bad/devos
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity

Merge branch 'core' into config

Browse source
This commit is contained in:
Bad 2021-06-03 12:16:28 +02:00
commit 71563734ca
82 changed files with 1201 additions and 1400 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
.github/workflows/check.yml vendored Normal file
View file

@ -0,0 +1,28 @@
name: "Check & Cachix"
on:
push:
branches:
- core
- trying
- staging
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: cachix/install-nix-action@v13
with:
install_url: https://github.com/numtide/nix-flakes-installer/releases/download/nix-2.4pre20210415_76980a1/install
extra_nix_config: |
experimental-features = nix-command flakes
system-features = nixos-test benchmark big-parallel kvm recursive-nix
substituters = https://nrdxp.cachix.org https://nix-community.cachix.org https://cache.nixos.org
trusted-public-keys = nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- uses: cachix/cachix-action@v10
with:
name: nrdxp
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix -Lv flake check
- run: nix -Lv build ".#nixosConfigurations.NixOS.config.system.build.toplevel"
- run: nix -Lv develop -c echo OK

23
.github/workflows/community_sync.yml vendored
View file

@ -1,23 +0,0 @@
name: Sync Community Branch
on:
workflow_run:
workflows:
- "CI - Changelog"
- "Release"
types:
- completed
branches:
- core
jobs:
merge-core-to-community:
name: Merge core -> community
runs-on: ubuntu-latest
steps:
- uses: tukasz/direct-merge-action@master
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
source-branch: core
target-branch: community

4
.github/workflows/mdbook_docs.yml vendored
View file

@ -16,12 +16,12 @@ jobs:
with:
mdbook-version: 'latest'
- run: mdbook build
- run: mdbook build doc
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_branch: gh-pages
publish_dir: ./book
publish_dir: ./doc/book
cname: devos.divnix.com

