From 469b3746cfe1c2698b9c23d352d23b6c1133014e Mon Sep 17 00:00:00 2001 From: Parthiv Seetharaman Date: Mon, 4 Oct 2021 11:59:33 -0700 Subject: [PATCH 01/12] flake: update bud input --- flake.lock | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 70 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index f8da619..02e7a7d 100644 --- a/flake.lock +++ b/flake.lock @@ -20,6 +20,29 @@ "type": "github" } }, + "beautysh": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "bud", + "nixpkgs" + ], + "poetry2nix": "poetry2nix" + }, + "locked": { + "lastModified": 1630693543, + "narHash": "sha256-7Sly3ReaJZw60Qo0rpfN4jF6zy94nwQz6ENgUUFzJfg=", + "owner": "lovesegfault", + "repo": "beautysh", + "rev": "5609593961b70428f58d5c1b4b25cdda43b0d0bd", + "type": "github" + }, + "original": { + "owner": "lovesegfault", + "repo": "beautysh", + "type": "github" + } + }, "blank": { "locked": { "lastModified": 1625557891, @@ -37,6 +60,7 @@ }, "bud": { "inputs": { + "beautysh": "beautysh", "devshell": [ "digga", "devshell" @@ -46,11 +70,11 @@ ] }, "locked": { - "lastModified": 1627855680, - "narHash": "sha256-snDOrUp8nth2Vs3GeEXr7Xji+HaHy25htZLNvid/U3I=", + "lastModified": 1633373878, + "narHash": "sha256-9+ziZ8l6rq3yXyY6B0wYXrVdfxr6cdpEbPEGRHywBKc=", "owner": "divnix", "repo": "bud", - "rev": "612228a68d404d559405225427a5d8b3cef9d27c", + "rev": "4e709a2fcf19df500ba87d9c3b1b1481401cd53b", "type": "github" }, "original": { @@ -125,7 +149,7 @@ "blank": "blank", "deploy": "deploy", "devshell": "devshell", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "flake-utils-plus": "flake-utils-plus", "home-manager": [ "home" @@ -206,6 +230,21 @@ "type": "github" } }, + "flake-utils_2": { + "locked": { + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home": { "inputs": { "nixpkgs": [ @@ -418,6 +457,33 @@ "type": "github" } }, + "poetry2nix": { + "inputs": { + "flake-utils": [ + "bud", + "beautysh", + "flake-utils" + ], + "nixpkgs": [ + "bud", + "beautysh", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1625240517, + "narHash": "sha256-2E1gaOP+bCplhf3kliVQWK5N1NV2h06mkJk2KTiRTJQ=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "e40e8ed0e8c11e709e4c8c7c20174facd265a021", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", From 74208fb88f7832e0354e0646145784e55071b7af Mon Sep 17 00:00:00 2001 From: Parthiv Seetharaman Date: Mon, 4 Oct 2021 12:18:28 -0700 Subject: [PATCH 02/12] workflows: add check to run bud --- .github/workflows/check.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index e80861b..8fdf8d1 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -26,3 +26,4 @@ jobs: - run: nix -Lv flake check - run: nix -Lv build ".#nixosConfigurations.NixOS.config.system.build.toplevel" - run: nix -Lv develop -c echo OK + - run: nix -Lv develop --command bud --help From 8684105d21c1c59db27e499a5801023dd3ce2c7d Mon Sep 17 00:00:00 2001 From: Joel Date: Thu, 7 Oct 2021 19:11:21 +1000 Subject: [PATCH 03/12] docs: fix typos in concepts/suites --- doc/concepts/suites.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/concepts/suites.md b/doc/concepts/suites.md index 42a3db8..e9eef34 100644 --- a/doc/concepts/suites.md +++ b/doc/concepts/suites.md @@ -1,9 +1,9 @@ # Suites -Suites provide a mechanism for users to easily combine and name collecitons of +Suites provide a mechanism for users to easily combine and name collections of profiles. `suites` are defined in the `importables` argument in either the `home` or `nixos` -namespace. They are a special case of an `importable` which get passed as a special +namespace. They are a special case of an `importable` which is passed as a special argument (one that can be use in an `imports` line) to your hosts. All lists defined in `suites` are flattened and type-checked as paths. From 804e972c5701884f8f0891dc68e8a60802d9f03b Mon Sep 17 00:00:00 2001 From: Trevor Riles Date: Sat, 9 Oct 2021 11:17:42 -0500 Subject: [PATCH 04/12] Update docs and scripts to use main branch. When following the getting started guide commands were failing due to the mater branch not existing. I went