExpr { useConfig = true; name = "systemNixpkgs-self"; }}" + # don't garbage collect the nixpkgs input + "inputsNixpkgs=${inputs.nixpkgs}" + "nixos-system=/etc/nixos/default.nix" + ]; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + waypipe + wget + ffmpeg + yt-dlp + htop + btop + fastfetch + smartmontools + ddrescue + ]; + programs.git.enable = true; + programs.git.config = { + commit.verbose = true; + init.defaultBranch = "main"; + merge.conflictstyle = "diff3"; + rerere.enabled = true; + }; + + # Use nix-index for command-not-found handler + programs.command-not-found.enable = false; + programs.nix-index = { + package = pkgs.nix-index.override { + nix-index-unwrapped = pkgs.nix-index-unwrapped.overrideAttrs (oldAttrs: { + patches = oldAttrs.patches or [] ++ [ + ( builtins.path { path = "${self}/pkgs/by-name/ni/nix-index/cnfOutput.patch"; } ) + ]; + }); + + }; + enable = true; + enableBashIntegration = true; + }; + + # Enable fail2ban because of the OpenSSH server + services.fail2ban = { + enable = true; + maxretry = 10; + bantime = "7d"; + }; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + ports = [ + 22 + 8022 + ]; + }; + }; +} diff --git a/nix-os/dconf-common.nix b/nixos/modules/dconf-common.nix similarity index 96% rename from nix-os/dconf-common.nix rename to nixos/modules/dconf-common.nix index 967d28f..bb88fcc 100644 --- a/nix-os/dconf-common.nix +++ b/nixos/modules/dconf-common.nix @@ -59,18 +59,17 @@ "workspace-indicator@gnome-shell-extensions.gcampax.github.com" "Vitals@CoreCoding.com" "trayIconsReloaded@selfmade.pl" - "places-menu@gnome-shell-extensions.gcampax.github.com" - "apps-menu@gnome-shell-extensions.gcampax.github.com" "top-bar-organizer@julian.gse.jsts.xyz" "color-picker@tuberry" ]; favorite-apps = [ "kitty.desktop" + "pcmanfm.desktop" "vivaldi-stable.desktop" "code.desktop" "org.gnome.Nautilus.desktop" "steam.desktop" - "pavucontrol.desktop" + "com.saivert.pwvucontrol.desktop" ]; }; @@ -92,6 +91,7 @@ active-hint-border-radius = mkUint32 1; gap-inner = mkUint32 2; gap-outer = mkUint32 1; + hint-color-rgba = "rgb(161,192,235)"; show-skip-taskbar = true; show-title = true; smart-gaps = false; diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/enable_drag_source b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/enable_drag_source new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/enable_drag_source @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/favorites b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/favorites new file mode 100644 index 0000000..d926828 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/favorites @@ -0,0 +1,11 @@ +[ + "kitty", + "vivaldi-stable", + "pcmanfm", + "code", + "steam", + "vesktop", + "org.telegram.desktop", + "jitsi-meet-electron", + "com.saivert.pwvucontrol", +] diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/filter_top_levels b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/filter_top_levels new file mode 100644 index 0000000..4af1832 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppList/v1/filter_top_levels @@ -0,0 +1 @@ +None \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/military_time b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/military_time new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/military_time @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/show_seconds b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/show_seconds new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicAppletTime/v1/show_seconds @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/all b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/all new file mode 100644 index 0000000..c817dfe --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/all @@ -0,0 +1,9 @@ +( + output: "all", + source: Path("@wallpaper@"), + filter_by_theme: true, + rotation_frequency: 300, + filter_method: Lanczos, + scaling_mode: Zoom, + sampling_method: Alphanumeric, +) diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/same-on-all b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/same-on-all new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicBackground/v1/same-on-all @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile_behavior b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile_behavior new file mode 100644 index 0000000..bca87fc --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/autotile_behavior @@ -0,0 +1 @@ +PerWorkspace \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor_delay b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor_delay new file mode 100644 index 0000000..e373ee6 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/focus_follows_cursor_delay @@ -0,0 +1 @@ +50 diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/workspaces b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/workspaces new file mode 100644 index 0000000..9518393 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicComp/v1/workspaces @@ -0,0 +1,4 @@ +( + workspace_mode: OutputBound, + workspace_layout: Horizontal, +) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicFiles/v1/desktop b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicFiles/v1/desktop new file mode 100644 index 0000000..18697b8 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicFiles/v1/desktop @@ -0,0 +1,5 @@ +( + show_content: false, + show_mounted_drives: false, + show_trash: false, +) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor new file mode 100644 index 0000000..752ed40 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor @@ -0,0 +1 @@ +Bottom \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor_gap b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor_gap new file mode 100644 index 0000000..02e4a84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/anchor_gap @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/autohide b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/autohide new file mode 100644 index 0000000..cd1a18b --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/autohide @@ -0,0 +1,5 @@ +Some(( + wait_time: 1000, + transition_time: 200, + handle_size: 4, +)) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/border_radius b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/border_radius new file mode 100644 index 0000000..1568d2c --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/border_radius @@ -0,0 +1 @@ +@corner_radii_panel@ diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/exclusive_zone b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/exclusive_zone new file mode 100644 index 0000000..02e4a84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/exclusive_zone @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/layer b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/layer new file mode 100644 index 0000000..b095f04 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/layer @@ -0,0 +1 @@ +Top \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_center b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_center new file mode 100644 index 0000000..2d2d39c --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_center @@ -0,0 +1,5 @@ +Some([ + "com.system76.CosmicAppList", + "com.system76.CosmicAppletMinimize", + "com.system76.CosmicPanelAppButton", +]) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_wings b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_wings new file mode 100644 index 0000000..4af1832 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Dock/v1/plugins_wings @@ -0,0 +1 @@ +None \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor new file mode 100644 index 0000000..b095f04 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor @@ -0,0 +1 @@ +Top \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor_gap b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor_gap new file mode 100644 index 0000000..02e4a84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/anchor_gap @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/layer b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/layer new file mode 100644 index 0000000..b095f04 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/layer @@ -0,0 +1 @@ +Top \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_center b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_center new file mode 100644 index 0000000..2434167 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_center @@ -0,0 +1,3 @@ +Some([ + "com.system76.CosmicAppletTime", +]) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_wings b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_wings new file mode 100644 index 0000000..88477bc --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicPanel.Panel/v1/plugins_wings @@ -0,0 +1,14 @@ +Some(([ + "com.system76.CosmicPanelAppButton", + "com.system76.CosmicAppletWorkspaces", +], [ + "com.system76.CosmicAppletStatusArea", + "com.system76.CosmicAppletInputSources", + "com.system76.CosmicAppletTiling", + "com.system76.CosmicAppletAudio", + "com.system76.CosmicAppletNetwork", + "com.system76.CosmicAppletBattery", + "com.system76.CosmicAppletNotifications", + "com.system76.CosmicAppletBluetooth", + "com.system76.CosmicAppletPower", +])) diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicSettings.Shortcuts/v1/custom b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicSettings.Shortcuts/v1/custom new file mode 100644 index 0000000..cf90d84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicSettings.Shortcuts/v1/custom @@ -0,0 +1,36 @@ +{ + ( + modifiers: [ + Ctrl, + Alt, + ], + key: "t", + description: Some("Open terminal"), + ): Spawn("kitty"), + ( + modifiers: [ + Super, + Shift, + ], + key: "s", + ): System(Screenshot), + ( + modifiers: [ + Super, + Ctrl, + ], + key: "l", + ): System(LockScreen), + ( + modifiers: [ + Super, + ], + ): System(Launcher), + ( + modifiers: [ + Super, + Alt, + ], + key: "g", + ): ToggleSticky, +} diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/active_hint b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/active_hint new file mode 100644 index 0000000..d8263ee --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/active_hint @@ -0,0 +1 @@ +2 \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/corner_radii b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/corner_radii new file mode 100644 index 0000000..00aa3ff --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/corner_radii @@ -0,0 +1,8 @@ +( + radius_0: (0.0, 0.0, 0.0, 0.0), + radius_xs: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_s: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_m: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_l: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_xl: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), +) diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/gaps b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/gaps new file mode 100644 index 0000000..7ed1e48 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Dark/v1/gaps @@ -0,0 +1 @@ +(0, 4) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/active_hint b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/active_hint new file mode 100644 index 0000000..d8263ee --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/active_hint @@ -0,0 +1 @@ +2 \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/corner_radii b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/corner_radii new file mode 100644 index 0000000..00aa3ff --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/corner_radii @@ -0,0 +1,8 @@ +( + radius_0: (0.0, 0.0, 0.0, 0.0), + radius_xs: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_s: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_m: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_l: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), + radius_xl: (@corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@, @corner_radii_theme@), +) diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/gaps b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/gaps new file mode 100644 index 0000000..7ed1e48 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Light/v1/gaps @@ -0,0 +1 @@ +(0, 4) \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Mode/v1/is_dark b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Mode/v1/is_dark new file mode 100644 index 0000000..f32a580 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTheme.Mode/v1/is_dark @@ -0,0 +1 @@ +true \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_maximize b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_maximize new file mode 100644 index 0000000..02e4a84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_maximize @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_minimize b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_minimize new file mode 100644 index 0000000..02e4a84 --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic-config/com.system76.CosmicTk/v1/show_minimize @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/nixos/modules/desktopManagers/cosmic.nix b/nixos/modules/desktopManagers/cosmic.nix new file mode 100644 index 0000000..3e623cf --- /dev/null +++ b/nixos/modules/desktopManagers/cosmic.nix @@ -0,0 +1,67 @@ +{ + inputs, + lib, + pkgs, + self, + ... +}: + +let + cosmic-configuration = pkgs.stdenv.mkDerivation { + name = "cosmic-configuration"; + src = ./cosmic-config; + outputs = [ "out" "share" ]; + dontConfigure = true; + buildPhase = '' + for file in $(find . -type f); do + substituteInPlace "$file" \ + --subst-var-by wallpaper "${builtins.path { path = "${self}/media/wallpaper.png"; }}" \ + --subst-var-by corner_radii_theme "2.0" \ + --subst-var-by corner_radii_panel "2" + done + ''; + installPhase = '' + mkdir -p $out $share/share/cosmic + cp -r ./* $out/ + cp -r ./* $share/share/cosmic/ + ''; + }; +in + +{ + imports = [ + "${inputs.cosmic-modules}/nixos/cosmic/module.nix" + "${self}/nixos/modules/generic/dconf.nix" + ]; + config = { + services.desktopManager.cosmic.enable = true; + environment.cosmic.excludePackages = with pkgs; [ + cosmic-edit + cosmic-player + cosmic-term + ]; + environment.systemPackages = with pkgs; [ + (lib.hiPrio cosmic-configuration.share) + google-cursor + ]; + services.gnome.gnome-keyring.enable = true; + + proot.dconf = { + rules."org/gnome/desktop/interface".cursor-theme = "GoogleDot-White"; + profiles.user.rulesToApply = [ + "org/gnome/desktop/interface" + ]; + }; + + environment.sessionVariables = { + XCURSOR_SIZE = "16"; + XCURSOR_THEME = "GoogleDot-White"; + }; + + environment.etc."xdg/gtk-3.0/settings.ini".text = '' + [Settings] + gtk-cursor-theme-name=GoogleDot-White + gtk-application-prefer-dark-theme=true + ''; + }; +} diff --git a/nix-os/desktopManagers/gnome.nix b/nixos/modules/desktopManagers/gnome.nix similarity index 87% rename from nix-os/desktopManagers/gnome.nix rename to nixos/modules/desktopManagers/gnome.nix index f3512b5..c1d691c 100644 --- a/nix-os/desktopManagers/gnome.nix +++ b/nixos/modules/desktopManagers/gnome.nix @@ -68,6 +68,7 @@ in gnome.seahorse gnome.totem gnome.yelp + gnome.nautilus ]; environment.systemPackages = with pkgs; [ @@ -79,9 +80,14 @@ in gnomeExtensions.top-bar-organizer # unstablePkgs.gnomeExtensions.translate-indicator # translate-shell - pavucontrol - #FIXME: Apply the cursor theme also in GTK3 config google-cursor ]; + + environment.etc."xdg/gtk-3.0/settings.ini".text = '' + [Settings] + gtk-cursor-theme-name=${config.proot.dconf.rules."org/gnome/desktop/interface".cursor-theme} + '' + lib.optionalString (lib.hasInfix "dark" config.proot.dconf.rules."org/gnome/desktop/interface".color-scheme) '' + gtk-application-prefer-dark-theme=true + ''; }; } diff --git a/nix-os/displayManagers/cosmic-greeter.nix b/nixos/modules/displayManagers/cosmic-greeter.nix similarity index 100% rename from nix-os/displayManagers/cosmic-greeter.nix rename to nixos/modules/displayManagers/cosmic-greeter.nix diff --git a/nix-os/displayManagers/gdm.nix b/nixos/modules/displayManagers/gdm.nix similarity index 100% rename from nix-os/displayManagers/gdm.nix rename to nixos/modules/displayManagers/gdm.nix diff --git a/nixos/modules/docker.nix b/nixos/modules/docker.nix new file mode 100644 index 0000000..747b2f6 --- /dev/null +++ b/nixos/modules/docker.nix @@ -0,0 +1,41 @@ +{ lib, config, pkgs, ... }: + +{ + config = { + virtualisation.docker = { + enable = true; + enableOnBoot = true; + storageDriver = if config.fileSystems."