2
.gitignore vendored
View file

@ -2,4 +2,4 @@ result
up
hosts/up-*
.direnv
book
doc/index.html

114
CHANGELOG.md Normal file
View file

@ -0,0 +1,114 @@
# Changelog
## [v0.10.0](https://github.com/divnix/devos/tree/v0.10.0) (2021-05-24)
**Implemented enhancements:**
- Providing an interface to nixpkgs.config [\#237](https://github.com/divnix/devos/issues/237)
- Making the user available in profiles [\#230](https://github.com/divnix/devos/issues/230)
- copy evaluation store paths to iso [\#195](https://github.com/divnix/devos/issues/195)
- Extract custom system builds from devosSystem out of lib [\#170](https://github.com/divnix/devos/issues/170)
- Allow setting of channel host-wide [\#117](https://github.com/divnix/devos/issues/117)
- alacritty: CSIu support [\#51](https://github.com/divnix/devos/issues/51)
**Fixed bugs:**
- Cachix timeouts + how to disable nrdxp cachix \(if needed\) [\#294](https://github.com/divnix/devos/issues/294)
- default.nix flake-compat is broken [\#285](https://github.com/divnix/devos/issues/285)
- All suites return "attribute missing" [\#282](https://github.com/divnix/devos/issues/282)
- nix is built two times [\#203](https://github.com/divnix/devos/issues/203)
- fix lib docs [\#166](https://github.com/divnix/devos/issues/166)
**Closed issues:**
- eliminate userFlakeNixOS [\#257](https://github.com/divnix/devos/issues/257)
- devos-as-library [\#214](https://github.com/divnix/devos/issues/214)
**Merged pull requests:**
- Update evalArgs to match the new planned API [\#239](https://github.com/divnix/devos/pull/239)
## [v0.9.0](https://github.com/divnix/devos/tree/v0.9.0) (2021-04-19)
**Implemented enhancements:**
- pin inputs into iso live registry [\#190](https://github.com/divnix/devos/issues/190)
- Pass 'self' to lib [\#169](https://github.com/divnix/devos/issues/169)
- doc: quickstart "ISO. What next?" [\#167](https://github.com/divnix/devos/issues/167)
- Integrate Android AOSP putting mobile under control [\#149](https://github.com/divnix/devos/issues/149)
- Inoculate host identity on first use [\#132](https://github.com/divnix/devos/issues/132)
- kubenix support [\#130](https://github.com/divnix/devos/issues/130)
- Improve Home Manager support: profiles/suites, modules, extern, flake outputs [\#119](https://github.com/divnix/devos/issues/119)
- Local CA \(between hosts\) [\#104](https://github.com/divnix/devos/issues/104)
- Q5: git annex for machine state [\#68](https://github.com/divnix/devos/issues/68)
- name space ./pkgs overlays [\#60](https://github.com/divnix/devos/issues/60)
- remap global keys easily [\#57](https://github.com/divnix/devos/issues/57)
- make pass state part of this repo's structure [\#56](https://github.com/divnix/devos/issues/56)
- Incorporate ./shells [\#38](https://github.com/divnix/devos/issues/38)
- Encrypt with \(r\)age [\#37](https://github.com/divnix/devos/issues/37)
**Fixed bugs:**
- `pathsToImportedAttrs` does not accept directories [\#221](https://github.com/divnix/devos/issues/221)
- Cachix caches aren't added to the configuration [\#208](https://github.com/divnix/devos/issues/208)
- Issues with current changelog workflow [\#205](https://github.com/divnix/devos/issues/205)
- iso: systemd service startup [\#194](https://github.com/divnix/devos/issues/194)
- Help adding easy-hls-nix to devos [\#174](https://github.com/divnix/devos/issues/174)
- `flk update` fails because of obsolete flag [\#159](https://github.com/divnix/devos/issues/159)
- Expected that not all packages are exported? [\#151](https://github.com/divnix/devos/issues/151)
- Segmentation fault when generating iso [\#150](https://github.com/divnix/devos/issues/150)
**Documentation:**
- doc: split iso [\#193](https://github.com/divnix/devos/issues/193)
- lib: can depend on pkgs \(a la nixpkgs\#pkgs/pkgs-lib\) [\#147](https://github.com/divnix/devos/pull/147)
**Closed issues:**
- FRRouting router implementation [\#154](https://github.com/divnix/devos/issues/154)
- ARM aarch64 Support [\#72](https://github.com/divnix/devos/issues/72)
## [v0.8.0](https://github.com/divnix/devos/tree/v0.8.0) (2021-03-02)
**Implemented enhancements:**
- semi automatic update for /pkgs [\#118](https://github.com/divnix/devos/issues/118)
- Home-manager external modules from flakes [\#106](https://github.com/divnix/devos/issues/106)
**Fixed bugs:**
- My emacsGcc overlay is not working [\#146](https://github.com/divnix/devos/issues/146)
- local flake registry freezes branches [\#142](https://github.com/divnix/devos/issues/142)
- nixos-option no longer works after collect garbage [\#138](https://github.com/divnix/devos/issues/138)
- Profiles imports are brittle, causing failure if imported twice [\#136](https://github.com/divnix/devos/issues/136)
## [0.7.0](https://github.com/divnix/devos/tree/0.7.0) (2021-02-20)
**Implemented enhancements:**
- add zoxide [\#53](https://github.com/divnix/devos/issues/53)
- Multiarch support? [\#17](https://github.com/divnix/devos/issues/17)
- initial multiArch support [\#18](https://github.com/divnix/devos/pull/18)
**Fixed bugs:**
- Missing shebang from flk.sh [\#131](https://github.com/divnix/devos/issues/131)
- Rename Meta Issue [\#128](https://github.com/divnix/devos/issues/128)
- specialisations break the `system` argument [\#46](https://github.com/divnix/devos/issues/46)
- Revert "Add extraArgs to lib.nixosSystem call to add system args." [\#47](https://github.com/divnix/devos/pull/47)
**Documentation:**
- update home-manager urls [\#62](https://github.com/divnix/devos/pull/62)
**Closed issues:**
- add github action for cachix build ci [\#59](https://github.com/divnix/devos/issues/59)
## [12052020](https://github.com/divnix/devos/tree/12052020) (2020-12-06)
## [07092020](https://github.com/divnix/devos/tree/07092020) (2020-07-09)
\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*