through and updated all references in the docs and other scripts from master to main. --- bud/get.bash | 2 +- doc/CONTRIBUTING.md | 2 +- doc/concepts/profiles.md | 2 +- doc/concepts/users.md | 2 +- doc/integrations/nvfetcher.md | 2 +- doc/start/index.md | 4 ++-- doc/tests.md | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/bud/get.bash b/bud/get.bash index 770c002..b88081b 100644 --- a/bud/get.bash +++ b/bud/get.bash @@ -1 +1 @@ -nix flake new -t "github:divnix/devos/master" "${2:-devos}" +nix flake new -t "github:divnix/devos/main" "${2:-devos}" diff --git a/doc/CONTRIBUTING.md b/doc/CONTRIBUTING.md index 2b5241a..86f5dd7 100644 --- a/doc/CONTRIBUTING.md +++ b/doc/CONTRIBUTING.md @@ -1,7 +1,7 @@ # Pull Requests ## TL;DR; -- **Target Branch**: `master` +- **Target Branch**: `main` - **Merge Policy**: [`bors`][bors] is always right (→ `bors try`) - **Docs**: every changeset is expected to contain doc updates - **Commit Msg**: be a poet! Comprehensive and explanatory commit messages diff --git a/doc/concepts/profiles.md b/doc/concepts/profiles.md index 36e423f..7e592cc 100644 --- a/doc/concepts/profiles.md +++ b/doc/concepts/profiles.md @@ -63,5 +63,5 @@ specific belongs in your [host](hosts.md) files instead. [definition]: https://nixos.org/manual/nixos/stable/index.html#sec-option-definitions [declaration]: https://nixos.org/manual/nixos/stable/index.html#sec-option-declarations [options]: https://nixos.org/manual/nixos/stable/index.html#sec-writing-modules -[spec]: https://github.com/divnix/devos/tree/master/lib/devos/mkProfileAttrs.nix +[spec]: https://github.com/divnix/devos/tree/main/lib/devos/mkProfileAttrs.nix [config]: https://nixos.wiki/wiki/Module#structure diff --git a/doc/concepts/users.md b/doc/concepts/users.md index d18d51d..3ab7c39 100644 --- a/doc/concepts/users.md +++ b/doc/concepts/users.md @@ -73,5 +73,5 @@ nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPac ``` [home-manager]: https://nix-community.github.io/home-manager -[modules-list]: https://github.com/divnix/devos/tree/master/users/modules/module-list.nix +[modules-list]: https://github.com/divnix/devos/tree/main/users/modules/module-list.nix [portableuser]: https://digga.divnix.com/api-reference-home.html#homeusers diff --git a/doc/integrations/nvfetcher.md b/doc/integrations/nvfetcher.md index 107a169..c26c5fb 100644 --- a/doc/integrations/nvfetcher.md +++ b/doc/integrations/nvfetcher.md @@ -40,4 +40,4 @@ fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching [nvf]: https://github.com/berberman/nvfetcher [nvf-readme]: https://github.com/berberman/nvfetcher#readme -[sources.toml]: https://github.com/divnix/devos/tree/master/pkgs/sources.toml +[sources.toml]: https://github.com/divnix/devos/tree/main/pkgs/sources.toml diff --git a/doc/start/index.md b/doc/start/index.md index ed1a114..2cd14d9 100644 --- a/doc/start/index.md +++ b/doc/start/index.md @@ -6,8 +6,8 @@ Here is a snippet that will get you the template without the git history: ```sh nix-shell -p cachix --run "cachix use nrdxp" -nix-shell https://github.com/divnix/devos/archive/master.tar.gz -A shell \ - --run "bud get master" +nix-shell https://github.com/divnix/devos/archive/main.tar.gz -A shell \ + --run "bud get main" cd devos diff --git a/doc/tests.md b/doc/tests.md index 6a62c72..4844912 100644 --- a/doc/tests.md +++ b/doc/tests.md @@ -26,7 +26,7 @@ and the examples in [nixpkgs][nixos-tests]. [test-doc]: https://nixos.org/manual/nixos/stable/index.html#sec-nixos-tests [test-blog]: https://www.haskellforall.com/2020/11/how-to-use-nixos-for-lightweight.html -[default]: https://github.com/divnix/devos/tree/master/tests/default.nix +[default]: https://github.com/divnix/devos/tree/main/tests/default.nix [run-test]: https://github.com/NixOS/nixpkgs/blob/6571462647d7316aff8b8597ecdf5922547bf365/lib/debug.nix#L154-L166 [nixos-tests]: https://github.com/NixOS/nixpkgs/tree/master/nixos/tests [testing-python]: https://github.com/NixOS/nixpkgs/tree/master/nixos/lib/testing-python.nix From 8397aa7aa396bc99b380fe69120950022e88bbfd Mon Sep 17 00:00:00 2001 From: teutat3s <10206665+teutat3s@users.noreply.github.com> Date: Thu, 21 Oct 2021 23:39:19 +0200 Subject: [PATCH 05/12] workflows: switch to new default branch main --- .github/workflows/check.yml | 2 +- .github/workflows/mdbook_docs.yml | 2 +- .github/workflows/release.