/".fsType == "btrfs" then "btrfs" else null; + rootless.enable = true; + rootless.setSocketVariable = true; + daemon.settings = { + default-address-pools = [ + {base = "10.64.0.0/10"; size = 24;} + ]; + bip = "10.127.0.1/16"; + }; + }; + users.users.indocker = { + isSystemUser = true; + hashedPassword = "!"; + uid = 900; + group = "indocker"; + }; + users.groups.indocker = { + gid = 900; + }; + environment.systemPackages = with pkgs; [ + docker-compose + ]; + + # Docker enables firewall anyway, let's enable the firewall for it if it's disabled + # TODO: Apply only when config.networking.firewall is false + networking.firewall = { + enable = lib.mkOverride 90 true; + allowedTCPPorts = lib.mkOverride 90 []; + allowedUDPPorts = lib.mkOverride 90 []; + allowedTCPPortRanges = lib.mkOverride 90 [{ from = 0; to = 65535;}]; + allowedUDPPortRanges = lib.mkOverride 90 [{ from = 0; to = 65535;}]; + }; + }; +} diff --git a/nix-os/generic/dconf.nix b/nixos/modules/generic/dconf.nix similarity index 74% rename from nix-os/generic/dconf.nix rename to nixos/modules/generic/dconf.nix index dfcdc04..0ef11d7 100644 --- a/nix-os/generic/dconf.nix +++ b/nixos/modules/generic/dconf.nix @@ -10,12 +10,12 @@ let rulesToApply = lib.mkOption { type = lib.types.listOf lib.types.str; default = lib.attrNames cfg.rules; - description = lib.mdDoc "A list of rules keys to apply for profile"; + description = "A list of rules keys to apply for profile"; }; extraRules = lib.mkOption { type = lib.types.attrs; default = {}; - description = lib.mdDoc "An attrset of additional dconf rules to apply ontop of selected"; + description = "An attrset of additional dconf rules to apply ontop of selected"; }; }; }; @@ -31,12 +31,12 @@ in rules = lib.mkOption { type = lib.types.attrs; default = {}; - description = lib.mdDoc "An attrset of dconf rules to pull from"; + description = "An attrset of dconf rules to pull from"; }; profiles = lib.mkOption { type = lib.types.attrsOf profileOpts; default = {}; - description = lib.mdDoc "An attret of profiles to create, with pulled rules"; + description = "An attret of profiles to create, with pulled rules"; }; }; diff --git a/nixos/modules/generic/mpv.nix b/nixos/modules/generic/mpv.nix new file mode 100644 index 0000000..c2c780c --- /dev/null +++ b/nixos/modules/generic/mpv.nix @@ -0,0 +1,91 @@ +{config, lib, options, pkgs, ... }: + +let + cfg = config.programs.mpv; + opts = options.programs.mpv; + + toMpvIniString = attrset: lib.pipe attrset [ + (lib.mapAttrsToList (name: value: "${name}=${value}")) + (lib.concatStringsSep "\n") + ]; + + configDir = pkgs.symlinkJoin { + name = "mpv-config-dir"; + paths = lib.optional opts.settings.mpv.isDefined (pkgs.writeTextFile { + name = "mpv-config-dir-mpv.conf"; + destination = "/share/mpv/mpv.conf"; + text = toMpvIniString cfg.settings.mpv; + }) ++ lib.optional opts.settings.input.isDefined (pkgs.writeTextFile { + name = "mpv-config-dir-input.conf"; + destination = "/share/mpv/input.conf"; + text = cfg.settings.input; + }) ++ lib.mapAttrsToList (filename: opts: pkgs.writeTextFile { + name = "mpv-config-dir-script-opts-${filename}"; + destination = "/share/mpv/script-opts/${filename}"; + text = toMpvIniString opts; + }) cfg.settings.script-opts; + }; + + wrappedMpv = cfg.package.wrapper { + mpv = cfg.package; + youtubeSupport = cfg.youtubeSupport; + scripts = cfg.scripts; + extraMakeWrapperArgs = lib.optionals (lib.any (x: x) [ + opts.settings.mpv.isDefined + opts.settings.input.isDefined + (lib.length (lib.attrNames cfg.settings.script-opts) > 0) + ]) [ + "--add-flags" "--config-dir='${configDir}/share/mpv'" + ]; + }; +in +{ + options.programs.mpv = { + enable = lib.mkEnableOption "mpv"; + package = lib.mkPackageOption pkgs "mpv-unwrapped" {}; + scripts = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = []; + }; + youtubeSupport = lib.mkEnableOption "yt-dlp support for mpv" // { + default = true; + }; + settings = let + mpvini = lib.types.attrsOf lib.types.str; + in { + script-opts = lib.mkOption { + type = lib.types.attrsOf mpvini; + default = {}; + example = { + "crop.conf".draw_crosshair = "yes"; + }; + description = '' + A map of script options for mpv scripts. + The key is the filename of the script, and the value is a map of options. + ''; + }; + input = lib.mkOption { + type = lib.types.separatedString "\n"; + example = '' + Alt+1 set window-scale 0.125 + ''; + description = '' + A list of input commands to be added to the input.conf file. + ''; + }; + mpv = lib.mkOption { + type = mpvini; + example = { + keep-open = "yes"; + osd-fractions = "yes"; + }; + description = '' + A map of mpv options. + ''; + }; + }; + }; + config = lib.mkIf cfg.enable { + environment.systemPackages = [ wrappedMpv ]; + }; +} diff --git a/nix-os/gnupg.nix b/nixos/modules/gnupg.nix similarity index 52% rename from nix-os/gnupg.nix rename to nixos/modules/gnupg.nix index 1c9b20e..48ad562 100644 --- a/nix-os/gnupg.nix +++ b/nixos/modules/gnupg.nix @@ -5,11 +5,15 @@ # Use pcscd for smartcard support services.pcscd.enable = true; - environment.systemPackages = [( - pkgs.gnupg.overrideAttrs (superAttrs: { + programs.gnupg = { + package = pkgs.gnupg.overrideAttrs (superAttrs: { configureFlags = superAttrs.configureFlags or [] ++ [ "--disable-ccid-driver" ]; - }) - )]; + }); + agent = { + enable = true; + pinentryPackage = pkgs.pinentry-qt; + }; + }; }; } diff --git a/nix-os/locale.nix b/nixos/modules/locale.nix similarity index 98% rename from nix-os/locale.nix rename to nixos/modules/locale.nix index faf0f89..3f56bde 100644 --- a/nix-os/locale.nix +++ b/nixos/modules/locale.nix @@ -1,5 +1,3 @@ -{ ... }: - { config = { # Set your time zone. diff --git a/nixos/modules/module-overrides.nix b/nixos/modules/module-overrides.nix new file mode 100644 index 0000000..ea19150 --- /dev/null +++ b/nixos/modules/module-overrides.nix @@ -0,0 +1,43 @@ +{ + lib, + modulesPath, + ... +}: + +let + moduleOverrides = [ + # NIXPKGS-PR: 359882 + { + disabledModules = [ + "${modulesPath}/system/boot/luksroot.nix" + ]; + replacementModules = [(builtins.fetchurl { + url = "https://raw.githubusercontent.com/amozeo/nixpkgs/728d5806fe6f975ba3843297332d12e13119fe86/nixos/modules/system/boot/luksroot.nix"; + sha256 = "0s2k8k6rrlwn2zb02q6fkvswln8w4hvh02hm4krqvkh46amyasyy"; + })]; + } + # NIXPKGS-PR: 394300 + { + disabledModules = [ + "${modulesPath}/hardware/openrazer.nix" + ]; + replacementModules = [ + (builtins.fetchurl { + url = "https://raw.githubusercontent.com/NixOS/nixpkgs/4a11562c20fbe7af7d5ac139dbf0f8d50ce276f6/nixos/modules/hardware/openrazer.nix"; + sha256 = "0n6kzrcwlmxgws4pmffyqagp2rxpfxmfjl11vgvlkjcbglg6fs7y"; + }) + ]; + } + ]; + + toModule = entry: { + imports = entry.replacementModules; + disabledModules = entry.disabledModules; + _file = let + info = builtins.unsafeGetAttrPos "disabledModules" entry; + in "${info.file}:L${info.line}"; + }; +in +{ + imports = lib.map toModule moduleOverrides; +} diff --git a/nixos/modules/nix.nix b/nixos/modules/nix.nix new file mode 100644 index 0000000..08b1707 --- /dev/null +++ b/nixos/modules/nix.nix @@ -0,0 +1,66 @@ +{ + lib, + pkgs, + ... +}: + +let + # bool -> nixpkgs[] + wrappedNixExecutables = inEnvironment: assert builtins.isBool inEnvironment; pkgs.symlinkJoin { + name = "${pkgs.nix.name}-wrap"; + paths = [ pkgs.nix ]; + nativeBuildInputs = [ + pkgs.makeWrapper + ]; + postBuild = '' + wrapProgram $out/bin/nix-build \ + --add-flags "--log-format" \ + --add-flags "bar${lib.optionalString inEnvironment "-with-logs"}" + wrapProgram $out/bin/nix-shell \ + --add-flags "--log-format" \ + --add-flags "bar" + wrapProgram $out/bin/nix-env \ + --add-flags "--log-format" \ + --add-flags "bar" + ''; + passthru = { + inherit (pkgs.nix) man meta version; + }; + }; + + # NIXPKGS-PR: 389487 + futureNixosExecutables = let + nixpkgs = builtins.fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/53a47a1c57b35bb5850cfb137d5c51ec6581152d.tar.gz"; + sha256 = "sha256-B2nuArKny9jHqEZewqlu61f/4/9lh65iGF9IKjeTc+c="; + }; + in pkgs.callPackage "${nixpkgs}/pkgs/os-specific/linux/nixos-rebuild/default.nix" {}; + + wrappedNixosExecutables = pkgs.symlinkJoin { + name = "${pkgs.nixos-rebuild.name}-wrap"; + paths = [ futureNixosExecutables ]; + nativeBuildInputs = [ + pkgs.makeWrapper + ]; + postBuild = '' + wrapProgram $out/bin/nixos-rebuild \ + --add-flags "--log-format" \ + --add-flags "bar" \ + --add-flags "--use-remote-sudo" + ''; + }; +in { + config = { + nix.package = wrappedNixExecutables false; + environment.systemPackages = [ + pkgs.nix-output-monitor + pkgs.nix-diff + pkgs.nix-tree + ] ++ lib.map (lib.hiPrio) [ + (wrappedNixExecutables true) + wrappedNixosExecutables + ]; + system.build.nixos-rebuild = lib.mkForce wrappedNixosExecutables; + system.tools.nixos-rebuild.enable = false; + }; +} diff --git a/nixos/modules/nvidia.nix b/nixos/modules/nvidia.nix new file mode 100644 index 0000000..ad6f2db --- /dev/null +++ b/nixos/modules/nvidia.nix @@ -0,0 +1,107 @@ +{ + config, + lib, + pkgs, + self, + ... +}: + +{ + config = { + hardware.graphics = { + enable = true; + enable32Bit = true; + }; + + # Workaround for nvidia driver ghost display + boot.kernelParams = [ "nvidia_drm.fbdev=1" ]; + + services.xserver.videoDrivers = ["nvidia"]; + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + open = false; + nvidiaSettings = true; + package = let + mkDriverArgs = { + version = "575.64"; + sha256_64bit = "sha256-6wG8/nOwbH0ktgg8J+ZBT2l5VC8G5lYBQhtkzMCtaLE="; + sha256_aarch64 = "sha256-uHj8fB1sSJfX0NWZEE1eZN1LQQkf7J0jPV3EeQCSG10="; + openSha256 = "sha256-y93FdR5TZuurDlxc/p5D5+a7OH93qU4hwQqMXorcs/g="; + settingsSha256 = "sha256-3BvryH7p0ioweNN4S8oLDCTSS47fQPWVYwNq4AuWQgQ="; + persistencedSha256 = "sha256-QkDNQKwCsakZOLcSie1NBiFCM5e5NFGiIKtPSFeWdXs="; + patches = [ + (pkgs.fetchpatch { + url = "https://raw.githubusercontent.com/rpmfusion/nvidia-kmod/020f5fabfb067150f8dd0d6e470a7a694f59eb59/Workaround-nv_vm_flags_-calling-GPL-only-code.patch"; + hash = "sha256-2WQs8WDVzNivwUSWn7t2hoduUVvmem5e+JpGt04380c="; + }) + ]; + }; + in ( config.boot.kernelPackages.nvidiaPackages.mkDriver mkDriverArgs ).overrideAttrs (super: { + passthru = super.passthru or {} // { + urls = { + x86_64 = [ + "https://download.nvidia.com/XFree86/Linux-x86_64/${mkDriverArgs.version}/NVIDIA-Linux-x86_64-${mkDriverArgs.version}.run" + "https://us.download.nvidia.com/XFree86/Linux-x86_64/${mkDriverArgs.version}/NVIDIA-Linux-x86_64-${mkDriverArgs.version}.run" + ]; + aarch64 = [ + "https://us.download.nvidia.com/XFree86/aarch64/${mkDriverArgs.version}/NVIDIA-Linux-aarch64-${mkDriverArgs.version}.run" + "https://download.nvidia.com/XFree86/Linux-aarch64/${mkDriverArgs.version}/NVIDIA-Linux-aarch64-${mkDriverArgs.version}.run" + ]; + }; + updateScript = pkgs.den-http-get-updater { + fileLocation = ( builtins.unsafeGetAttrPos "any" { any = null; } ).file; + previousVersion = mkDriverArgs.version; + versionUrl = "https://raw.githubusercontent.com/aaronp24/nvidia-versions/master/nvidia-versions.txt"; + extraPackages = with pkgs; [ + coreutils + gawk + gnugrep + ]; + contentParser = lib.concatStringsSep " | " [ + "echo \"$newVersion\"" + "grep current" + "awk '{print $3}'" + "sort -V" + "tail -n 1" + ]; + unpack = false; + prefetchList = lib.map (x: { + inherit (x) previousHash; + unpack = x.unpack or true; + prefetchUrlLocation = { + file = builtins.toString self + "/outputs.nix"; + # TODO: don't use already existing NixOS configuration + attrpath = "nixosConfigurations.main.config.hardware.nvidia.package.${x.locationAttrpath}"; + }; + }) [ + { + previousHash = mkDriverArgs.sha256_64bit; + locationAttrpath = "urls.x86_64"; + unpack = false; + } + { + previousHash = mkDriverArgs.sha256_aarch64; + locationAttrpath = "urls.aarch64"; + unpack = false; + } + { + previousHash = mkDriverArgs.openSha256; + locationAttrpath = "open.src.urls"; + } + { + previousHash = mkDriverArgs.settingsSha256; + locationAttrpath = "settings.src.urls"; + } + { + previousHash = mkDriverArgs.persistencedSha256; + locationAttrpath = "persistenced.src.urls"; + } + ]; + }; + }; + }); + }; + nixpkgs.config.nvidia.acceptLicense = true; + }; +} diff --git a/nixos/modules/polkit/disable-shutdown.nix b/nixos/modules/polkit/disable-shutdown.nix new file mode 100644 index 0000000..dc7343e --- /dev/null +++ b/nixos/modules/polkit/disable-shutdown.nix @@ -0,0 +1,44 @@ +{ + config = { + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + polkit.log("action=" + action); + polkit.log("subject=" + subject); + if ( + action.id == "org.freedesktop.login1.halt" || + action.id == "org.freedesktop.login1.halt-ignore-inhibit" || + action.id == "org.freedesktop.login1.halt-multiple-sessions" || + action.id == "org.freedesktop.login1.hibernate" || + action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" || + action.id == "org.freedesktop.login1.hibernate-multiple-sessions" || + action.id == "org.freedesktop.login1.inhibit-block-idle" || + action.id == "org.freedesktop.login1.inhibit-block-shutdown" || + action.id == "org.freedesktop.login1.inhibit-block-sleep" || + action.id == "org.freedesktop.login1.inhibit-handle-hibernate-key" || + action.id == "org.freedesktop.login1.inhibit-handle-lid-switch" || + action.id == "org.freedesktop.login1.inhibit-handle-power-key" || + action.id == "org.freedesktop.login1.inhibit-handle-reboot-key" || + action.id == "org.freedesktop.login1.inhibit-handle-suspend-key" || + action.id == "org.freedesktop.login1.power-off" || + action.id == "org.freedesktop.login1.power-off-ignore-inhibit" || + action.id == "org.freedesktop.login1.power-off-multiple-sessions" || + action.id == "org.freedesktop.login1.reboot" || + action.id == "org.freedesktop.login1.reboot-ignore-inhibit" || + action.id == "org.freedesktop.login1.reboot-multiple-sessions" || + action.id == "org.freedesktop.login1.set-reboot-parameter" || + action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-entry" || + action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-menu" || + action.id == "org.freedesktop.login1.set-reboot-to-firmware-setup" || + action.id == "org.freedesktop.login1.set-self-linger" || + action.id == "org.freedesktop.login1.set-user-linger" || + action.id == "org.freedesktop.login1.set-wall-message" || + action.id == "org.freedesktop.login1.suspend" || + action.id == "org.freedesktop.login1.suspend-ignore-inhibit" || + action.id == "org.freedesktop.login1.suspend-multiple-sessions" + ) { + return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO; + }; + }); + ''; + }; +} diff --git a/nixos/modules/polkit/network.nix b/nixos/modules/polkit/network.nix new file mode 100644 index 0000000..632cacf --- /dev/null +++ b/nixos/modules/polkit/network.nix @@ -0,0 +1,17 @@ +{ + config = { + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + // Allow to start and stop wireguard client services + if ( + action.id == "org.freedesktop.systemd1.manage-units" && + subject.isInGroup("users") && + action.lookup("unit") && + action.lookup("unit").match(/^wg-quick-.