70
README.md
View file

@ -9,8 +9,8 @@
> maturing _well_ [for a while](https://github.com/divnix/devos/tree/17713c22d07c54525c728c62060a0428b76dee3b).
# Introduction
DevOS grants a simple way to use, deploy and manage [NixOS][nixos] systems for
personal and productive use. A sane repository structure is provided,
DevOS grants a simple template to use, deploy and manage [NixOS][nixos] systems
for personal and productive use. A sane repository structure is provided,
integrating several popular projects like [home-manager][home-manager],
[devshell][devshell], and [more](./doc/integrations).
@ -21,14 +21,17 @@ a [flake centric][flake-doc] approach is taken for useful conveniences such as
Skip the indeterminate nature of other systems, _and_ the perceived
tedium of bootstrapping Nix. It's easier than you think!
### Status: Alpha
A lot of the implementation is less than perfect, and huge
[redesigns](https://github.com/divnix/devos/issues/152) _will_ happen. There
are unstable versions (0._x_._x_) to help users keep track of changes and
progress.
### Status: Beta
Although this project has already matured quite a bit, especially through
recent outfactoring of [`digga`][digga], a fair amount of api polishing is still
expected. There are unstable versions (0._x_._x_) to help users keep track
of changes and progress.
## Getting Started
Check out the [guide](https://devos.divnix.com/doc/start) to get up and running.
Check out the [guide](https://devos.divnix.com/start) to get up and running.
Also, have a look at [_flake.nix_][toc]. If anything is not immediately
discoverable from there through [`digga`][digga] library's [`mkFlake`][mk-flake],
please file a bug report.
## In the Wild
The author maintains his own branch, so you can take inspiration, direction, or
@ -43,22 +46,32 @@ and its satellite projects, from which best practices can evolve.
___The future is declarative! 🎉___
## Upstream
I'd love to see this in the nix-community should anyone believe its reached a
point of maturity to be generally useful, but I'm all for waiting until
1.0[#121](https://github.com/divnix/devos/issues/121) to save the cache work,
too.
## Community Profiles
There are two branches from which to choose: [core][core] and
[community][community]. The community branch builds on core and includes
several ready-made profiles for discretionary use.
Every package and NixOS profile declared in community is uploaded to
[cachix](./cachix), so everything provided is available without building
anything. This is especially useful for the packages that are
[overridden](./overrides) from master, as without the cache, rebuilds are
quite frequent.
[cachix](./integrations/cachix.md), so everything provided is available
without building anything. This is especially useful for the packages that are
[overridden](./concepts/overrides.md) from master, as without the cache,
rebuilds are quite frequent.
## Shoulders
This work does not reinvent the wheel. It stands on the [shoulders of the
following giants][giants]:
### :onion: — like the layers of an onion
- [`divnix/digga`][digga]
- [`gytis-ivaskevicius/flake-utils-plus`][fup]
- [`numtide/flake-utils`][fu]
### :family: — like family
- [`numtide/devshell`][devshell]
- [`serokell/deploy-rs`][deploy]
- [`NixOS/nixpkgs`][nixpkgs]
:heart:
## Inspiration & Art
- [hlissner/dotfiles][dotfiles]
@ -67,9 +80,29 @@ quite frequent.
- [Awesome Nix](https://github.com/nix-community/awesome-nix)
- [devshell](https://github.com/numtide/devshell)
## Divnix
The divnix org is an open space that spontaniously formed out of "the Nix".
It is really just a place where otherwise unrelated people a) get
together and b) stuff done.
It's a place to stop "geeking out in isolation" (or within company boundaries),
experiment and learn together and iterate quickly on best practices. That's what it is.
It might eventually become a non-profit if that's not too complicated or if those
goals are sufficiently upstreamed into "the Nix", dissolved.
# License
DevOS is licensed under the [MIT License][mit].
[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake
[nixpkgs]: https://github.com/NixOS/nixpkgs
[deploy]: https://github.com/serokell/deploy-rs
[toc]: https://github.com/divnix/devos/blob/core/flake.nix
[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants
[digga]: https://github.com/divnix/digga
[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus
[fu]: https://github.com/numtide/flake-utils
[devshell]: https://github.com/numtide/devshell
[nix]: https://nixos.org/manual/nix/stable
[mit]: https://mit-license.org
[nixos]: https://nixos.org/manual/nixos/stable
@ -79,5 +112,4 @@ DevOS is licensed under the [MIT License][mit].
[core]: https://github.com/divnix/devos
[community]: https://github.com/divnix/devos/tree/community
[dotfiles]: https://github.com/hlissner/dotfiles
[devshell]: https://github.com/numtide/devshell
[please]: https://github.com/nrdxp/devos/tree/nrd