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 8fdf8d1..756aa2b 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -2,7 +2,7 @@ name: "Check & Cachix" on: push: branches: - - master + - main - trying - staging jobs: diff --git a/.github/workflows/mdbook_docs.yml b/.github/workflows/mdbook_docs.yml index 9d15cc1..5faf9c2 100644 --- a/.github/workflows/mdbook_docs.yml +++ b/.github/workflows/mdbook_docs.yml @@ -3,7 +3,7 @@ name: Deploy Docs to GitHub Pages on: push: branches: - - master + - main jobs: deploy: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 111be31..8cabd12 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 with: - ref: master + ref: main - name: Update Changelog uses: heinrichreimer/github-changelog-generator-action@v2.1.1 with: @@ -49,7 +49,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 with: - ref: master + ref: main - name: Get Changelog Entry id: changelog_reader From 1b1bc8eb97fc346f65ef96b580544a987e35ab3a Mon Sep 17 00:00:00 2001 From: teutat3s <10206665+teutat3s@users.noreply.github.com> Date: Thu, 21 Oct 2021 23:39:38 +0200 Subject: [PATCH 06/12] digga: fix link to new default branch main --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1d81382..275714c 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ DevOS is licensed under the [MIT License][mit]. [giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants [home-manager]: https://nix-community.github.io/home-manager [mit]: https://mit-license.org -[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake +[mk-flake]: https://github.com/divnix/digga/tree/main/src/mkFlake [nix]: https://nixos.org/manual/nix/stable [nixos]: https://nixos.org/manual/nixos/stable [nixpkgs]: https://github.com/NixOS/nixpkgs From 65db5d30ae4df02b9cef6620e72ed34a2082fc31 Mon Sep 17 00:00:00 2001 From: Karolis Labrencis Date: Sun, 24 Oct 2021 01:33:04 +0300 Subject: [PATCH 07/12] docs: remove outdated `nix-rebuild` notes --- doc/start/from-nixos.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/doc/start/from-nixos.md b/doc/start/from-nixos.md index ce79063..3e8c84d 100644 --- a/doc/start/from-nixos.md +++ b/doc/start/from-nixos.md @@ -47,8 +47,5 @@ This calls `nixos-rebuild` with sudo to build and install your configuration. > ##### _Notes:_ > - Instead of `switch`, you can pass `build`, `test`, `boot`, etc just as with > `nixos-rebuild`. -> -> - It is convenient to have the template living at `/etc/nixos` so you can -> simply `sudo nixos-rebuild switch` from anywhere on the system, but it is -> not required. + From 243116e2288005c90824a6d0d0ac400b973629ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sun, 24 Oct 2021 19:36:56 +0200 Subject: [PATCH 08/12] Remove git crypt, update docs --- doc/secrets.md | 6 +----- shell/devos.nix | 4 ---- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/doc/secrets.md b/doc/secrets.md index 6afe2f6..996f418 100644 --- a/doc/secrets.md +++ b/doc/secrets.md @@ -1,11 +1,8 @@ # Secrets -Secrets are managed using [git-crypt][git-crypt] and [agenix][agenix] +Secrets are managed using [agenix][agenix] so you can keep your flake in a public repository like GitHub without exposing your password or other sensitive data. -By default, everything in the secrets folder is automatically encrypted. Just -be sure to run `git-crypt init` before putting anything in here. - ## Agenix Currently, there is [no mechanism][secrets-issue] in nix itself to deploy secrets within the nix store because it is world-readable. @@ -104,7 +101,6 @@ secrets get decrypted. You can learn about them by looking at the > You can take a look at the [agenix repository][agenix] for more information > about the tool. -[git-crypt]: https://github.com/AGWA/git-crypt [agenix]: https://github.com/ryantm/agenix [age module]: https://github.com/ryantm/agenix/blob/master/modules/age.nix [secrets-issue]: https://github.com/NixOS/nix/issues/8 diff --git a/shell/devos.nix b/shell/devos.nix index 9090143..6f01267 100644 --- a/shell/devos.nix +++ b/shell/devos.nix @@ -30,10 +30,6 @@ in unset _PATH ''); - packages = with pkgs; [ - git-crypt - ]; - commands = with pkgs; [ (devos nixUnstable) (devos agenix) From 6962aab06c1b679163e41cd70a697807b199548e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sun, 24 Oct 2021 19:39:23 +0200 Subject: [PATCH 09/12] Remove .gitattributes files --- secrets/.gitattributes | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 secrets/.gitattributes diff --git a/secrets/.gitattributes b/secrets/.gitattributes deleted file mode 100644 index 901863e..0000000 --- a/secrets/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -* filter=git-crypt diff=git-crypt -.gitattributes !filter !diff -secrets.nix !filter !diff -README.md !filter !diff From 89b3cf78fd7af80e4dce4bfa9b3e6120e8d323e0 Mon Sep 17 00:00:00 2001 From: Karolis Labrencis Date: Tue, 2 Nov 2021 23:42:38 +0200 Subject: [PATCH 10/12] Document using deploy-rs to deploy home-manager --- doc/integrations/deploy.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/doc/integrations/deploy.md b/doc/integrations/deploy.md index 642267c..2282eb7 100644 --- a/doc/integrations/deploy.md +++ b/doc/integrations/deploy.md @@ -45,5 +45,32 @@ deploy '.#hostName' --hostname host.example.com > ##### _Note:_ > Your user will need **passwordless** sudo access +### Home Manager + +Digga's `lib.mkDeployNodes` provides only `system` profile. +In order to deploy your `home-manager` configuration you should provide additional profile(s) to deploy-rs config: +```nix +# Initially, this line looks like this: deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; +deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations + { + = { + profilesOrder = [ "system" "" ""]; + profiles. = { + user = ""; + path = deploy.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.; + }; + profiles. = { + user = ""; + path = deploy.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.; + }; + }; + }; +``` + +Substitute ``, `` and `` placeholders (omitting the `<>`). + +`` is there to illustrate deploying multiple `home-manager` configurations. Either substitute those as well, +or remove them altogether. Don't forget the `profileOrder` variable. + [d-rs]: https://github.com/serokell/deploy-rs From 70545abd1bf263c6c5f575fee41ec137af630f95 Mon Sep 17 00:00:00 2001 From: Michael Reddick Date: Sat, 20 Nov 2021 15:58:37 -0600 Subject: [PATCH 11/12] docs: fix typo in start/bootstrapping --- doc/start/bootstrapping.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/start/bootstrapping.md b/doc/start/bootstrapping.md index f4c5190..b8a0ad0 100644 --- a/doc/start/bootstrapping.md +++ b/doc/start/bootstrapping.md @@ -6,7 +6,7 @@ This will help you boostrap a bare host with the help of the _Note: nothing prevents you from remotely executing the boostrapping process. See below._ -Once your target host has booted into the live iso, you need to partion +Once your target host has booted into the live iso, you need to partition and format your disk according to the [official manual][manual]. ## Mount partitions From b15b8bf86551f0b4ed2c7ac2c569d6784cd25fd7 Mon Sep 17 00:00:00 2001 From: Dmytro Kostiuchenko Date: Mon, 29 Nov 2021 08:44:15 +0200 Subject: [PATCH 12/12] Do not hardcode UID for the exemplary user uid = 1000 is an unreasonable default for an examplary user nixos, because someone trying DevOs on a working NixOS installation likely has their own user with uid=1000 already. The code thus renders /etc/passwd invalid preventing user from logging in --- users/nixos/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/users/nixos/default.nix b/users/nixos/default.nix index 5c037fe..077a52e 100644 --- a/users/nixos/default.nix +++ b/users/nixos/default.nix @@ -3,7 +3,6 @@ home-manager.users = { inherit (hmUsers) nixos; }; users.users.nixos = { - uid = 1000; password = "nixos"; description = "default"; isNormalUser = true;