*\.service$/) + ) { + return polkit.Result.YES; + }; + }); + ''; + }; +} diff --git a/nixos/modules/razer.nix b/nixos/modules/razer.nix new file mode 100644 index 0000000..cfcda07 --- /dev/null +++ b/nixos/modules/razer.nix @@ -0,0 +1,36 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + config = { + hardware.openrazer = { + enable = true; + users = [ + "wroclaw" + ]; + # NIXPKGS-PR: 384992 + packages = let + oldVersion = pkgs.python3Packages.openrazer-daemon.version; + version = "3.10.3"; + in lib.mapAttrs (_: package: package.overrideAttrs (oldAttrs: { + version = lib.replaceStrings [ oldVersion ] [ version ] oldAttrs.version; + src = pkgs.fetchFromGitHub { + owner = "openrazer"; + repo = "openrazer"; + tag = "v${version}"; + hash = "sha256-M5g3Rn9WuyudhWQfDooopjexEgGVB0rzfJsPg+dqwn4="; + }; + })) { + kernel = config.boot.kernelPackages.openrazer; + daemon = pkgs.python3Packages.openrazer-daemon; + }; + }; + environment.systemPackages = with pkgs; [ + polychromatic + ]; + }; +} diff --git a/nixos/modules/services/nix-binary-cache.nix b/nixos/modules/services/nix-binary-cache.nix new file mode 100644 index 0000000..3dd7ad6 --- /dev/null +++ b/nixos/modules/services/nix-binary-cache.nix @@ -0,0 +1,54 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + services.nix-serve = { + keyName = lib.mkOption { + type = lib.types.str; + default = config.networking.fqdnOrHostName; + defaultText = "config.networking.fqdnOrHostName"; + description = "Name of the key when generating (usually domain name)"; + }; + publicKeyFile = lib.mkOption { + type = lib.types.path; + default = "/var/cache-pub-key.pem"; + description = "Path to the public key file"; + }; + }; + }; + config = { + services.nix-serve = { + enable = true; + package = pkgs.nix-serve-ng; + secretKeyFile = "/var/cache-priv-key.pem"; + }; + systemd.services.nix-serve-generate-key = let + inherit (config.services.nix-serve) keyName secretKeyFile publicKeyFile; + in { + description = "Ensure existence of nix binary cache signing key"; + wantedBy = [ config.systemd.services.nix-serve.name ]; + script = '' + if [ -f ${secretKeyFile} ]; then + echo "File ${secretKeyFile} already exists, nothing to do" >&2 + exit 0 + fi + if [ -a ${secretKeyFile} ]; then + echo "File ${secretKeyFile} is not a regular file" >&2 + exit 1 + fi + echo "Generating nix binary cache signing key" >&2 + touch ${secretKeyFile} + chmod 600 ${secretKeyFile} + mkdir -p $(dirname ${secretKeyFile}) + ${lib.getExe' pkgs.nix "nix-store"} --generate-binary-cache-key \ + ${keyName} ${secretKeyFile} ${publicKeyFile} + ''; + restartIfChanged = true; + }; + }; +} diff --git a/nixos/modules/shell.nix b/nixos/modules/shell.nix new file mode 100644 index 0000000..2c70c93 --- /dev/null +++ b/nixos/modules/shell.nix @@ -0,0 +1,187 @@ +{ config, pkgs, unstablePkgs, lib, ... }: + +let + aliasDrag = pkgs.writeScriptBin "drag" '' + ${pkgs.ripdrag}/bin/ripdrag -Axd $@ + ''; +in +{ + imports = [ + ./unstable-packages.nix + ]; + + config = { + environment.systemPackages = ( with pkgs; [ + aliasDrag + ranger-git + ripgrep + (kitty.overrideAttrs (superAttrs: { + patches = superAttrs.patches or [] ++ [ + (fetchpatch { + url = "https://github.com/AmirulAndalib/kitty/commit/61fd8c4003b361503160424cbed1960153f40290.patch"; + excludes = lib.map lib.escapeRegex [ + "docs/changelog.rst" + ]; + hash = "sha256-TqO/pLRkxN+Mz4nfNfTntGpPoy6OgbtAGmdohG/1BFs="; + }) + ]; + })) + zoxide + ]) ++ [ + ( + pkgs.writeScriptBin "nix-convert-hash" '' + ${lib.getExe' config.nix.package "nix"} --extra-experimental-features "nix-command" hash convert "$@" + '' + ) + ]; + + programs.bash.shellInit = '' + HISTCONTROL=ignoreboth + ''; + + programs.bash.interactiveShellInit = lib.mkMerge [ + '' + HISTCONTROL=ignoreboth + if test -n "$KITTY_INSTALLATION_DIR"; then + export KITTY_SHELL_INTEGRATION="enabled,no-sudo" + source "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash" + fi + alias bye=exit + '' + (lib.mkAfter '' + eval "''$(${lib.getExe pkgs.zoxide} init bash)" + '') + ]; + + environment.etc."xdg/kitty/kitty.conf".text = '' + font_family MesloLGS Nerd Font + font_size 10.0 + scrollback_lines 10000 + window_border_width 0.5 + window_padding_width 3 + ${if config.services.xserver.desktopManager.gnome.enable then "hide_window_decorations yes" else ""} + background_opacity 0.8 + dynamic_background_opacity yes + + map kitty_mod+alt+c copy_ansi_to_clipboard + ''; + + environment.etc."ranger/rc.conf".text = '' + eval import os; fm.set_option_from_string("preview_images", "true") if "KITTY_INSTALLATION_DIR" in os.environ else None; + eval import os; fm.set_option_from_string("preview_images_method", "kitty") if "KITTY_INSTALLATION_DIR" in os.environ else None; + set vcs_aware true + set show_hidden true + + alias drag shell ${pkgs.ripdrag}/bin/ripdrag -Axd %p & + map drag + ''; + + environment.etc."ranger/plugins/zoxide.py".source = pkgs.fetchFromGitHub { + owner = "jchook"; + repo = "ranger-zoxide"; + rev = "281828de060299f73fe0b02fcabf4f2f2bd78ab3"; + hash = "sha256-JEuyYSVa1NS3aftezEJx/k19lwwzf7XhqBCL0jH6VT4="; + } + /__init__.py; + + programs.direnv.enable = true; + + programs.neovim = { + enable = true; + viAlias = true; + vimAlias = true; + configure = { + customRC = '' + set number + set hlsearch + set incsearch + set tabstop=4 + set softtabstop=4 + set shiftwidth=4 + set expandtab + set autoindent + set updatetime=500 + colorscheme vim + + syntax on + set encoding=utf-8 + set wildmode=longest,list,full + set listchars=space:·,tab:┄┄» + set indentkeys-=0# + + " rainbow-delimeters-nvim + let g:rainbow_delimiters = { + \ 'strategy': { + \ ${"''"}: rainbow_delimiters#strategy.global, + \ }, + \ } + + " vim-gitguter + set signcolumn=yes + highlight SignColumn NONE + highlight GitGutterAdd ctermfg=2 guifg=#2ea043 + highlight GitGutterChange ctermfg=4 guifg=#0078d4 + highlight GitGutterDelete ctermfg=1 guifg=#f85149 + + lua require('guess-indent').setup {} + ''; + packages.myVimPackage = with pkgs.vimPlugins; { + start = [ + guess-indent-nvim + vim-visual-multi + autoclose-nvim + rainbow-delimiters-nvim + vimagit + vim-gitgutter + ]; + }; + }; + }; + + environment.variables = lib.mkIf config.programs.neovim.enable rec { + EDITOR = "/run/current-system/sw/bin/nvim"; + VISUAL = EDITOR; + }; + + programs.starship = { + enable = true; + settings = { + format = lib.concatStrings [ + "$all" + "\${custom.sshAuthSocket}" + "$line_break" + "\${custom.ranger}" + "$jobs" + "$battery" + "$time" + "$status" + "$os" + "$container" + "$shell" + "$character" + ]; + directory = { + truncation_length = 5; + truncation_symbol = "…/"; + }; + hostname = { + ssh_only = false; + }; + username = { + show_always = true; + }; + status.disabled = false; + custom.ranger = { + when = "test $RANGER_LEVEL"; + command = "echo \"✦\""; + style = "bold 208"; + }; + custom.sshAuthSocket = { + when = "test -S \"$SSH_AUTH_SOCK\""; + command = "echo -e \"SSH Auth Agent\""; + style = "124"; + format = "with [$output]($style) "; + }; + }; + }; + }; +} diff --git a/nix-os/udev.nix b/nixos/modules/udev.nix similarity index 100% rename from nix-os/udev.nix rename to nixos/modules/udev.nix diff --git a/nix-os/unstable-packages.nix b/nixos/modules/unstable-packages.nix similarity index 74% rename from nix-os/unstable-packages.nix rename to nixos/modules/unstable-packages.nix index 4c41240..10fefa5 100644 --- a/nix-os/unstable-packages.nix +++ b/nixos/modules/unstable-packages.nix @@ -1,14 +1,20 @@ -{config, pkgs, lib, ...}: +{ + config, + lib, + pkgs, + self, + ... +}: let cfg = config.unstable; - unstableOverlay = import ../pkgs/overlays/unstable.nix; + unstableOverlay = self.overlays.unstableWithMeta; in { options.unstable = { - enable = lib.mkEnableOption (lib.mkDoc '' + enable = lib.mkEnableOption '' use of unstable packages in configuration. You can use `unstablePkgs` in configuration modules - '') // { default = true; }; + '' // { default = true; }; }; config = { _module.args.unstablePkgs = if config.unstable.enable then pkgs.unstable else pkgs; diff --git a/nixos/modules/virtualization.nix b/nixos/modules/virtualization.nix new file mode 100644 index 0000000..38b8116 --- /dev/null +++ b/nixos/modules/virtualization.nix @@ -0,0 +1,18 @@ + +{ lib, config, pkgs, ... }: + +{ + config = { + #virtualisation.waydroid.enable = true; + programs.virt-manager.enable = true; + virtualisation.libvirtd = { + enable = true; + qemu.ovmf = { + enable = true; + packages = [ + pkgs.OVMFFull.fd + ]; + }; + }; + }; +} diff --git a/nixos/modules/xdg-default-apps.nix b/nixos/modules/xdg-default-apps.nix new file mode 100644 index 0000000..632c06d --- /dev/null +++ b/nixos/modules/xdg-default-apps.nix @@ -0,0 +1,137 @@ +{ + config = { + xdg.mime.enable = true; + xdg.mime.defaultApplications = { + # Browser + "x-scheme-handler/http" = "vivaldi-stable.desktop"; + "application/xhtml+xml" = "vivaldi-stable.desktop"; + "text/html" = "vivaldi-stable.desktop"; + "x-scheme-handler/https" = "vivaldi-stable.desktop"; + "application/pdf" = "vivaldi-stable.desktop"; + + # Audio + "audio/aiff" = "mpv.desktop"; + "audio/basic" = "mpv.desktop"; + "audio/it" = "mpv.desktop"; + "audio/make" = "mpv.desktop"; + "audio/make.my.funk" = "mpv.desktop"; + "audio/mid" = "mpv.desktop"; + "audio/midi" = "mpv.desktop"; + "audio/mod" = "mpv.desktop"; + "audio/mpeg" = "mpv.desktop"; + "audio/mpeg3" = "mpv.desktop"; + "audio/nspaudio" = "mpv.desktop"; + "audio/s3m" = "mpv.desktop"; + "audio/tsp-audio" = "mpv.desktop"; + "audio/tsplayer" = "mpv.desktop"; + "audio/vnd.qcelp" = "mpv.desktop"; + "audio/voc" = "mpv.desktop"; + "audio/voxware" = "mpv.desktop"; + "audio/wav" = "mpv.desktop"; + "audio/x-adpcm" = "mpv.desktop"; + "audio/x-aiff" = "mpv.desktop"; + "audio/x-au" = "mpv.desktop"; + "audio/x-gsm" = "mpv.desktop"; + "audio/x-jam" = "mpv.desktop"; + "audio/x-liveaudio" = "mpv.desktop"; + "audio/x-mid" = "mpv.desktop"; + "audio/x-midi" = "mpv.desktop"; + "audio/x-mod" = "mpv.desktop"; + "audio/x-mpeg" = "mpv.desktop"; + "audio/x-mpeg-3" = "mpv.desktop"; + "audio/x-mpequrl" = "mpv.desktop"; + "audio/x-nspaudio" = "mpv.desktop"; + "audio/x-pn-realaudio" = "mpv.desktop"; + "audio/x-pn-realaudio-plugin" = "mpv.desktop"; + "audio/x-psid" = "mpv.desktop"; + "audio/x-realaudio" = "mpv.desktop"; + "audio/x-twinvq" = "mpv.desktop"; + "audio/x-twinvq-plugin" = "mpv.desktop"; + "audio/x-vnd.audioexplosion.mjuicemediafile" = "mpv.desktop"; + "audio/x-voc" = "mpv.desktop"; + "audio/x-wav" = "mpv.desktop"; + "audio/xm" = "mpv.desktop"; + + # Video + "video/animaflex" = "mpv.desktop"; + "video/avi" = "mpv.desktop"; + "video/avs-video" = "mpv.desktop"; + "video/dl" = "mpv.desktop"; + "video/fli" = "mpv.desktop"; + "video/gl" = "mpv.desktop"; + "video/mpeg" = "mpv.desktop"; + "video/msvideo" = "mpv.desktop"; + "video/quicktime" = "mpv.desktop"; + "video/vdo" = "mpv.desktop"; + "video/vivo" = "mpv.desktop"; + "video/vnd.rn-realvideo" = "mpv.desktop"; + "video/vnd.vivo" = "mpv.desktop"; + "video/vosaic" = "mpv.desktop"; + "video/x-amt-demorun" = "mpv.desktop"; + "video/x-amt-showrun" = "mpv.desktop"; + "video/x-atomic3d-feature" = "mpv.desktop"; + "video/x-dl" = "mpv.desktop"; + "video/x-dv" = "mpv.desktop"; + "video/x-fli" = "mpv.desktop"; + "video/x-gl" = "mpv.desktop"; + "video/x-isvideo" = "mpv.desktop"; + "video/x-motion-jpeg" = "mpv.desktop"; + "video/x-mpeg" = "mpv.desktop"; + "video/x-mpeq2a" = "mpv.desktop"; + "video/x-ms-asf" = "mpv.desktop"; + "video/x-ms-asf-plugin" = "mpv.desktop"; + "video/x-msvideo" = "mpv.desktop"; + "video/x-qtc" = "mpv.desktop"; + "video/x-scm" = "mpv.desktop"; + "video/x-sgi-movie" = "mpv.desktop"; + + # Image + "image/bmp" = "qimgv.desktop"; + "image/cmu-raster" = "qimgv.desktop"; + "image/fif" = "qimgv.desktop"; + "image/florian" = "qimgv.desktop"; + "image/g3fax" = "qimgv.desktop"; + "image/gif" = "qimgv.desktop"; + "image/ief" = "qimgv.desktop"; + "image/jpeg" = "qimgv.desktop"; + "image/jutvision" = "qimgv.desktop"; + "image/naplps" = "qimgv.desktop"; + "image/pict" = "qimgv.desktop"; + "image/pjpeg" = "qimgv.desktop"; + "image/png" = "qimgv.desktop"; + "image/tiff" = "qimgv.desktop"; + "image/vasa" = "qimgv.desktop"; + "image/vnd.dwg" = "qimgv.desktop"; + "image/vnd.fpx" = "qimgv.desktop"; + "image/vnd.net-fpx" = "qimgv.desktop"; + "image/vnd.rn-realflash" = "qimgv.desktop"; + "image/vnd.rn-realpix" = "qimgv.desktop"; + "image/vnd.wap.wbmp" = "qimgv.desktop"; + "image/vnd.xiff" = "qimgv.desktop"; + "image/x-cmu-raster" = "qimgv.desktop"; + "image/x-dwg" = "qimgv.desktop"; + "image/x-icon" = "qimgv.desktop"; + "image/x-jg" = "qimgv.desktop"; + "image/x-jps" = "qimgv.desktop"; + "image/x-niff" = "qimgv.desktop"; + "image/x-pcx" = "qimgv.desktop"; + "image/x-pict" = "qimgv.desktop"; + "image/x-portable-anymap" = "qimgv.desktop"; + "image/x-portable-bitmap" = "qimgv.desktop"; + "image/x-portable-graymap" = "qimgv.desktop"; + "image/x-portable-greymap" = "qimgv.desktop"; + "image/x-portable-pixmap" = "qimgv.desktop"; + "image/x-quicktime" = "qimgv.desktop"; + "image/x-rgb" = "qimgv.desktop"; + "image/x-tiff" = "qimgv.desktop"; + "image/x-windows-bmp" = "qimgv.desktop"; + "image/x-xbitmap" = "qimgv.desktop"; + "image/x-xbm" = "qimgv.desktop"; + "image/x-xpixmap" = "qimgv.desktop"; + "image/x-xwd" = "qimgv.desktop"; + "image/x-xwindowdump" = "qimgv.desktop"; + "image/xbm" = "qimgv.desktop"; + "image/xpm" = "qimgv.desktop"; + }; + }; +} diff --git a/outputs.nix b/outputs.nix index f69f3bf..d5d7bbe 100644 --- a/outputs.nix +++ b/outputs.nix @@ -1,61 +1,105 @@ { - inputs ? import ./inputs.nix {}, - selfPath ? ./. + inputsPath ? ./inputs.nix, + inputs ? import inputsPath {}, + selfPath ? { + outPath = builtins.toString ./.; + selfMode = "impure"; + }, }: let -lib = (import "${inputs.nixpkgs}/lib").extend (import ./lib/overlays/version-info-fixup.nix { inherit inputs; }); +lib = (import "${inputs.nixpkgs}/lib").extend (import ./lib/overlays/version-info-fixup.nix { revision = inputs.lock.nixpkgs.revision; }); + +systems = [ + "x86_64-linux" + "aarch64-linux" +]; + +# (system -> x) -> { [system] := x } +forEachSystem = lib.genAttrs systems; self = { - inherit inputs lib self; - __toString = _: selfPath; + inherit inputs inputsPath lib self; + outPath = selfPath; modifiedNixpkgs = import ./pkgs/top-level/impure.nix; modifiedNixpkgsPure = import ./pkgs/top-level/default.nix; + packagesForSystem = system: self.modifiedNixpkgsPure { localSystem = system; }; + packages = forEachSystem (system: let + nixpkgs = import "${inputs.nixpkgs}/pkgs/top-level/default.nix" { localSystem = system; }; + attrnames = builtins.attrNames nixpkgs; + in + builtins.removeAttrs (self.packagesForSystem system) attrnames + ); overlays = { + cosmicPackages = import ./pkgs/overlays/cosmic-packages.nix { inherit inputs; }; selfExpr = import ./pkgs/overlays/selfExpr.nix { nixpkgsPath = inputs.nixpkgs; }; - unstable = import ./pkgs/overlays/unstable.nix; + unstableWithMeta = import ./pkgs/overlays/unstable-with-meta.nix { unstableSource = inputs.nixpkgs-unstable; revision = inputs.lock.nixpkgs-unstable.revision; }; versionInfoFixup = import ./pkgs/overlays/version-info-fixup.nix { inherit inputs; }; }; nixosConfigurations = let - # list nix file paths in ./hosts to attributes in nixosConfigurations - filePaths = lib.pipe ./hosts [ + nixosSystem = import "${inputs.nixpkgs}/nixos/lib/eval-config.nix"; + mkNixosSystem = path: nixosSystem { + inherit lib; + system = null; + modules = [ + path + { + config.nixpkgs.overlays = [ + ( import ./pkgs/overlays/selfExpr.nix { nixpkgsPath = "${self}/pkgs/top-level/impure.nix"; } ) + ( import ./pkgs/top-level/by-name-overlay.nix "${self}/pkgs/by-name" ) + self.overlays.versionInfoFixup + ]; + } + ]; + specialArgs = { inherit self inputs; }; + }; + baseHostsDir = ./nixos/hosts; + in + # mapped attrset of nix file paths to attrSet with initialized NixOS configurations, + # whose names are derived from file names + lib.pipe baseHostsDir [ builtins.readDir + # filter out files that are not .nix files, directories with default.nix or starting with . (dot, hidden files) ( lib.filterAttrs (name: type: - ( # regular .nix files + ( (type == "regular" && lib.hasSuffix ".nix" name) - || # directories that contain a default.nix file - (type == "directory" && builtins.pathExists "${./hosts}/${name}/default.nix") + || (type == "directory" && builtins.pathExists (baseHostsDir + "/${name}/default.nix")) ) - # filter out files that start with . && !lib.hasPrefix "." name )) - ]; - nixosSystem = import "${inputs.nixpkgs}/nixos/lib/eval-config.nix"; - in - # mapped list of nix file paths to attrSet with initialized NixOS configurations, - # whose names are derived from file names - lib.pipe filePaths [ (builtins.mapAttrs (name: type: { + # remove .nix extension name = if type == "directory" then name else builtins.substring 0 (builtins.stringLength name - 4) name; - value = nixosSystem { - inherit lib; - modules = [ - ./hosts/${name} - { - config.nixpkgs.overlays = [ - ( import ./pkgs/overlays/selfExpr.nix { nixpkgsPath = "${self}/pkgs/top-level/impure.nix"; } ) - ( import ./pkgs/top-level/by-name-overlay.nix "${self}/pkgs/by-name" ) - self.overlays.versionInfoFixup - ]; - } - ]; - specialArgs = { inherit self inputs; }; - }; + # initialize NixOS configuration + value = mkNixosSystem (baseHostsDir + "/${name}"); })) builtins.attrValues builtins.listToAttrs ]; + updateList = import ./update-list.nix self; + # FIXME: currently impure + # NOTE: to run, you need to evaluate outputs.nix instead of default.nix + # nix-shell outputs.nix -A update + update = let + updateScript = (self.packagesForSystem (builtins.currentSystem)).den-update-script; + in updateScript { + path = ""; + packages = lib.pipe self.updateList [ + lib.attrsToList + (lib.imap1 (i: {name, value}: { + name = builtins.toString i; + value = value // { + # hack to pass isDerivation check in nixpkgs maintainers/scripts/update.nix + # https://github.com/NixOS/nixpkgs/blob/a1185f4064c18a5db37c5c84e5638c78b46e3341/maintainers/scripts/update.nix#L85 + type = "derivation"; + name = name; + }; + })) + builtins.listToAttrs + lib.recurseIntoAttrs + ]; + }; }; in self diff --git a/pkgs/by-name/de/den-http-get-updater/package.nix b/pkgs/by-name/de/den-http-get-updater/package.nix new file mode 100644 index 0000000..3293811 --- /dev/null +++ b/pkgs/by-name/de/den-http-get-updater/package.nix @@ -0,0 +1,180 @@ +{ + lib, + + curl, + gnused, + jq, + nix, + uutils-coreutils-noprefix, + writeScript, +}: + +{ + # location of file to modify + fileLocation, + previousVersion, + versionUrl, + + # { + # fileLocation: string?; + # previousHash: string; + # prefetchUrlLocation: { + # file: string; + # attrpath: string[]' + # }; + # prefetchHash: string?; + # targetHash: string?; + # unpack: bool?; + # name: string?; + # }[] + # + prefetchList ? [], + + # extra packages to add to the path + extraPackages ? [], + + # change newVersion variable in it, if the contents of the page + # is not plaintext version + # (json for example) + contentParser ? "echo \"$newVersion\"", + + unpack ? true, + hashAlgo ? "sha256", + hashFormat ? "sri", +}: + +let + assertNoStorePathPrefix = path: + assert lib.assertMsg (!lib.hasPrefix builtins.storeDir path) '' + The path '${path}' is a store path. + + den-http-get-updater must be evaluated in impure mode, + in order to modify target files, and this cannot be done + with files in the store. + ''; path; + + realFileLocation = assertNoStorePathPrefix (builtins.toString fileLocation); + + prefetchList' = lib.map (x: + assert builtins.isNull x.prefetchUrlLocation || lib.isAttrs x.prefetchUrlLocation; + assert lib.isAttrs x.prefetchUrlLocation && ( + lib.isString x.prefetchUrlLocation.file or null || + lib.isPath x.prefetchUrlLocation.file or null + ); + assert lib.isAttrs x.prefetchUrlLocation && lib.isString x.prefetchUrlLocation.attrpath or null; + rec { + inherit fileLocation hashAlgo hashFormat unpack; + name = if x.unpack or unpack then "source" else null; + mark = builtins.hashString "sha256" x.previousHash; + markRegexEscape = lib.escapeRegex mark; + realFileLocation = assertNoStorePathPrefix (builtins.toString x.realFileLocation or fileLocation); + realFileLocationShellEscape = lib.escapeShellArg realFileLocation; + prefetchUrlLocationShellEscape = lib.mapAttrs (_: lib.escapeShellArg) x.prefetchUrlLocation; + previousHashRegexEscape = lib.escapeRegex x.previousHash; + } // x) prefetchList; + + realFileLocationShellEscape = lib.escapeShellArg realFileLocation; + versionUrlShellEscape = lib.escapeShellArg versionUrl; + + previousVersionRegexEscape = lib.escapeRegex previousVersion; + + + path = lib.makeBinPath ([ + curl + gnused + jq + nix + ] ++ extraPackages); +in + +writeScript "den-http-get-updater" ('' + PATH="${lib.escapeShellArg path}" + prefetchFailed= + + newVersion=$(curl -L "${versionUrlShellEscape}") + if [[ "$?" != 0 ]]; then + echo "error: fetching new version failed" 1>&2 + exit 1 + fi + newVersion=$(${contentParser}) + sed -Ei "s!${previousVersionRegexEscape}!$newVersion!g" "${realFileLocationShellEscape}" +'' + +# invalidate hashes ++ lib.concatStringsSep "\n" (lib.map ({ + mark, + previousHash, + previousHashRegexEscape, + realFileLocationShellEscape, + ... +}: '' + sed -Ei "s!${previousHashRegexEscape}!${mark}!g" "${realFileLocationShellEscape}" +'') prefetchList') + ++ lib.concatStringsSep "\n" (lib.map ({ + fileLocation, + markRegexEscape, + name, + prefetchUrlLocationShellEscape, + realFileLocationShellEscape, + unpack, + ... +}: let + nixUnpack = lib.optionalString unpack "--unpack"; + nixName = lib.optionalString (!builtins.isNull name) "--name \"${lib.escapeShellArg name}\""; +in '' + for i in {1..30}; do + nixUrlsResult=$(nix-instantiate --eval --json --strict \ + "${prefetchUrlLocationShellEscape.file}" \ + -A "${prefetchUrlLocationShellEscape.attrpath}" + ) + if [[ "$?" == "0" ]]; then + break + elif [[ "$i" == 30 ]]; then + echo "error: prefetchUrlLocation failed - attempts exhausted" 1>&2 + exit 1 + fi + echo "prefetchUrlLocation failed (attempt $i)" 1>&2 + ${lib.getExe' uutils-coreutils-noprefix "sleep"} 2 + done + + + urlsType=$(jq -rc 'type' <<< "$nixUrlsResult") + if [ "$urlsType" = "array" ]; then + readarray -t prefetchUrls < <( + jq -rc '.[]' <<< "$nixUrlsResult" + ) + elif [ "$urlsType" = "string" ]; then + readarray -t prefetchUrls < <( + jq -rc '.' <<< "$nixUrlsResult" + ) + fi + + prefetchSucceeded=1 + for url in "''${prefetchUrls[@]}"; do + echo "trying prefetch '$url'..."; + expectedHash=$(nix-prefetch-url "$url" ${nixUnpack} ${nixName} --type "${hashAlgo}") + expectedHash=$(nix --extra-experimental-features "nix-command" hash convert \ + --hash-algo "${hashAlgo}" \ + --to "${hashFormat}" \ + "$expectedHash" + ) + if [[ -n $expectedHash ]]; then + echo "prefetch succeeded!" + echo "hash: $expectedHash" + sed -Ei "s!${markRegexEscape}!$expectedHash!g" "${realFileLocationShellEscape}" + prefetchSucceeded= + break + fi + done + if [[ -n "$prefetchSucceeded" ]]; then + echo "warning: prefetch failed" 1>&2 + prefetchFailed=1 + fi +'') (lib.filter (x: !builtins.isNull x.prefetchUrlLocation) prefetchList')) + ++ '' + if [[ -n "$prefetchFailed" ]]; then + exit 1 + fi +'') diff --git a/pkgs/by-name/de/den-update-script/package.nix b/pkgs/by-name/de/den-update-script/package.nix new file mode 100644 index 0000000..662e3ce --- /dev/null +++ b/pkgs/by-name/de/den-update-script/package.nix @@ -0,0 +1,39 @@ +{ + lib, + path, + + overlayAttrname ? "den-outputs", +}: + +assert lib.assertMsg (!lib.hasInfix "." overlayAttrname) (lib.pipe '' + overlayAttrname must not contain a dot (.), + because dot is used to reference package in a package set + inside nix-update-script. +'' [ + lib.lines + (lib.concatStringsSep " ") +]); + +let + updateScript = import (path + /maintainers/scripts/update.nix); + functionArgs = lib.functionArgs updateScript; + nameInFunctionArgs = name: lib.elem name (lib.attrNames functionArgs); +in +{ + __functionArgs = functionArgs // { packages = false; }; + __functor = _: args: let + # args.outputs should be an attrset of packages to update + overlay = _: _: { + "${overlayAttrname}" = args.packages; + }; + in updateScript (lib.filterAttrs (name: _: nameInFunctionArgs name) args // { + include-overlays = + if !args ? updateScript then [ overlay ] + else if lib.isList args.updateScript then [ overlay ] ++ args.updateScript + else args.updateScript; + } // lib.optionalAttrs (args ? package) { + package = "${overlayAttrname}.${args.package}"; + } // lib.optionalAttrs (args ? path) { + path = if lib.stringLength args.path == 0 then overlayAttrname else "${overlayAttrname}.${args.path}"; + }); +} diff --git a/pkgs/by-name/mk/mkScriptOverride/package.nix b/pkgs/by-name/mk/mkScriptOverride/package.nix deleted file mode 100644 index 6777a0c..0000000 --- a/pkgs/by-name/mk/mkScriptOverride/package.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - lib, - stdenv, -}: - -{ - src, - script, - ... -} @ args: -lib.hiPrio (stdenv.mkDerivation ( - { - src = src; - name = "${src.name}-script-override"; - phases = [ "installPhase" "scriptOverridePhase" ]; - installPhase = '' - runHook preInstall - - cp -r $src $out - chmod u+w -R $out - - runHook postInstall - ''; - scriptOverridePhase = script; - } // lib.removeAttrs args [ - "pkg" - "commands" - ] -)) diff --git a/pkgs/by-name/mk/mkWrappedExecutable/package.nix b/pkgs/by-name/mk/mkWrappedExecutable/package.nix deleted file mode 100644 index 039b6f4..0000000 --- a/pkgs/by-name/mk/mkWrappedExecutable/package.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - lib, - makeWrapper, - stdenv -}: - -/* - pkg: package - nixpkgs package - exe: string - executable (under bin) in pkg - wrapperArgs: string[] - arguments to pass to the wrapper -*/ -{ pkg, exe ? pkg.meta.mainProgram, wrapperArgs }: -lib.hiPrio (stdenv.mkDerivation { - inherit wrapperArgs; - name = "${pkg.name}-wrap-${exe}"; - nativeBuildInputs = [ makeWrapper ]; - phases = ["installPhase"]; - installPhase = '' - mkdir -p $out/bin - makeWrapper ${pkg}/bin/${exe} $out/bin/${exe} $wrapperArgs - ''; -}) diff --git a/pkgs/by-name/ni/nixos-rebuild/_nixos-rebuild b/pkgs/by-name/ni/nixos-rebuild/_nixos-rebuild deleted file mode 100644 index 84e8d22..0000000 --- a/pkgs/by-name/ni/nixos-rebuild/_nixos-rebuild +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/env bash - -# We're faking a `nix build` command-line to re-use Nix's own completion -# for the few options passed through to Nix. -_nixos-rebuild_pretend-nix() { - COMP_LINE="nix build ${COMP_LINE}" - # number of prepended chars - (( COMP_POINT = COMP_POINT + 10)) - - COMP_WORDS=( - nix build - "${COMP_WORDS[@]}" - ) - # Add the amount of prepended words - (( COMP_CWORD = COMP_CWORD + 2)) - _complete_nix "nix" -} - -_nixos-rebuild() { - local curr="$2" - local prev="$3" - local subcommandGiven=0 - local word - local subcommand - - __load_completion nix - - # Arrays are re-ordered by the completion, so it's fine to sort them in logical chunks - local all_args=( - --verbose -v - - # nixos-rebuild options - --fast - --no-build-nix - --profile-name -p # name - --rollback - --specialisation -c # name - --use-remote-sudo - --build-host # host - --target-host # host - # Used with list-generations - --json - - # generation switching options - --install-bootloader - - # nix-channel options - --upgrade - --upgrade-all - - # flakes options - --commit-lock-file - --flake # flake-uri - --override-input # input-name flake-uri - --recreate-lock-file - --update-input - --no-flake - --no-registries - --no-update-lock-file - --no-write-lock-file - - # Nix-copy options - --use-substitutes --substitute-on-destination -s - - # Nix options - --option - --impure - --builders # builder-spec - --show-trace - --keep-failed -K - --keep-going -k - --max-jobs -j # number - --log-format # format - -I # NIX_PATH - ) - - local all_subcommands=( - boot - build - build-vm - build-vm-with-bootloader - dry-activate - dry-build - edit - list-generations - switch - test - ) - - # Suggest arguments that can be consumed under some conditions only - for word in "${COMP_WORDS[@]}"; do - for subcommand in "${all_subcommands[@]}"; do - if [[ "$word" == "$subcommand" ]]; then - subcommandGiven=1 - fi - done - done - - # Fake out a way to complete the second arg to some options - case "${COMP_WORDS[COMP_CWORD-2]}" in - "--override-input") - prev="--override-input_2" - ;; - "--option") - prev="--option_2" - ;; - esac - - case "$prev" in - --max-jobs|-j) - COMPREPLY=( ) - ;; - - --profile-name|-p) - if [[ "$curr" == "" ]]; then - COMPREPLY=( /nix/var/nix/profiles/* ) - else - COMPREPLY=( "$curr"* ) - fi - ;; - - --build-host|--target-host|-t|-h) - _known_hosts_real "$curr" - ;; - - --specialisation|-c) - COMPREPLY=() - ;; - - -I) - _nixos-rebuild_pretend-nix - ;; - --builders) - _nixos-rebuild_pretend-nix - ;; - --flake) - _nixos-rebuild_pretend-nix - ;; - --override-input) - _nixos-rebuild_pretend-nix - ;; - --override-input_2) - _nixos-rebuild_pretend-nix - ;; - --log-format) - _nixos-rebuild_pretend-nix - ;; - --option) - _nixos-rebuild_pretend-nix - ;; - --option_2) - _nixos-rebuild_pretend-nix - ;; - - *) - if [[ "$curr" == -* ]] || (( subcommandGiven )); then - COMPREPLY=( $(compgen -W "${all_args[*]}" -- "$2") ) - else - COMPREPLY=( $(compgen -W "${all_subcommands[*]}" -- "$2") ) - fi - ;; - esac -} - -complete -F _nixos-rebuild nixos-rebuild diff --git a/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.8 b/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.8 deleted file mode 100644 index 1704993..0000000 --- a/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.8 +++ /dev/null @@ -1,558 +0,0 @@ -.Dd January 1, 1980 -.Dt nixos-rebuild 8 -.Os -.Sh NAME -.Nm nixos-rebuild -.Nd reconfigure a NixOS machine -. -. -. -.Sh SYNOPSIS -.Nm -.Bro -.Cm switch | boot | test | build | dry-build | dry-activate | edit | repl | build-vm | build-vm-with-bootloader | list-generations Op Fl -json -.Brc -.br -.Op Fl -upgrade | -upgrade-all -.Op Fl -install-bootloader -.Op Fl -no-build-nix -.Op Fl -fast -.Op Fl -rollback -.br -.Op Fl -file | F Ar path -.Op Fl -attr | A Ar attrPath -.Op Fl -flake Ar flake-uri -.Op Fl -no-flake -.Op Fl -recreate-lock-file -.Op Fl -no-update-lock-file -.Op Fl -no-write-lock-file -.Op Fl -no-registries -.Op Fl -commit-lock-file -.Op Fl -update-input Ar input-path -.Op Fl -override-input Ar input-path flake-url -.br -.Op Fl -profile-name | p Ar name -.Op Fl -specialisation | c Ar name -.br -.Op Fl -build-host Va host -.Op Fl -target-host Va host -.Op Fl -use-remote-sudo -.br -.Op Fl -verbose | v -.Op Fl -quiet -.Op Fl -log-format Ar format -.Op Fl -no-build-output | Q -.Op Fl -max-jobs | j Va number -.Op Fl -cores Va number -.Op Fl -keep-going | k -.Op Fl -keep-failed | K -.Op Fl -fallback -.Op Fl I Va NIX_PATH -.Op Fl -option Ar name value -.Op Fl -repair -.Op Fl -builders Va builder-spec -.Op Fl -accept-flake-config -.Op Fl -print-build-logs | L -.Op Fl -show-trace -.Op Fl -refresh -.Op Fl -impure -.Op Fl -offline -.Op Fl -no-net -. -. -. -.Sh DESCRIPTION -This command updates the system so that it corresponds to the -configuration specified in -.Pa /etc/nixos/configuration.nix Ns -, -.Pa /etc/nixos/flake.nix -or the file and attribute specified by the -.Fl -file -and/or -.Fl -attr -options. Thus, every time you modify the configuration or any other NixOS -module, you must run -.Nm -to make the changes take effect. It builds the new system in -.Pa /nix/store Ns -, runs its activation script, and stop and (re)starts any system services if -needed. Please note that user services need to be started manually as they -aren't detected by the activation script at the moment. -. -.Pp -This command has one required argument, which specifies the desired -operation. It must be one of the following: -.Bl -tag -width indent -.It Cm switch -Build and activate the new configuration, and make it the boot default. That -is, the configuration is added to the GRUB boot menu as the default -menu entry, so that subsequent reboots will boot the system into the new -configuration. Previous configurations activated with -.Ic nixos-rebuild switch -or -.Ic nixos-rebuild boot -remain available in the GRUB menu. -.Pp -Note that if you are using specializations, running just -.Ic nixos-rebuild switch -will switch you back to the unspecialized, base system \(em in that case, you -might want to use this instead: -.Bd -literal -offset indent -$ nixos-rebuild switch --specialisation your-specialisation-name -.Ed -.Pp -This command will build all specialisations and make them bootable just -like regular -.Ic nixos-rebuild switch -does \(em the only thing different is that it will switch to given -specialisation instead of the base system; it can be also used to switch from -the base system into a specialised one, or to switch between specialisations. -. -.It Cm boot -Build the new configuration and make it the boot default (as with -.Ic nixos-rebuild switch Ns -), but do not activate it. That is, the system continues to run the previous -configuration until the next reboot. -. -.It Cm test -Build and activate the new configuration, but do not add it to the GRUB -boot menu. Thus, if you reboot the system (or if it crashes), you will -automatically revert to the default configuration (i.e. the -configuration resulting from the last call to -.Ic nixos-rebuild switch -or -.Ic nixos-rebuild boot Ns -). -.Pp -Note that if you are using specialisations, running just -.Ic nixos-rebuild test -will activate the unspecialised, base system \(em in that case, you might want -to use this instead: -.Bd -literal -offset indent -$ nixos-rebuild test --specialisation your-specialisation-name -.Ed -.Pp -This command can be also used to switch from the base system into a -specialised one, or to switch between specialisations. -. -.It Cm build -Build the new configuration, but neither activate it nor add it to the -GRUB boot menu. It leaves a symlink named -.Pa result -in the current directory, which points to the output of the top-level -.Dq system -derivation. This is essentially the same as doing -.Bd -literal -offset indent -$ nix-build /path/to/nixpkgs/nixos -A system -.Ed -.Pp -Note that you do not need to be root to run -.Ic nixos-rebuild build Ns -\&. -. -.It Cm dry-build -Show what store paths would be built or downloaded by any of the -operations above, but otherwise do nothing. -. -.It Cm dry-activate -Build the new configuration, but instead of activating it, show what -changes would be performed by the activation (i.e. by -.Ic nixos-rebuild test Ns -). For instance, this command will print which systemd units would be restarted. -The list of changes is not guaranteed to be complete. -. -.It Cm edit -Opens -.Pa configuration.nix -in the default editor. -. -.It Cm repl -Opens the configuration in -.Ic nix repl Ns . -. -.It Cm build-vm -Build a script that starts a NixOS virtual machine with the desired -configuration. It leaves a symlink -.Pa result -in the current directory that points (under -.Ql result/bin/run\- Ns Va hostname Ns \-vm Ns -) -at the script that starts the VM. Thus, to test a NixOS configuration in -a virtual machine, you should do the following: -.Bd -literal -offset indent -$ nixos-rebuild build-vm -$ ./result/bin/run-*-vm -.Ed -.Pp -The VM is implemented using the -.Ql qemu -package. For best performance, you should load the -.Ql kvm-intel -or -.Ql kvm-amd -kernel modules to get hardware virtualisation. -.Pp -The VM mounts the Nix store of the host through the 9P file system. The -host Nix store is read-only, so Nix commands that modify the Nix store -will not work in the VM. This includes commands such as -.Nm Ns -; to change the VM’s configuration, you must halt the VM and re-run the commands -above. -.Pp -The VM has its own ext3 root file system, which is automatically created when -the VM is first started, and is persistent across reboots of the VM. It is -stored in -.Ql ./ Ns Va hostname Ns .qcow2 Ns -\&. -.\" The entire file system hierarchy of the host is available in -.\" the VM under -.\" .Pa /hostfs Ns -.\" . -. -.It Cm build-vm-with-bootloader -Like -.Cm build-vm Ns -, but boots using the regular boot loader of your configuration (e.g. GRUB 1 or -2), rather than booting directly into the kernel and initial ramdisk of the -system. This allows you to test whether the boot loader works correctly. \ -However, it does not guarantee that your NixOS configuration will boot -successfully on the host hardware (i.e., after running -.Ic nixos-rebuild switch Ns -), because the hardware and boot loader configuration in the VM are different. -The boot loader is installed on an automatically generated virtual disk -containing a -.Pa /boot -partition. -. -.It Cm list-generations Op Fl -json -List the available generations in a similar manner to the boot loader -menu. It shows the generation number, build date and time, NixOS version, -kernel version and the configuration revision. -There is also a json version of output available. -.El -. -. -. -.Sh OPTIONS -.Bl -tag -width indent -.It Fl -upgrade , -upgrade-all -Update the root user's channel named -.Ql nixos -before rebuilding the system. -.Pp -In addition to the -.Ql nixos -channel, the root user's channels which have a file named -.Ql .update-on-nixos-rebuild -in their base directory will also be updated. -.Pp -Passing -.Fl -upgrade-all -updates all of the root user's channels. -. -.It Fl -install-bootloader -Causes the boot loader to be (re)installed on the device specified by the -relevant configuration options. -. -.It Fl -no-build-nix -Normally, -.Nm -first builds the -.Ql nixUnstable -attribute in Nixpkgs, and uses the resulting instance of the Nix package manager -to build the new system configuration. This is necessary if the NixOS modules -use features not provided by the currently installed version of Nix. This option -disables building a new Nix. -. -.It Fl -fast -Equivalent to -.Fl -no-build-nix Ns -\&. This option is useful if you call -.Nm -frequently (e.g. if you’re hacking on a NixOS module). -. -.It Fl -rollback -Instead of building a new configuration as specified by -.Pa /etc/nixos/configuration.nix Ns -, roll back to the previous configuration. (The previous configuration is -defined as the one before the “current” generation of the Nix profile -.Pa /nix/var/nix/profiles/system Ns -\&.) -. -.It Fl -builders Ar builder-spec -Allow ad-hoc remote builders for building the new system. This requires -the user executing -.Nm -(usually root) to be configured as a trusted user in the Nix daemon. This can be -achieved by using the -.Va nix.settings.trusted-users -NixOS option. Examples values for that option are described in the -.Dq Remote builds -chapter in the Nix manual, (i.e. -.Ql --builders \(dqssh://bigbrother x86_64-linux\(dq Ns -). By specifying an empty string existing builders specified in -.Pa /etc/nix/machines -can be ignored: -.Ql --builders \(dq\(dq -for example when they are not reachable due to network connectivity. -. -.It Fl -profile-name Ar name , Fl p Ar name -Instead of using the Nix profile -.Pa /nix/var/nix/profiles/system -to keep track of the current and previous system configurations, use -.Pa /nix/var/nix/profiles/system-profiles/ Ns Va name Ns -\&. When you use GRUB 2, for every system profile created with this flag, NixOS -will create a submenu named -.Dq NixOS - Profile Va name -in GRUB’s boot menu, containing the current and previous configurations of this profile. -.Pp -For instance, if you want to test a configuration file named -.Pa test.nix -without affecting the default system profile, you would do: -.Bd -literal -offset indent -$ nixos-rebuild switch -p test -I nixos-config=./test.nix -.Ed -.Pp -The new configuration will appear in the GRUB 2 submenu -.Dq NixOS - Profile 'test' Ns -\&. -. -.It Fl -specialisation Ar name , Fl c Ar name -Activates given specialisation; when not specified, switching and testing -will activate the base, unspecialised system. -. -.It Fl -build-host Ar host -Instead of building the new configuration locally, use the specified host -to perform the build. The host needs to be accessible with -.Ic ssh Ns , -and must be able to perform Nix builds. If the option -.Fl -target-host -is not set, the build will be copied back to the local machine when done. -.Pp -Note that, if -.Fl -no-build-nix -is not specified, Nix will be built both locally and remotely. This is because -the configuration will always be evaluated locally even though the building -might be performed remotely. -.Pp -You can include a remote user name in the host name -.Ns ( Va user@host Ns -). You can also set ssh options by defining the -.Ev NIX_SSHOPTS -environment variable. -. -.It Fl -target-host Ar host -Specifies the NixOS target host. By setting this to something other than an -empty string, the system activation will happen on the remote host instead of -the local machine. The remote host needs to be accessible over -.Ic ssh Ns , -and for the commands -.Cm switch Ns -, -.Cm boot -and -.Cm test -you need root access. -.Pp -If -.Fl -build-host -is not explicitly specified or empty, building will take place locally. -.Pp -You can include a remote user name in the host name -.Ns ( Va user@host Ns -). You can also set ssh options by defining the -.Ev NIX_SSHOPTS -environment variable. -.Pp -Note that -.Nm -honors the -.Va nixpkgs.crossSystem -setting of the given configuration but disregards the true architecture of the -target host. Hence the -.Va nixpkgs.crossSystem -setting has to match the target platform or else activation will fail. -. -.It Fl -use-substitutes -When set, nixos-rebuild will add -.Fl -use-substitutes -to each invocation of nix-copy-closure. This will only affect the behavior of -nixos-rebuild if -.Fl -target-host -or -.Fl -build-host -is also set. This is useful when the target-host connection to cache.nixos.org -is faster than the connection between hosts. -. -.It Fl -use-remote-sudo -When set, nixos-rebuild prefixes activation commands that run on the -.Fl -target-host -system with -.Ic sudo Ns -\&. Setting this option allows deploying as a non-root user. -. -.It Fl -file Ar path , Fl F Ar path -Enable and build the NixOS system from the specified file. The file must -evaluate to an attribute set, and it must contain a valid NixOS configuration -at attribute -.Va attrPath Ns -\&. This is useful for building a NixOS system from a nix file that is not -a flake or a NixOS configuration module. Attribute set a with valid NixOS -configuration can be made using -.Va nixos -function in nixpkgs or importing and calling -.Pa nixos/lib/eval-config.nix -from nixpkgs. If specified without -.Fl -attr -option, builds the configuration from the top-level -attribute of the file. -. -.It Fl -attr Ar attrPath , Fl A Ar attrPath -Enable and build the NixOS system from nix file and use the specified attribute -path from file specified by the -.Fl -file -option. If specified without -.Fl -file -option, uses -.Pa default.nix -in current directory. -. -.It Fl -flake Va flake-uri Ns Op Va #name -Build the NixOS system from the specified flake. It defaults to the directory -containing the target of the symlink -.Pa /etc/nixos/flake.nix Ns -, if it exists. The flake must contain an output named -.Ql nixosConfigurations. Ns Va name Ns -\&. If -.Va name -is omitted, it default to the current host name. -. -.It Fl -no-flake -Do not imply -.Fl -flake -if -.Pa /etc/nixos/flake.nix -exists. With this option, it is possible to build non-flake NixOS configurations -even if the current NixOS systems uses flakes. -.El -.Pp -In addition, -.Nm -accepts following options from nix commands that the tool calls: -. -.Pp -flake-related options: -.Bd -offset indent -.Fl -recreate-lock-file Ns , -.Fl -no-update-lock-file Ns , -.Fl -no-write-lock-file Ns , -.Fl -no-registries Ns , -.Fl -commit-lock-file Ns , -.Fl -update-input Ar input-path Ns , -.Fl -override-input Ar input-path flake-url Ns -.Ed -. -.Pp -Builder options: -.Bd -offset indent -.Fl -verbose Ns , -.Fl v Ns , -.Fl -quiet Ns , -.Fl -log-format Ns , -.Fl -no-build-output Ns , -.Fl Q Ns , -.Fl -max-jobs Ns , -.Fl j Ns , -.Fl -cores Ns , -.Fl -keep-going Ns , -.Fl k Ns , -.Fl -keep-failed Ns , -.Fl K Ns , -.Fl -fallback Ns , -.Fl I Ns , -.Fl -option Ns -.Fl -repair Ns , -.Fl -builders Ns , -.Fl -accept-flake-config Ns , -.Fl -print-build-logs Ns , -.Fl L Ns , -.Fl -show-trace Ns , -.Fl -refresh Ns , -.Fl -impure Ns , -.Fl -offline Ns , -.Fl -no-net Ns -.Ed -. -.Pp -See the Nix manual, -.Ic nix flake lock --help -or -.Ic nix-build --help -for details. -. -. -. -.Sh ENVIRONMENT -.Bl -tag -width indent -.It Ev NIXOS_CONFIG -Path to the main NixOS configuration module. Defaults to -.Pa /etc/nixos/configuration.nix Ns -\&. -. -.It Ev NIX_PATH -A colon-separated