32
SUMMARY.md
View file

@ -1,32 +0,0 @@
# Summary
- [Introduction](./README.md)
- [Quick Start](./doc/start/index.md)
- [ISO](./doc/start/iso.md)
- [Bootstrapping](./doc/start/bootstrapping.md)
- [From NixOS](./doc/start/from-nixos.md)
- [Layout](./doc/layout.md)
- [Cachix](./cachix/README.md)
- [Extern](./extern/README.md)
- [Hosts](./hosts/README.md)
- [Lib](./lib/README.md)
- [Modules](./modules/README.md)
- [Overlays](./overlays/README.md)
- [Overrides](./overrides/README.md)
- [Packages](./pkgs/README.md)
- [Profiles](./profiles/README.md)
- [Secrets](./secrets/README.md)
- [Suites](./suites/README.md)
- [Tests](./tests/README.md)
- [Users](./users/README.md)
- [flk](./doc/flk/index.md)
- [up](./doc/flk/up.md)
- [update](./doc/flk/update.md)
- [get](./doc/flk/get.md)
- [iso](./doc/flk/iso.md)
- [install](./doc/flk/install.md)
- [home](./doc/flk/home.md)
- [Integrations](doc/integrations/index.md)
- [Deploy RS](./doc/integrations/deploy.md)
- [Hercules CI](./doc/integrations/hercules.md)
- [Contributing](./doc/README.md)

7
bors.toml
View file

@ -1,10 +1,5 @@
status = [
"ci/hercules/evaluation",
"ci/hercules/derivations"
]
status = [ "check" ]
required_approvals = 1
up_to_date_approvals = true
delete_merged_branches = true

12
cachix.nix
View file

@ -1,12 +0,0 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in
{
inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ];
}

12
cachix/README.md
View file

@ -1,12 +0,0 @@
# Cachix
The cachix directory simple captures the output of `sudo cachix use` for the
developers personal cache, as well as the nix-community cache. You can easily
add your own cache, assuming the template lives in /etc/nixos, by simply
running `sudo cachix use yourcache`.
These caches are only added to the system after a `nixos-rebuild switch`, so it
is recommended to call `cachix use divnix` before the initial deployment, as it
will save a lot of build time.
In the future, users will be able to skip this step once the ability to define
the nix.conf within the flake is fully fleshed out upstream.

31
default.nix
View file

@ -1,8 +1,31 @@
let
inherit (default.inputs.nixos) lib;
default = (import ./compat).defaultNix;
default = (import ./lib/compat).defaultNix;
ciSystems = [
"aarch64-linux"
"i686-linux"
"x86_64-linux"
];
filterSystems = lib.filterAttrs
(system: _: lib.elem system ciSystems);
recurseIntoAttrsRecursive = lib.mapAttrs (_: v:
if lib.isAttrs v
then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v)
else v
);
systemOutputs = lib.filterAttrs
(name: set: lib.isAttrs set
&& lib.any
(system: set ? ${system} && name != "legacyPackages")
ciSystems
)
default.outputs;
ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs;
in
builtins.mapAttrs (_: v: lib.recurseIntoAttrs v) default.packages // {
shell = import ./shell.nix;
}
(recurseIntoAttrsRecursive ciDrvs) // { shell = import ./shell.nix; }

2
doc/README.md → doc/CONTRIBUTING.md
View file

@ -21,7 +21,7 @@ If you wish to contribute please follow these guidelines:
* The commit message follows the same semantics as [nixpkgs][nixpkgs].
* You can use a `#` symbol to specify ambiguities. For example,
`develop#zsh: <rest of commit message>` would tell me that your updating the
`develop#zsh: <rest of commit message>` would tell me that you're updating the
`zsh` subprofile living under the `develop` profile.
[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt

34
doc/SUMMARY.md Normal file
View file

@ -0,0 +1,34 @@
# Summary
- [Introduction](../README.md)
- [Quick Start](./start/index.md)
- [ISO](./start/iso.md)
- [Bootstrapping](./start/bootstrapping.md)
- [From NixOS](./start/from-nixos.md)
- [Key Concepts](./concepts/index.md)
- [Extern](./concepts/extern.md)
- [Hosts](./concepts/hosts.md)
- [Overrides](./concepts/overrides.md)
- [Profiles](./concepts/profiles.md)
- [Suites](./concepts/suites.md)
- [Users](./concepts/users.md)
- [Outputs](./outputs/index.md)
- [Modules](./outputs/modules.md)
- [Overlays](./outputs/overlays.md)
- [Packages](./outputs/pkgs.md)
- [Concerns]()
- [Lib](./lib.md)
- [Secrets](./secrets.md)
- [Tests](./tests.md)
- [Helper Script `flk`](./flk/index.md)
- [up](./flk/up.md)
- [update](./flk/update.md)
- [get](./flk/get.md)
- [iso](./flk/iso.md)
- [install](./flk/install.md)
- [home](./flk/home.md)
- [Integrations](./integrations/index.md)
- [Cachix](./integrations/cachix.md)
- [Deploy RS](./integrations/deploy.md)
- [Hercules CI](./integrations/hercules.md)
- [Contributing](./CONTRIBUTING.md)

0
book.toml → doc/book.toml
View file

42
doc/concepts/extern.md Normal file
View file

@ -0,0 +1,42 @@
# External Art
When you need to use a module, overlay, or pass a value from one of your inputs
to the rest of your NixOS configuration, you can make use of a couple arguments.
It is encouraged to add external art directly in your `flake.nix` so the file
represents a complete dependency overview of your flake.
## Overlays
External overlays can directly be added to a channel's `overlays` list.
flake.nix:
```nix
{
channels.nixos.overlays = [ inputs.agenix.overlay ];
}
```
Upon exporting overlays, these overlays will be automatically filtered out by inspecting the `inputs` argument.
## Modules
There is a dedicated `nixos.hostDefaults.externalModules` argument for external
modules.
flake.nix:
```nix
{
nixos.hostDefaults.externalModules = [ inputs.agenix.nixosModules.age ];
}
```
## Home Manager
Since there isn't a `hosts` concept for home-manager, externalModules is just a
top-level argument in the `home` namespace.
flake.nix:
```nix
{
home.externalModules = [ doom-emacs = doom-emacs.hmModule ];
}
```
> ##### Note:
> To avoid declaring "external" modules separately, which is obvious since they come from `inputs`, the optimal solution would be to automatically export modules that were created in
> your flake. But this is not possible due to NixOS/nix#4740.