list of directories used to look up Nix expressions enclosed -in angle brackets (e.g. ). Example: -.Bd -literal -offset indent -nixpkgs=./my-nixpkgs -.Ed -. -.It Ev NIX_SSHOPTS -Additional options to be passed to -.Ic ssh -on the command line. -.Ed -. -.It Ev NIXOS_SWITCH_USE_DIRTY_ENV -Expose the the current environment variables to post activation scripts. Will -skip usage of -.Ic systemd-run -during system activation. Possibly dangerous, specially in remote environments -(e.g.: via SSH). Will be removed in the future. -.El -. -. -. -.Sh FILES -.Bl -tag -width indent -.It Pa /etc/nixos/flake.nix -If this file exists, then -.Nm -will use it as if the -.Fl -flake -option was given. This file may be a symlink to a -.Pa flake.nix -in an actual flake; thus -.Pa /etc/nixos -need not be a flake. -. -.It Pa /run/current-system -A symlink to the currently active system configuration in the Nix store. -. -.It Pa /nix/var/nix/profiles/system -The Nix profile that contains the current and previous system -configurations. Used to generate the GRUB boot menu. -.El -. -. -. -.Sh BUGS -This command should be renamed to something more descriptive. -. -. -. -.Sh AUTHORS -.An -nosplit -.An Eelco Dolstra -and -.An the Nixpkgs/NixOS contributors diff --git a/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.sh b/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.sh deleted file mode 100755 index 5cfff7a..0000000 --- a/pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.sh +++ /dev/null @@ -1,874 +0,0 @@ -#! @runtimeShell@ -# shellcheck shell=bash - -if [ -x "@runtimeShell@" ]; then export SHELL="@runtimeShell@"; fi; - -set -e -set -o pipefail -shopt -s inherit_errexit - -export PATH=@path@:$PATH - -showSyntax() { - exec man nixos-rebuild - exit 1 -} - - -# Parse the command line. -origArgs=("$@") -copyFlags=() -extraBuildFlags=() -lockFlags=() -flakeFlags=(--extra-experimental-features 'nix-command flakes') -action= -buildNix=1 -fast= -rollback= -upgrade= -upgrade_all= -profile=/nix/var/nix/profiles/system -specialisation= -buildHost= -targetHost= -remoteSudo= -verboseScript= -noFlake= -attr= -buildFile=default.nix -buildingAttribute=1 -installBootloader= -json= - -# log the given argument to stderr -log() { - echo "$@" >&2 -} - -while [ "$#" -gt 0 ]; do - i="$1"; shift 1 - case "$i" in - --help) - showSyntax - ;; - switch|boot|test|build|edit|repl|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader|list-generations) - if [ "$i" = dry-run ]; then i=dry-build; fi - if [ "$i" = list-generations ]; then - buildNix= - fast=1 - fi - # exactly one action mandatory, bail out if multiple are given - if [ -n "$action" ]; then showSyntax; fi - action="$i" - ;; - --file|-f) - if [ -z "$1" ]; then - log "$0: ‘--file’ requires an argument" - exit 1 - fi - buildFile="$1" - buildingAttribute= - shift 1 - ;; - --attr|-A) - if [ -z "$1" ]; then - log "$0: ‘--attr’ requires an argument" - exit 1 - fi - attr="$1" - buildingAttribute= - shift 1 - ;; - --install-grub) - log "$0: --install-grub deprecated, use --install-bootloader instead" - installBootloader=1 - ;; - --install-bootloader) - installBootloader=1 - ;; - --no-build-nix) - buildNix= - ;; - --rollback) - rollback=1 - ;; - --upgrade) - upgrade=1 - ;; - --upgrade-all) - upgrade=1 - upgrade_all=1 - ;; - --use-substitutes|--substitute-on-destination|-s) - copyFlags+=("-s") - ;; - -I|--max-jobs|-j|--cores|--builders|--log-format) - j="$1"; shift 1 - extraBuildFlags+=("$i" "$j") - ;; - --accept-flake-config|-j*|--quiet|--print-build-logs|-L|--no-build-output|-Q| --show-trace|--keep-going|-k|--keep-failed|-K|--fallback|--refresh|--repair|--impure|--offline|--no-net) - extraBuildFlags+=("$i") - ;; - --verbose|-v|-vv|-vvv|-vvvv|-vvvvv) - verboseScript="true" - extraBuildFlags+=("$i") - ;; - --option) - j="$1"; shift 1 - k="$1"; shift 1 - extraBuildFlags+=("$i" "$j" "$k") - ;; - --fast) - buildNix= - fast=1 - ;; - --profile-name|-p) - if [ -z "$1" ]; then - log "$0: ‘--profile-name’ requires an argument" - exit 1 - fi - if [ "$1" != system ]; then - profile="/nix/var/nix/profiles/system-profiles/$1" - mkdir -p -m 0755 "$(dirname "$profile")" - fi - shift 1 - ;; - --specialisation|-c) - if [ -z "$1" ]; then - log "$0: ‘--specialisation’ requires an argument" - exit 1 - fi - specialisation="$1" - shift 1 - ;; - --build-host) - buildHost="$1" - shift 1 - ;; - --target-host) - targetHost="$1" - shift 1 - ;; - --use-remote-sudo) - remoteSudo=1 - ;; - --flake) - flake="$1" - shift 1 - ;; - --no-flake) - noFlake=1 - ;; - --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) - lockFlags+=("$i") - ;; - --update-input) - j="$1"; shift 1 - lockFlags+=("$i" "$j") - ;; - --override-input) - j="$1"; shift 1 - k="$1"; shift 1 - lockFlags+=("$i" "$j" "$k") - ;; - --json) - json=1 - ;; - *) - log "$0: unknown option \`$i'" - exit 1 - ;; - esac -done - -if [[ -n "$SUDO_USER" ]]; then - useSudo=1 -fi - -# log the given argument to stderr if verbose mode is on -logVerbose() { - if [ -n "$verboseScript" ]; then - echo "$@" >&2 - fi -} - -# Run a command, logging it first if verbose mode is on -runCmd() { - logVerbose "$" "$@" - "$@" -} - -buildHostCmd() { - local c - if [[ "${useSudo:-x}" = 1 ]]; then - c=("sudo") - else - c=() - fi - - if [ -z "$buildHost" ]; then - runCmd "$@" - elif [ -n "$remoteNix" ]; then - runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" env PATH="$remoteNix":'$PATH' "$@" - else - runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" "$@" - fi -} - -targetHostCmd() { - local c - if [[ "${useSudo:-x}" = 1 ]]; then - c=("sudo") - else - c=() - fi - - if [ -z "$targetHost" ]; then - runCmd "${c[@]}" "$@" - else - runCmd ssh $SSHOPTS "$targetHost" "${c[@]}" "$@" - fi -} - -targetHostSudoCmd() { - if [ -n "$remoteSudo" ]; then - useSudo=1 SSHOPTS="$SSHOPTS -t" targetHostCmd "$@" - else - # While a tty might not be necessary, we apply it to be consistent with - # sudo usage, and an experience that is more consistent with local deployment. - SSHOPTS="$SSHOPTS -t" targetHostCmd "$@" - fi -} - -copyToTarget() { - if ! [ "$targetHost" = "$buildHost" ]; then - if [ -z "$targetHost" ]; then - logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" - NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyFlags[@]}" --from "$buildHost" "$1" - elif [ -z "$buildHost" ]; then - logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" - NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyFlags[@]}" --to "$targetHost" "$1" - else - buildHostCmd nix-copy-closure "${copyFlags[@]}" --to "$targetHost" "$1" - fi - fi -} - -nixBuild() { - logVerbose "Building in legacy (non-flake) mode." - if [ -z "$buildHost" ]; then - logVerbose "No --build-host given, running nix-build locally" - runCmd nix-build "$@" - else - logVerbose "buildHost set to \"$buildHost\", running nix-build remotely" - local instArgs=() - local buildArgs=() - local drv= - - while [ "$#" -gt 0 ]; do - local i="$1"; shift 1 - case "$i" in - -o) - local out="$1"; shift 1 - buildArgs+=("--add-root" "$out" "--indirect") - ;; - -A) - local j="$1"; shift 1 - instArgs+=("$i" "$j") - ;; - -I) # We don't want this in buildArgs - shift 1 - ;; - --no-out-link) # We don't want this in buildArgs - ;; - "<"*) # nix paths - instArgs+=("$i") - ;; - *) - buildArgs+=("$i") - ;; - esac - done - - drv="$(runCmd nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" - if [ -a "$drv" ]; then - logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" - NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure --to "$buildHost" "$drv" - buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" - else - log "nix-instantiate failed" - exit 1 - fi - fi -} - -nixFlakeBuild() { - logVerbose "Building in flake mode." - if [[ -z "$buildHost" && -z "$targetHost" && "$action" != switch && "$action" != boot && "$action" != test && "$action" != dry-activate ]] - then - runCmd nix "${flakeFlags[@]}" build "$@" - readlink -f ./result - elif [ -z "$buildHost" ]; then - runCmd nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result" - readlink -f "${tmpDir}/result" - else - local attr="$1" - shift 1 - local evalArgs=() - local buildArgs=() - local drv= - - while [ "$#" -gt 0 ]; do - local i="$1"; shift 1 - case "$i" in - --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) - evalArgs+=("$i") - ;; - --update-input) - local j="$1"; shift 1 - evalArgs+=("$i" "$j") - ;; - --override-input) - local j="$1"; shift 1 - local k="$1"; shift 1 - evalArgs+=("$i" "$j" "$k") - ;; - --impure) # We don't want this in buildArgs, it's only needed at evaluation time, and unsupported during realisation - ;; - *) - buildArgs+=("$i") - ;; - esac - done - - drv="$(runCmd nix "${flakeFlags[@]}" eval --raw "${attr}.drvPath" "${evalArgs[@]}" "${extraBuildFlags[@]}")" - if [ -a "$drv" ]; then - logVerbose "Running nix with these NIX_SSHOPTS: $SSHOPTS" - NIX_SSHOPTS=$SSHOPTS runCmd nix "${flakeFlags[@]}" copy "${copyFlags[@]}" --derivation --to "ssh://$buildHost" "$drv" - buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" - else - log "nix eval failed" - exit 1 - fi - fi -} - - -if [ -z "$action" ]; then showSyntax; fi - -# Only run shell scripts from the Nixpkgs tree if the action is -# "switch", "boot", or "test". With other actions (such as "build"), -# the user may reasonably expect that no code from the Nixpkgs tree is -# executed, so it's safe to run nixos-rebuild against a potentially -# untrusted tree. -canRun= -if [[ "$action" = switch || "$action" = boot || "$action" = test ]]; then - canRun=1 -fi - -# Verify that user is not trying to use attribute building and flake -# at the same time -if [[ -z $buildingAttribute && -n $flake ]]; then - log "error: '--flake' cannot be used with '--file' or '--attr'" - exit 1 -fi - -# If ‘--upgrade’ or `--upgrade-all` is given, -# run ‘nix-channel --update nixos’. -if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then - # If --upgrade-all is passed, or there are other channels that - # contain a file called ".update-on-nixos-rebuild", update them as - # well. Also upgrade the nixos channel. - - for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do - channel_name=$(basename "$channelpath") - - if [[ "$channel_name" == "nixos" ]]; then - runCmd nix-channel --update "$channel_name" - elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then - runCmd nix-channel --update "$channel_name" - elif [[ -n $upgrade_all ]] ; then - runCmd nix-channel --update "$channel_name" - fi - done -fi - -# Make sure that we use the Nix package we depend on, not something -# else from the PATH for nix-{env,instantiate,build}. This is -# important, because NixOS defaults the architecture of the rebuilt -# system to the architecture of the nix-* binaries used. So if on an -# amd64 system the user has an i686 Nix package in her PATH, then we -# would silently downgrade the whole system to be i686 NixOS on the -# next reboot. -if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then - export PATH=@nix@/bin:$PATH -fi - -# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the -# actual flake. -if [[ -z $flake && -e /etc/nixos/flake.nix && -z $noFlake ]]; then - flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" -fi - -# For convenience, use the hostname as the default configuration to -# build from the flake. -if [[ -n $flake ]]; then - if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then - flake="${BASH_REMATCH[1]}" - flakeAttr="${BASH_REMATCH[2]}" - fi - if [[ -z $flakeAttr ]]; then - hostname="$(targetHostCmd cat /proc/sys/kernel/hostname)" - if [[ -z $hostname ]]; then - hostname=default - fi - flakeAttr="nixosConfigurations.\"$hostname\"" - else - flakeAttr="nixosConfigurations.\"$flakeAttr\"" - fi -fi - -if [[ ! -z "$specialisation" && ! "$action" = switch && ! "$action" = test ]]; then - log "error: ‘--specialisation’ can only be used with ‘switch’ and ‘test’" - exit 1 -fi - -tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) - -if [[ ${#tmpDir} -ge 60 ]]; then - # Very long tmp dirs lead to "too long for Unix domain socket" - # SSH ControlPath errors. Especially macOS sets long TMPDIR paths. - rmdir "$tmpDir" - tmpDir=$(TMPDIR= mktemp -t -d nixos-rebuild.XXXXXX) -fi - -cleanup() { - for ctrl in "$tmpDir"/ssh-*; do - ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true - done - rm -rf "$tmpDir" -} -trap cleanup EXIT - - -# Re-execute nixos-rebuild from the Nixpkgs tree. -if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast ]]; then - if [[ -z $buildingAttribute ]]; then - p=$(runCmd nix-build --no-out-link $buildFile -A "${attr:+$attr.}config.system.build.nixos-rebuild" "${extraBuildFlags[@]}") - SHOULD_REEXEC=1 - elif [[ -z $flake ]]; then - if p=$(runCmd nix-build --no-out-link --expr 'with import {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then - SHOULD_REEXEC=1 - fi - else - runCmd nix "${flakeFlags[@]}" build --out-link "${tmpDir}/nixos-rebuild" "$flake#$flakeAttr.config.system.build.nixos-rebuild" "${extraBuildFlags[@]}" "${lockFlags[@]}" - if p=$(readlink -e "${tmpDir}/nixos-rebuild"); then - SHOULD_REEXEC=1 - fi - fi - - if [[ -n $SHOULD_REEXEC ]]; then - export _NIXOS_REBUILD_REEXEC=1 - # Manually call cleanup as the EXIT trap is not triggered when using exec - cleanup - runCmd exec "$p/bin/nixos-rebuild" "${origArgs[@]}" - exit 1 - fi -fi - -# Find configuration.nix and open editor instead of building. -if [ "$action" = edit ]; then - if [[ -n $attr || -n $buildFile ]]; then - log "error: '--file' and '--attr' are not supported with 'edit'" - exit 1 - elif [[ -z $flake ]]; then - NIXOS_CONFIG=${NIXOS_CONFIG:-$(runCmd nix-instantiate --find-file nixos-config)} - if [[ -d $NIXOS_CONFIG ]]; then - NIXOS_CONFIG=$NIXOS_CONFIG/default.nix - fi - runCmd exec ${EDITOR:-nano} "$NIXOS_CONFIG" - else - runCmd exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" - fi - exit 1 -fi - -SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60" - -# First build Nix, since NixOS may require a newer version than the -# current one. -if [[ -n "$rollback" || "$action" = dry-build ]]; then - buildNix= -fi - -nixSystem() { - machine="$(uname -m)" - if [[ "$machine" =~ i.86 ]]; then - machine=i686 - fi - echo $machine-linux -} - -prebuiltNix() { - machine="$1" - if [ "$machine" = x86_64 ]; then - echo @nix_x86_64_linux@ - elif [[ "$machine" =~ i.86 ]]; then - echo @nix_i686_linux@ - elif [[ "$machine" = aarch64 ]]; then - echo @nix_aarch64_linux@ - else - log "$0: unsupported platform" - exit 1 - fi -} - -getNixDrv() { - nixDrv= - - if [[ -z $buildingAttribute ]]; then - if nixDrv="$(runCmd nix-instantiate $buildFile --add-root "$tmpDir/nix.drv" --indirect -A ${attr:+$attr.}config.nix.package.out "${extraBuildFlags[@]}")"; then return; fi - fi - if nixDrv="$(runCmd nix-instantiate '' --add-root "$tmpDir/nix.drv" --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then return; fi - if nixDrv="$(runCmd nix-instantiate '' --add-root "$tmpDir/nix.drv" --indirect -A nix "${extraBuildFlags[@]}")"; then return; fi - - if ! nixStorePath="$(runCmd nix-instantiate --eval '' -A "$(nixSystem)" | sed -e 's/^"//' -e 's/"$//')"; then - nixStorePath="$(prebuiltNix "$(uname -m)")" - fi - if ! runCmd nix-store -r "$nixStorePath" --add-root "${tmpDir}/nix" --indirect \ - --option extra-binary-caches https://cache.nixos.org/; then - log "warning: don't know how to get latest Nix" - fi - # Older version of nix-store -r don't support --add-root. - [ -e "$tmpDir/nix" ] || ln -sf "$nixStorePath" "$tmpDir/nix" - if [ -n "$buildHost" ]; then - remoteNixStorePath="$(runCmd prebuiltNix "$(buildHostCmd uname -m)")" - remoteNix="$remoteNixStorePath/bin" - if ! buildHostCmd nix-store -r "$remoteNixStorePath" \ - --option extra-binary-caches https://cache.nixos.org/ >/dev/null; then - remoteNix= - log "warning: don't know how to get latest Nix" - fi - fi -} - -if [[ -n $buildNix && -z $flake ]]; then - log "building Nix..." - getNixDrv - if [ -a "$nixDrv" ]; then - nix-store -r "$nixDrv"'!'"out" --add-root "$tmpDir/nix" --indirect >/dev/null - if [ -n "$buildHost" ]; then - nix-copy-closure "${copyFlags[@]}" --to "$buildHost" "$nixDrv" - # The nix build produces multiple outputs, we add them all to the remote path - for p in $(buildHostCmd nix-store -r "$(readlink "$nixDrv")" "${buildArgs[@]}"); do - remoteNix="$remoteNix${remoteNix:+:}$p/bin" - done - fi - fi - PATH="$tmpDir/nix/bin:$PATH" -fi - - -# Update the version suffix if we're building from Git (so that -# nixos-version shows something useful). -if [[ -n $canRun && -z $flake ]]; then - if nixpkgs=$(runCmd nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then - suffix=$(runCmd $SHELL "$nixpkgs/nixos/modules/installer/tools/get-version-suffix" "${extraBuildFlags[@]}" || true) - if [ -n "$suffix" ]; then - echo -n "$suffix" > "$nixpkgs/.version-suffix" || true - fi - fi -fi - - -if [ "$action" = dry-build ]; then - extraBuildFlags+=(--dry-run) -fi - -if [ "$action" = repl ]; then - # This is a very end user command, implemented using sub-optimal means. - # You should feel free to improve its behavior, as well as resolve tech - # debt in "breaking" ways. Humans adapt quite well. - if [[ -z $buildingAttribute ]]; then - exec nix repl --file $buildFile $attr "${extraBuildFlags[@]}" - elif [[ -z $flake ]]; then - exec nix repl '' "${extraBuildFlags[@]}" - else - if [[ -n "${lockFlags[0]}" ]]; then - # nix repl itself does not support locking flags - log "nixos-rebuild repl does not support locking flags yet" - exit 1 - fi - d='$' - q='"' - bold="$(echo -e '\033[1m')" - blue="$(echo -e '\033[34;1m')" - attention="$(echo -e '\033[35;1m')" - reset="$(echo -e '\033[0m')" - if [[ -e $flake ]]; then - flakePath=$(realpath "$flake") - else - flakePath=$flake - fi - # This nix repl invocation is impure, because usually the flakeref is. - # For a solution that preserves the motd and custom scope, we need - # something like https://github.com/NixOS/nix/issues/8679. - exec nix repl --impure --expr " - let flake = builtins.getFlake ''$flakePath''; - configuration = flake.$flakeAttr; - motd = '' - $d{$q\n$q} - Hello and welcome to the NixOS configuration - $flakeAttr - in $flake - - The following is loaded into nix repl's scope: - - - ${blue}config${reset} All option values - - ${blue}options${reset} Option data and metadata - - ${blue}pkgs${reset} Nixpkgs package set - - ${blue}lib${reset} Nixpkgs library functions - - other module arguments - - - ${blue}flake${reset} Flake outputs, inputs and source info of $flake - - Use tab completion to browse around ${blue}config${reset}. - - Use ${bold}:r${reset} to ${bold}reload${reset} everything after making a change in the flake. - (assuming $flake is a mutable flake ref) - - See ${bold}:?${reset} for more repl commands. - - ${attention}warning:${reset} nixos-rebuild repl does not currently enforce pure evaluation. - ''; - scope = - assert configuration._type or null == ''configuration''; - assert configuration.class or ''nixos'' == ''nixos''; - configuration._module.args // - configuration._module.specialArgs // - { - inherit (configuration) config options; - lib = configuration.lib or configuration.pkgs.lib; - inherit flake; - }; - in builtins.seq scope builtins.trace motd scope - " "${extraBuildFlags[@]}" - fi -fi - -if [ "$action" = list-generations ]; then - if [ ! -L "$profile" ]; then - log "No profile \`$(basename "$profile")' found" - exit 1 - fi - - generation_from_dir() { - generation_dir="$1" - generation_base="$(basename "$generation_dir")" # Has the format "system-123-link" for generation 123 - no_link_gen="${generation_base%-link}" # remove the "-link" - echo "${no_link_gen##*-}" # remove everything before the last dash - } - describe_generation(){ - generation_dir="$1" - generation_number="$(generation_from_dir "$generation_dir")" - nixos_version="$(cat "$generation_dir/nixos-version" 2> /dev/null || echo "Unknown")" - - kernel_dir="$(dirname "$(realpath "$generation_dir/kernel")")" - kernel_version="$(ls "$kernel_dir/lib/modules" || echo "Unknown")" - - configurationRevision="$("$generation_dir/sw/bin/nixos-version" --configuration-revision 2> /dev/null || true)" - - # Old nixos-version output ignored unknown flags and just printed the version - # therefore the following workaround is done not to show the default output - nixos_version_default="$("$generation_dir/sw/bin/nixos-version")" - if [ "$configurationRevision" == "$nixos_version_default" ]; then - configurationRevision="" - fi - - # jq automatically quotes the output => don't try to quote it in output! - build_date="$(stat "$generation_dir" --format=%W | jq 'todate')" - - pushd "$generation_dir/specialisation/" > /dev/null || : - specialisation_list=(*) - popd > /dev/null || : - - specialisations="$(jq --compact-output --null-input '$ARGS.positional' --args -- "${specialisation_list[@]}")" - - if [ "$(basename "$generation_dir")" = "$(readlink "$profile")" ]; then - current_generation_tag="true" - else - current_generation_tag="false" - fi - - # Escape userdefined strings - nixos_version="$(jq -aR <<< "$nixos_version")" - kernel_version="$(jq -aR <<< "$kernel_version")" - configurationRevision="$(jq -aR <<< "$configurationRevision")" - cat << EOF -{ - "generation": $generation_number, - "date": $build_date, - "nixosVersion": $nixos_version, - "kernelVersion": $kernel_version, - "configurationRevision": $configurationRevision, - "specialisations": $specialisations, - "current": $current_generation_tag -} -EOF - } - - find "$(dirname "$profile")" -regex "$profile-[0-9]+-link" | - sort -Vr | - while read -r generation_dir; do - describe_generation "$generation_dir" - done | - if [ -z "$json" ]; then - jq --slurp -r '.[] | [ - ([.generation, (if .current == true then "current" else "" end)] | join(" ")), - (.date | fromdate | strflocaltime("%Y-%m-%d %H:%M:%S")), - .nixosVersion, .kernelVersion, .configurationRevision, - (.specialisations | join(" ")) - ] | @tsv' | - column --separator $'\t' --table --table-columns "Generation,Build-date,NixOS version,Kernel,Configuration Revision,Specialisation" | - ${PAGER:cat} - else - jq --slurp . - fi - exit 0 -fi - - -# Either upgrade the configuration in the system profile (for "switch" -# or "boot"), or just build it and create a symlink "result" in the -# current directory (for "build" and "test"). -if [ -z "$rollback" ]; then - log "building the system configuration..." - if [[ "$action" = switch || "$action" = boot ]]; then - if [[ -z $buildingAttribute ]]; then - pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.toplevel" "${extraBuildFlags[@]}")" - elif [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' --no-out-link -A system "${extraBuildFlags[@]}")" - else - pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}")" - fi - copyToTarget "$pathToConfig" - targetHostSudoCmd nix-env -p "$profile" --set "$pathToConfig" - elif [[ "$action" = test || "$action" = build || "$action" = dry-build || "$action" = dry-activate ]]; then - if [[ -z $buildingAttribute ]]; then - pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.toplevel" "${extraBuildFlags[@]}")" - elif [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A system -k "${extraBuildFlags[@]}")" - else - pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}")" - fi - elif [ "$action" = build-vm ]; then - if [[ -z $buildingAttribute ]]; then - pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.vm" "${extraBuildFlags[@]}")" - elif [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A vm -k "${extraBuildFlags[@]}")" - else - pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.vm" "${extraBuildFlags[@]}" "${lockFlags[@]}")" - fi - elif [ "$action" = build-vm-with-bootloader ]; then - if [[ -z $buildingAttribute ]]; then - pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.vmWithBootLoader" "${extraBuildFlags[@]}")" - elif [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A vmWithBootLoader -k "${extraBuildFlags[@]}")" - else - pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.vmWithBootLoader" "${extraBuildFlags[@]}" "${lockFlags[@]}")" - fi - else - showSyntax - fi - # Copy build to target host if we haven't already done it - if ! [[ "$action" = switch || "$action" = boot ]]; then - copyToTarget "$pathToConfig" - fi -else # [ -n "$rollback" ] - if [[ "$action" = switch || "$action" = boot ]]; then - targetHostSudoCmd nix-env --rollback -p "$profile" - pathToConfig="$profile" - elif [[ "$action" = test || "$action" = build ]]; then - systemNumber=$( - targetHostCmd nix-env -p "$profile" --list-generations | - sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h' - ) - pathToConfig="$profile"-${systemNumber}-link - if [ -z "$targetHost" ]; then - ln -sT "$pathToConfig" ./result - fi - else - showSyntax - fi -fi - - -# If we're not just building, then make the new configuration the boot -# default and/or activate it now. -if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" = dry-activate ]]; then - # Using systemd-run here to protect against PTY failures/network - # disconnections during rebuild. - # See: https://github.com/NixOS/nixpkgs/issues/39118 - cmd=( - "systemd-run" - "-E" "LOCALE_ARCHIVE" # Will be set to new value early in switch-to-configuration script, but interpreter starts out with old value - "-E" "NIXOS_INSTALL_BOOTLOADER=$installBootloader" - "--collect" - "--no-ask-password" - "--pipe" - "--quiet" - "--same-dir" - "--service-type=exec" - "--unit=nixos-rebuild-switch-to-configuration" - "--wait" - ) - # Check if we have a working systemd-run. In chroot environments we may have - # a non-working systemd, so we fallback to not using systemd-run. - # You may also want to explicitly set NIXOS_SWITCH_USE_DIRTY_ENV environment - # variable, since systemd-run runs inside an isolated environment and - # this may break some post-switch scripts. However keep in mind that this - # may be dangerous in remote access (e.g. SSH). - if [[ -n "$NIXOS_SWITCH_USE_DIRTY_ENV" ]]; then - log "warning: skipping systemd-run since NIXOS_SWITCH_USE_DIRTY_ENV is set. This environment variable will be ignored in the future" - cmd=("env" "NIXOS_INSTALL_BOOTLOADER=$installBootloader") - elif ! targetHostSudoCmd "${cmd[@]}" true; then - logVerbose "Skipping systemd-run to switch configuration since it is not working in target host." - cmd=( - "env" - "-i" - "LOCALE_ARCHIVE=$LOCALE_ARCHIVE" - "NIXOS_INSTALL_BOOTLOADER=$installBootloader" - ) - else - logVerbose "Using systemd-run to switch configuration." - fi - if [[ -z "$specialisation" ]]; then - cmd+=("$pathToConfig/bin/switch-to-configuration") - else - cmd+=("$pathToConfig/specialisation/$specialisation/bin/switch-to-configuration") - - if [ -z "$targetHost" ]; then - specialisationExists=$(test -f "${cmd[-1]}") - else - specialisationExists=$(targetHostCmd test -f "${cmd[-1]}") - fi - - if ! $specialisationExists; then - log "error: specialisation not found: $specialisation" - exit 1 - fi - fi - - if ! targetHostSudoCmd "${cmd[@]}" "$action"; then - log "warning: error(s) occurred while switching to the new configuration" - exit 1 - fi -fi - - -if [[ "$action" = build-vm || "$action" = build-vm-with-bootloader ]]; then - cat >&2 <> ~/configuration.nix < ~/hardware-configuration.nix - - - echo Test traditional NixOS configuration - ######################################### - - expect ${writeText "test-nixos-rebuild-repl-expect" '' - ${expectSetup} - spawn nixos-rebuild repl --fast - - expect "nix-repl> " - - send "config.networking.hostName\n" - expect "\"nixos\"" - ''} - - - echo Test flake based NixOS configuration - ######################################### - - # Switch to flake flavored environment - unset NIX_PATH - cat > $NIX_CONF_DIR/nix.conf < ~/hardware-configuration.nix - - cat >~/flake.nix <" - - send "config.networking.hostName\n" - expect_simple "itsme" - - expect_simple "nix-repl>" - send "lib.version\n" - expect_simple ${escapeExpect ( - # The version string is a bit different in the flake lib, so we expect a prefix and ignore the rest - # Furthermore, including the revision (suffix) would cause unnecessary rebuilds. - # Note that a length of 4 only matches e.g. "24. - lib.strings.substring 0 4 (lib.strings.escapeNixString lib.version))} - - # Make sure it's the right lib - should be the flake lib, not Nixpkgs lib. - expect_simple "nix-repl>" - send "lib?nixosSystem\n" - expect_simple "true" - expect_simple "nix-repl>" - send "lib?nixos\n" - expect_simple "true" - ''} - - pushd "$HOME" - expect ${writeText "test-nixos-rebuild-repl-relative-path-expect" '' - ${expectSetup} - spawn sh -c "nixos-rebuild repl --fast --flake .#testconf" - - expect_simple "nix-repl>" - - send "config.networking.hostName\n" - expect_simple "itsme" - ''} - popd - - echo - - ######### - echo Done - touch $out -'' diff --git a/pkgs/by-name/ra/ranger-git/package.nix b/pkgs/by-name/ra/ranger-git/package.nix new file mode 100644 index 0000000..7efb7ce --- /dev/null +++ b/pkgs/by-name/ra/ranger-git/package.nix @@ -0,0 +1,55 @@ +{ + ranger, + + den-http-get-updater, + fetchFromGitHub, + fetchpatch, + lib, + python3Packages, +}: + +ranger.overrideAttrs (selfAttrs: superAttrs: { + pname = "ranger"; + version = "0-unsatble-git-${lib.substring 0 7 selfAttrs.src.rev}"; + name = "${selfAttrs.pname}-${selfAttrs.version}"; + + src = fetchFromGitHub { + owner = "ranger"; + repo = "ranger"; + rev = "7e38143eaa91c82bed8f309aa167b1e6f2607576"; + hash = "sha256-O0DjecncpN+Bv8Ng+keuvU9iVtWAV4a50p959pMvkww="; + }; + + patches = superAttrs.patches or [] ++ [ + (fetchpatch { + url = "https://github.com/ranger/ranger/commit/c6bd9e051e8429fb8dcf16acf6ae9d34f14ecb24.patch"; + hash = "sha256-NOGL51Ctv0Rmo+lbUY8awimo/9K007mPfRUnYBihRNQ="; + }) + ]; + + propagatedBuildInputs = with python3Packages; [ + # required for test suite, it's being ran during package build for some reason + flake8 + pylint + pytest + setuptools + ] ++ superAttrs.propagatedBuildInputs; + + passthru = superAttrs.passthru // { + updateScript = den-http-get-updater { + fileLocation = builtins.toString ./package.nix; + previousVersion = selfAttrs.src.rev; + versionUrl = "https://api.github.com/repos/ranger/ranger/commits"; + contentParser = "jq -rc '.