34
hosts/README.md → doc/concepts/hosts.md
View file

@ -15,27 +15,41 @@ attribute to the name of the file minus the _.nix_ extension. This is for
convenience, since `nixos-rebuild` automatically searches for a configuration
matching the current systems hostname if one is not specified explicitly.
You can set channels, systems, and add extra modules to each host by editing the
`nixos.hosts` argument in flake.nix. This is the perfect place to import
host specific modules from external sources, such as the
[nixos-hardware][nixos-hardware] repository.
It is recommended that the host modules only contain configuration information
specific to a particular piece of hardware. Anything reusable across machines
is best saved for [profile modules](../profiles).
is best saved for [profile modules](./profiles.md).
This is a good place to import sets of profiles, called [suites](../suites),
This is a good place to import sets of profiles, called [suites](./suites.md),
that you intend to use on your machine.
Additionally, this is the perfect place to import anything you might need from
the [nixos-hardware][nixos-hardware] repository.
> ##### _Note:_
> Set `nixpkgs.system` to the architecture of this host, default is "x86_64-linux".
> Keep in mind that not all packages are available for all architectures.
## Example
flake.nix:
```nix
{
nixos = {
imports = [ (devos.lib.importHosts ./hosts) ];
hosts = {
librem = {
channelName = "latest";
modules = [ nixos-hardware.nixosModules.purism-librem-13v3 ];
};
};
};
}
```
hosts/librem.nix:
```nix
{ suites, hardware, ... }:
{ suites, ... }:
{
imports = suites.laptop ++ [ hardware.purism-librem-13v3 ];
imports = suites.laptop;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;

4
doc/concepts/index.md Normal file
View file

@ -0,0 +1,4 @@
# Key Concepts
There are few idioms unique to DevOS. This section is dedicated to helping you
understand them.

41
doc/concepts/overrides.md Normal file
View file

@ -0,0 +1,41 @@
# Overrides
Each NixOS host follows one channel. But many times it is useful to get packages
or modules from different channels.
## Packages
You can make use of `overlays/overrides.nix` to override specific packages in the
default channel to be pulled from other channels. That file is simply an example
of how any overlay can get `channels` as their first argument.
You can add overlays to any channel to override packages from other channels.
Pulling the manix package from the `latest` channel:
```nix
channels: final: prev: {
__dontExport = true;
inherit (pkgs.latest) manix;
}
```
It is recommended to set the `__dontExport` property for override specific
overlays. `overlays/overrides.nix` is the best place to consolidate all package
overrides and the property is already set for you.
## Modules
You can also pull modules from other channels. All modules have access to the
`modulesPath` for each channel as `<channelName>ModulesPath`. And you can use
`disabledModules` to remove modules from the current channel.
Pulling the zsh module from the `latest` channel:
```nix
{ latestModulesPath }: {
modules = [ "${latestModulesPath}/programs/zsh/zsh.nix" ];
disabledModules = [ "programs/zsh/zsh.nix" ];
}
```
> ##### _Note:_
> Sometimes a modules name will change from one branch to another.
[nixpkgs-modules]: https://github.com/NixOS/nixpkgs/tree/master/nixos/modules

10
profiles/README.md → doc/concepts/profiles.md
View file

@ -12,17 +12,17 @@ is maintained to help get up to speed on their usage.
For the sake of consistency, a profile should always be defined in a
___default.nix___ containing a [nixos module config][config].
A profile's directory is used for quick modularization of
[interelated bits](./#subprofiles).
[interelated bits](./profiles.md#subprofiles).
> ##### _Notes:_
> * For _declaring_ module options, there's the [modules](../modules) directory.
> * For _declaring_ module options, there's the [modules](../outputs/modules.md) directory.
> * This directory takes inspiration from
> [upstream](https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/profiles)
> .
> * Sticking to a simple [spec][spec] has refreshing advantages.
> [hercules-ci](../doc/integrations/hercules.md) expects all profiles to be
> [hercules-ci](../integrations/hercules.md) expects all profiles to be
> defined in a ___default.nix___, allowing them to be built automatically when
> added. Congruently, [suites](../suites) expect ___default.nix___ to avoid
> added. Congruently, [suites](suites.md) expect ___default.nix___ to avoid
> having to manage their paths manually.
## Subprofiles
@ -56,7 +56,7 @@ profiles/develop/zsh/default.nix:
Profiles are the most important concept in DevOS. They allow us to keep our
Nix expressions self contained and modular. This way we can maximize reuse
across hosts while minimizing boilerplate. Remember, anything machine
specific belongs in your [host](../hosts) files instead.
specific belongs in your [host](hosts.md) files instead.
[definition]: https://nixos.org/manual/nixos/stable/index.html#sec-option-definitions
[declaration]: https://nixos.org/manual/nixos/stable/index.html#sec-option-declarations

8
suites/README.md → doc/concepts/suites.md
View file

@ -6,6 +6,14 @@ profiles. For good examples, check out the suites defined in the community
In the future, we will use suites as a mechanism for deploying various machine
types which don't depend on hardware, such as vm's and containers.
They are defined with the `suites` argument in either `home` or `nixos` namespace.
Suites should be passed as a function that take profiles as an argument.
The profiles are passed based on the folder names and list passed to the relevant
`profiles` argument. In the template's flake.nix `profiles` is set as
`[ ./profiles ./users ]` and that corresponds to the `{ profiles, users }` argument
pattern.
## Definition
```nix
rec {

10
users/README.md → doc/concepts/users.md
View file

@ -1,6 +1,6 @@
# Users
Users are a special case of [profiles](../profiles) that define system
Users are a special case of [profiles](profiles.md) that define system
users and [home-manager][home-manager] configurations. For your convenience,
home manager is wired in by default so all you have to worry about is declaring
your users. For a fully fleshed out example, check out the developers personal
@ -24,14 +24,14 @@ your users. For a fully fleshed out example, check out the developers personal
## Home Manager
Home Manager support follows the same principles as regular nixos configurations.
All modules defined in [user modules](./modules/module-list.nix) will be imported to
Home Manager. All profiles are availabe in [suites](../suites/default.nix) as userProfiles.
All modules defined in [user modules][modules-list] will be imported to
Home Manager. All profiles are availabe in [suites][suites] as userProfiles.
The `userSuites` output will be available in your Home Manager Configuration as
the special argument, `suites`.
## External Usage
You can easily use the defined home-manager configurations outside of NixOS
using the `homeConfigurations` flake output. The [flk](../doc/flk) helper
using the `homeConfigurations` flake output. The [flk](../flk/index.md) helper
script makes this even easier.
This is great for keeping your environment consistent across Unix systems,
@ -56,3 +56,5 @@ nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPac
```
[home-manager]: https://nix-community.github.io/home-manager
[suites]: https://github.com/divnix/devos/tree/core/suites/default.nix
[modules-list]: https://github.com/divnix/devos/tree/core/modules/module-list.nix

2
doc/flk/home.md
View file

@ -4,5 +4,5 @@ NixOS, providing an awesome mechanism for keeping your environments
synchronized, even when using other systems.
## Usage
The [users](../../users/index.md#external-usage) page contains a good usage
The [users](../concepts/users.md#external-usage) page contains a good usage
example.

4
doc/flk/update.md
View file

@ -11,8 +11,8 @@ contains a flake.nix, with an optional arguement to update only a specific
input in the subflake.
For example, you can update any
[package sources](../../pkgs#automatic-source-updates) you may have declared
in _pkgs/flake.nix_:
[package sources](../outputs/pkgs.md#automatic-source-updates) you may have
declared in _pkgs/flake.nix_:
```sh
flk update pkgs
```

17
doc/integrations/cachix.md Normal file
View file

@ -0,0 +1,17 @@
# Cachix
The system will automatically pull a cachix.nix at the root if one exists.
This is usually created automatically by a `sudo cachix use`. If you're more
inclined to keep the root clean, you can drop any generated files in the
`cachix` directory into the `profiles/cachix` directory without further
modification.
For example, to add your own cache, assuming the template lives in /etc/nixos,
by simply running `sudo cachix use yourcache`. Then, optionally, move
`cachix/yourcache.nix` to `profiles/cachix/yourcache.nix`
These caches are only added to the system after a `nixos-rebuild switch`, so it
is recommended to call `cachix use nrdxp` before the initial deployment, as it
will save a lot of build time.
In the future, users will be able to skip this step once the ability to define
the nix.conf within the flake is fully fleshed out upstream.

2
doc/integrations/deploy.md
View file

@ -4,7 +4,7 @@ chosen for devos after the author experienced some frustrations with the
stateful nature of nixops' db. It was also designed from scratch to support
flake based deployments, and so is an excellent tool for the job.
By default, all the [hosts](../../hosts) are also available as deploy-rs nodes,
By default, all the [hosts](../concepts/hosts.md) are also available as deploy-rs nodes,
configured with the hostname set to `networking.hostName`; overridable via
the command line.

2
doc/integrations/hercules.md
View file

@ -15,7 +15,7 @@ binary cache (and of course you do), be sure _not_ to skip the
[binary-caches.json][cache].
## Ready to Use
The repo is already set up with the proper _nix/ci.nix_ file, building all
The repo is already set up with the proper _default.nix_ file, building all
declared packages, checks, profiles and shells. So you can see if something
breaks, and never build the same package twice!

4
doc/layout.md
View file

@ -1,4 +0,0 @@
# Layout
Each of the following sections is a directory in the root of the project