[0].sha' <<< \"$newVersion\""; + prefetchList = [{ + unpack = true; + previousHash = selfAttrs.src.outputHash; + prefetchUrlLocation = { + # FIXME: this is ugly + file = ../../../../outputs.nix; + attrpath = "updateList.packages/ranger-git.src.url"; + }; + }]; + }; + }; +}) diff --git a/pkgs/by-name/sp/SPFlashTool5/package.nix b/pkgs/by-name/sp/SPFlashTool5/package.nix new file mode 100644 index 0000000..6e155d5 --- /dev/null +++ b/pkgs/by-name/sp/SPFlashTool5/package.nix @@ -0,0 +1,71 @@ +{ + lib, + autoPatchelfHook, + fetchurl, + fontconfig, + freetype, + glib, + libgcc, + libjpeg, + libpng12, + libz, + makeWrapper, + stdenvNoCC, + unzip, + xorg, +}: + +stdenvNoCC.mkDerivation (self: { + pname = "SPFlashTool5"; + version = "5.2228"; + src = fetchurl { + url = "https://spflashtools.com/wp-content/uploads/SP_Flash_Tool_v5.2228_Linux.zip"; + hash = "sha256-GLEe7TQf1X/rf7xYp7jrk0KbrMfSWpk4eK+KC26Y3xA="; + }; + nativeBuildInputs = [ + autoPatchelfHook + makeWrapper + unzip + ]; + buildInputs = [ + fontconfig + freetype + glib + libgcc + libjpeg + libpng12 + libz + xorg.libSM + xorg.libX11 + xorg.libXext + xorg.libXrender + ]; + # remove plugins that have outdated dependencies not available in nixpkgs + # they are not needed to run the tool anyway + prePatch = '' + rm \ + plugins/imageformats/libqsvg.so \ + plugins/imageformats/libqmng.so \ + plugins/imageformats/libqtiff.so + ''; + dontConfigure = true; + dontBuild = true; + dontCheck = true; + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + mkdir -p $out/share/SPFlashTool5 + cp -r * $out/share/SPFlashTool5 + chmod +x $out/share/SPFlashTool5/flash_tool + makeWrapper $out/share/SPFlashTool5/flash_tool $out/bin/SPFlashTool5 + + runHook postInstall + ''; + meta = { + description = "Flash tool for MediaTek devices"; + homepage = "https://spflashtools.com/"; + license = lib.licenses.unfree; + maintainers = with lib.maintainers; [ amozeo ]; + }; +}) diff --git a/pkgs/overlays/cosmic-packages.nix b/pkgs/overlays/cosmic-packages.nix index 1722c18..c41fdf0 100644 --- a/pkgs/overlays/cosmic-packages.nix +++ b/pkgs/overlays/cosmic-packages.nix @@ -1,46 +1,23 @@ -{ inputs ? import ../../inputs.nix {}}: +{ + inputs ? import ../../inputs.nix {}, + rustPlatform ? null, +}: self: super: let nixos-cosmic = inputs.cosmic-modules; - cosmicPkgsMainDir = builtins.readDir "${nixos-cosmic}/pkgs"; - cosmicPkgsDirs = builtins.filter (v: cosmicPkgsMainDir."${v}" == "directory") (builtins.attrNames cosmicPkgsMainDir); - # FIXME: use unstable nixpkgs when rust 1.80 will be available in unstable - stagingNixpkgsSrc = builtins.fetchTarball { - name = "nixpkgs"; - url = "https://github.com/NixOS/nixpkgs/archive/b79cec4237cd0f655562890bf927466c68b48d68.tar.gz"; - sha256 = "1mswisq9iwffg2d6rfxvr27mvi4w853d9rn222s2g76445d0iqh8"; - }; - - # Take rustPackages from staging nixpkgs - stagingNixpkgs = import stagingNixpkgsSrc { - localSystem = self.stdenv.buildPlatform; - config = self.config; - } // (if self.stdenv.buildPlatform == self.stdenv.hostPlatform then {} else { - crossSystem = self.stdenv.hostPlatform; - }); - futureRustPackages = stagingNixpkgs.rustPackages; - - # Create nixpkgs with future rust - nixpkgsWithFutureRust = self.extend (futureSelf: futureSuper: { - rustPackages = futureRustPackages; - }); - - # Create cosmicPkgs that contains cosmic packages built from nixpkgs with future rust - cosmicOverlay = cosmicSelf: cosmicSuper: builtins.listToAttrs ( - builtins.map (v: {name = v; value = nixpkgsWithFutureRust.callPackage "${nixos-cosmic}/pkgs/${v}/package.nix" {};}) cosmicPkgsDirs - ); - cosmicNixpkgs = import inputs.nixpkgs { - localSystem = self.stdenv.buildPlatform; - config = self.config; - overlays = [ cosmicOverlay ]; - } // (if self.stdenv.buildPlatform == self.stdenv.hostPlatform then {} else { - crossSystem = self.stdenv.hostPlatform; - }); + # Initialize pinned unstable nixpkgs + futureNixpkgs = let + extended = self.extend (import ./unstable-from-source.nix { + unstableSource = inputs.nixpkgs-unstable; + }); + in extended.unstable; in -builtins.listToAttrs ( - builtins.map (v: {name = v; value = cosmicNixpkgs.${v};}) cosmicPkgsDirs -) +import "${nixos-cosmic}/pkgs" { + final = self; + prev = super; + rustPlatform = if rustPlatform != null then rustPlatform else futureNixpkgs.rustPlatform; +} diff --git a/pkgs/overlays/selfExpr.nix b/pkgs/overlays/selfExpr.nix index 4dd0312..9b80b9f 100644 --- a/pkgs/overlays/selfExpr.nix +++ b/pkgs/overlays/selfExpr.nix @@ -7,7 +7,10 @@ in self: super: { selfExpr = let config = builtins.removeAttrs self.config [ "_undeclared" ]; - configJson = builtins.toJSON config; + configJson = self.lib.pipe config [ + (self.lib.filterAttrsRecursive (_: v: !self.lib.isFunction v)) + builtins.toJSON + ]; getSelfExpr = { useConfig ? true, diff --git a/pkgs/overlays/unstable-from-source.nix b/pkgs/overlays/unstable-from-source.nix new file mode 100644 index 0000000..416b778 --- /dev/null +++ b/pkgs/overlays/unstable-from-source.nix @@ -0,0 +1,74 @@ +{ + unstableSource, + attributeName ? "unstable", + # callPackage :: function | boolean + callPackage ? false, +}: + +self: super: + +let + useUnstable = self.config.useUnstable or true; + sanitizePlatform = platformConfig: self.lib.removeAttrs platformConfig [ + "emulator" + "emulatorAvailable" + "darwinSdkVersion" + "darwinMinVersion" + "parsed" + ]; + + # if overlay is found in previous layer, then it was provided in "overlays" argument + # otherwise, it is provided in "crossOverlays" argument. + overlays = self.lib.groupBy (overlay: + if self.lib.elem overlay self.buildPackages.overlays then "allLayers" + else "finalLayer" + ) self.overlays; + + unstablePkgs = import unstableSource { + # localSystem -> pkgs.stdenv.buildPlatform + localSystem = sanitizePlatform self.stdenv.buildPlatform; + # crossSystem -> pkgs.stdenv.hostPlatform or pkgs.stdenv.targetPlatform ?? + # passing below + # config -> pkgs.config + config = self.config; + # overlays -> pkgs.buildPackages.overlays + overlays = overlays.allLayers or []; + # crossOverlays -> pkgs.overlays without pkgs.buildPackages.overlays + crossOverlays = overlays.finalLayer or []; + } // self.lib.optionalAttrs ( + self.lib.systems.equals self.stdenv.buildPlatform self.stdenv.hostPlatform + ) { + # workaround for some odd structured packages that changes behaviour + # when crossSystem is passed. + crossSystem = sanitizePlatform self.stdenv.hostPlatform; + }; + + callPackage' = if builtins.isFunction callPackage then callPackage + else if builtins.isBool callPackage && callPackage then self.callPackage + else if builtins.isBool callPackage && !callPackage then throw "this should never be evaluated" + else throw '' + callPackage argument should be a function or a boolean. + If you want to use the callPackage from self, set it to true. + If you want to use a custom callPackage, set it to a function (pkgs.callPackage). + ''; + + callPackagesUnstablePkgs = self.lib.mapAttrsRecursiveCond ( + attrset: !(self.lib.hasAttr "override" attrset) && attrset.recurseForDerivations or false + ) ( + _: unstablePackage: callPackage' { + # For some reason, override functor of the package has its argument set as required, + # which is totally false! the override functor can take all of those arguemnts optionally. + __functionArgs = self.lib.mapAttrs (_: _: true) (self.lib.functionArgs unstablePackage.override); + __functor = + if builtins.isFunction unstablePackage.override then unstablePackage.override + else unstablePackage.override.__functor; + } {} + ) unstablePkgs; + +in +{ + "${attributeName}" = if !useUnstable then self + # if callPackage is not false + else if !(builtins.isBool callPackage && !callPackage) then callPackagesUnstablePkgs + else unstablePkgs; +} diff --git a/pkgs/overlays/unstable-latest.nix b/pkgs/overlays/unstable-latest.nix new file mode 100644 index 0000000..68636c0 --- /dev/null +++ b/pkgs/overlays/unstable-latest.nix @@ -0,0 +1,25 @@ +self: super: + +let + nixos = self.config.unstable-latest.nixos or true; + useUnstable = self.config.useUnstable or true; + + unstablePkgsExprs = if nixos + then builtins.fetchTarball "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" + else builtins.fetchTarball "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz"; + + # Compiled nixpkgs expression eg expressions from a nix channel + nixpkgsVersion = builtins.concatStringsSep "." [ + (builtins.readFile "${unstablePkgsExprs}/.version") + (builtins.readFile "${unstablePkgsExprs}/.version-suffix") + ]; + + nixpkgsRevision = (builtins.readFile "${unstablePkgsExprs}/.git-revision"); +in +import ./unstable-from-source.nix { + unstableSource = unstablePkgsExprs; + attributeName = "unstable-latest"; +} self super // { + unstableLatestVersion = if !useUnstable then null else nixpkgsVersion; + unstableLatestRevision = if !useUnstable then null else nixpkgsRevision; +} diff --git a/pkgs/overlays/unstable-with-meta.nix b/pkgs/overlays/unstable-with-meta.nix new file mode 100644 index 0000000..dbfbc2c --- /dev/null +++ b/pkgs/overlays/unstable-with-meta.nix @@ -0,0 +1,16 @@ +{ + unstableSource, + revision, +}: self: super: + +let + version = builtins.readFile "${unstableSource}/lib/.version" + ".git." + builtins.substring 0 12 revision; + useUnstable = self.config.useUnstable or true; + +in +import ./unstable-from-source.nix { + inherit unstableSource; +} self super // { + unstableVersion = self.lib.optionalString useUnstable version; + unstableRevision = self.lib.optionalString useUnstable revision; +} diff --git a/pkgs/overlays/unstable.nix b/pkgs/overlays/unstable.nix deleted file mode 100644 index 1cf4bae..0000000 --- a/pkgs/overlays/unstable.nix +++ /dev/null @@ -1,49 +0,0 @@ -self: super: - -let - nixos = self.config.nixos or true; - unstableRevision = self.config.unstableRevision or null; - unstableRevisionHash = self.config.unstableRevisionHash or null; - useUnstable = self.config.useUnstable or true; - - unstablePkgsExprs = if !builtins.isNull unstableRevision - then if !builtins.isNull unstableRevisionHash - then builtins.fetchTarball { - url = "https://github.com/NixOS/nixpkgs/archive/${unstableRevision}.tar.gz"; - sha256 = unstableRevisionHash; - } - else builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/${unstableRevision}.tar.gz" - else if nixos - then builtins.fetchTarball "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" - else builtins.fetchTarball "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz"; - - # Compiled nixpkgs expression eg expressions from a nix channel - nixpkgsVersion = builtins.concatStringsSep "." [ - (builtins.readFile "${unstablePkgsExprs}/.version") - (builtins.readFile "${unstablePkgsExprs}/.version-suffix") - ]; - - nixpkgsRevision = (builtins.readFile "${unstablePkgsExprs}/.git-revision"); - unstablePkgsForNixpkgs = nixpkgs: import unstablePkgsExprs { - # localSystem -> pkgs.stdenv.buildPlatform - localSystem = nixpkgs.stdenv.buildPlatform; - # crossSystem -> pkgs.stdenv.hostPlatform or pkgs.stdenv.targetPlatform ?? - # passing below - # config -> pkgs.config - config = nixpkgs.config; - # overlays -> partial of pkgs.overlays - overlays = nixpkgs.overlays; - # crossOverlays -> partial of pkgs.overlays - # crossOverlays are merged to overlays, not sure what issues that might raise. - # ignoring. - } // (if nixpkgs.stdenv.buildPlatform == nixpkgs.stdenv.hostPlatform then {} else { - # workaround for some odd structured packages that changes behaviour - # when crossSystem is passed. - crossSystem = nixpkgs.stdenv.hostPlatform; - }); -in -{ - unstable = if useUnstable then unstablePkgsForNixpkgs self else self; - unstableVersion = self.lib.optionalString useUnstable nixpkgsVersion; - unstableRevision = self.lib.optionalString useUnstable nixpkgsRevision; -} diff --git a/pkgs/overlays/version-info-fixup.nix b/pkgs/overlays/version-info-fixup.nix index 14d890e..b1f2ecc 100644 --- a/pkgs/overlays/version-info-fixup.nix +++ b/pkgs/overlays/version-info-fixup.nix @@ -1,5 +1,12 @@ { inputs ? import ../../inputs.nix {} }: self: super: { - lib = super.lib.extend (import ../../lib/overlays/version-info-fixup.nix { inherit inputs; }); + lib = super.lib.extend (import ../../lib/overlays/version-info-fixup.nix { revision = inputs.lock.nixpkgs.revision; }); +} // +super.lib.optionalAttrs (super ? unstable && super ? unstableRevision) { + unstable = super.unstable // { + lib = super.unstable.lib.extend (import ../../lib/overlays/version-info-fixup.nix { + revision = super.unstableRevision; + }); + }; } diff --git a/pkgs/top-level/by-name-overlay.nix b/pkgs/top-level/by-name-overlay.nix index ed63216..132c299 100644 --- a/pkgs/top-level/by-name-overlay.nix +++ b/pkgs/top-level/by-name-overlay.nix @@ -6,8 +6,9 @@ # Type: Path -> Overlay baseDirectory: +self: super: let - lib = (import ../../outputs.nix {}).lib; + lib = super.lib; inherit (builtins) readDir @@ -39,9 +40,7 @@ let # Filter out paths that don't have a ${nixFilename} file (lib.filterAttrs (_: lib.pathExists)) ]; -in -self: super: -mapAttrs (name: file: +in mapAttrs (name: file: self.callPackage file { inherit self super; package = super.${name}; } ) (packageFiles "override.nix") // mapAttrs (name: file: diff --git a/pkgs/top-level/default.nix b/pkgs/top-level/default.nix index fd3e12a..9194e56 100644 --- a/pkgs/top-level/default.nix +++ b/pkgs/top-level/default.nix @@ -1,4 +1,4 @@ -{ inputs ? import ../../inputs.nix {} +{ inputs ? (import ../../. {}).inputs , uninitializedNixpkgs ? import "${inputs.nixpkgs}/pkgs/top-level/default.nix" , ... } @ args: @@ -14,7 +14,8 @@ let overlays = (args.overlays or []) ++ [ # ../.. should be nix store path that represents self in outputs.nix that is gc-rooted by this point ( import ../overlays/selfExpr.nix { nixpkgsPath = "${builtins.toString ../..}/pkgs/top-level/impure.nix"; } ) - ( import ../overlays/unstable.nix ) + ( import ../overlays/unstable-with-meta.nix { unstableSource = inputs.nixpkgs-unstable; revision = inputs.lock.nixpkgs-unstable.revision; } ) + ( import ../overlays/unstable-latest.nix ) ( import ../overlays/version-info-fixup.nix { inherit inputs; } ) ( import ./by-name-overlay.nix ../by-name ) ]; diff --git a/update-list.nix b/update-list.nix new file mode 100644 index 0000000..012b930 --- /dev/null +++ b/update-list.nix @@ -0,0 +1,54 @@ +self: + +# MARK: inputs +( let + inputsWithPackages = import self.inputsPath { + pkgs = self.packagesForSystem builtins.currentSystem; + }; +in self.lib.concatMapAttrs (name: value: { + "inputs/${name}" = value; +}) inputsWithPackages +) + +# MARK: NixOS modules +// ( let + pkgs = self.modifiedNixpkgsPure { + localSystem = builtins.currentSystem; + config.allowUnfree = true; + }; + lib = pkgs.lib; + mkUpdater = path: attrpath: extraModule: let + system = pkgs.nixos { + imports = [ path extraModule ]; + config = { + _module.args = { + inherit self; + inherit (self) inputs; + }; + system.stateVersion = lib.versions.pad 2 lib.trivial.verison; + }; + }; + in lib.getAttrFromPath ( [ "config" ] ++ attrpath ) system; +in { + "NixOS/nvidia" = mkUpdater ./nixos/modules/nvidia.nix [ "hardware" "nvidia" "package" ] {}; +}) + +# MARK: packages +// ( let + purePkgs = import self.inputs.nixpkgs { + system = builtins.currentSystem; + config = {}; + overlays = []; + }; + modifiedPkgs = purePkgs.extend (import ./pkgs/top-level/by-name-overlay.nix ./pkgs/by-name); + lib = purePkgs.lib; +in + lib.pipe purePkgs [ + lib.attrNames + (lib.removeAttrs (modifiedPkgs)) + (lib.filterAttrs (_: lib.hasAttr "updateScript")) + (lib.concatMapAttrs (name: value: { + "packages/${name}" = value; + })) + ] +)