serving a singular purpose. Select a chapter to read more about its purpose
and usage.

3
lib/README.md → doc/lib.md
View file

@ -3,8 +3,7 @@ The lib directory mirrors the upstream concepts of [`nixpkgs:./lib`][nixpkgs-lib
[`nixpkgs:./nixos/lib`][nixpkgs-nixos-lib] and [`nixpkgs:./pkgs/pkgs-lib`][nixpkgs-pkgs-lib],
but also occasionally [`nixpkgs:./pkgs/build-support`][nixpkgs-pkgs-build-support].
It comes with functions necesary to declutter `devos` itself, but you are
welcome to extend it to your needs.
All functions defined in lib can be accessed in modules and packages as `ourlib`.
For example:

407
doc/mkFlakeOptions.md Normal file
View file

@ -0,0 +1,407 @@
## channels
nixpkgs channels to create
*_Type_*:
attribute set of submodules
*_Default_*
```
{}
```
## channels.\<name\>.config
nixpkgs config for this channel
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## channels.\<name\>.input
nixpkgs flake input to use for this channel
*_Type_*:
nix flake
*_Default_*
```
"inputs.<name>"
```
## channels.\<name\>.overlays
overlays to apply to this channel
these will get exported under the 'overlays' flake output
as \<channel\>/\<name\> and any overlay pulled from ${inputs}
will be filtered out
*_Type_*:
list of valid Nixpkgs overlay or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## channelsConfig
nixpkgs config for all channels
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## home
hosts, modules, suites, and profiles for home-manager
*_Type_*:
submodule
*_Default_*
```
{}
```
## home.externalModules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid module or path convertible to its
*_Default_*
```
[]
```
## home.modules
modules to include in all hosts and export to homeModules output
*_Type_*:
list of path to a modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## home.profiles
profile folders that can be collected into suites
the name of the argument passed to suites is based
on the folder name.
[ ./profiles ] => { profiles }:
*_Type_*:
list of paths
*_Default_*
```
[]
```
## home.suites
Function that takes profiles and returns suites for this config system
These can be accessed through the 'suites' special argument.
*_Type_*:
function that evaluates to a(n) attrs or path convertible to it
*_Default_*
```
"<function>"
```
## inputs
inputs for this flake
used to set channel defaults and create registry
*_Type_*:
attribute set of nix flakes
## nixos
hosts, modules, suites, and profiles for nixos
*_Type_*:
submodule
*_Default_*
```
{}
```
## nixos.hostDefaults
Defaults for all hosts.
the modules passed under hostDefaults will be exported
to the 'nixosModules' flake output.
They will also be added to all hosts.
*_Type_*:
submodule
*_Default_*
```
{}
```
## nixos.hostDefaults.channelName
Channel this host should follow
*_Type_*:
a channel defined in `channels`
*_Default_*
```
null
```
## nixos.hostDefaults.externalModules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid module or path convertible to its
*_Default_*
```
[]
```
## nixos.hostDefaults.modules
modules to include in all hosts and export to nixosModules output
*_Type_*:
list of path to a modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.system
system for this host
*_Type_*:
system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.hosts
configurations to include in the nixosConfigurations output
*_Type_*:
attribute set of submodules
*_Default_*
```
{}
```
## nixos.hosts.\<name\>.channelName
Channel this host should follow
*_Type_*:
a channel defined in `channels`
*_Default_*
```
null
```
## nixos.hosts.\<name\>.modules
modules to include
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## nixos.hosts.\<name\>.system
system for this host
*_Type_*:
system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.profiles
profile folders that can be collected into suites
the name of the argument passed to suites is based
on the folder name.
[ ./profiles ] => { profiles }:
*_Type_*:
list of paths
*_Default_*
```
[]
```
## nixos.suites
Function that takes profiles and returns suites for this config system
These can be accessed through the 'suites' special argument.
*_Type_*:
function that evaluates to a(n) attrs or path convertible to it
*_Default_*
```
"<function>"
```
## self
The flake to create the devos outputs for
*_Type_*:
nix flake
## supportedSystems
The systems supported by this flake
*_Type_*:
list of strings
*_Default_*
```
["aarch64-linux","i686-linux","x86_64-darwin","x86_64-linux"]
```

3
doc/outputs/index.md Normal file
View file

@ -0,0 +1,3 @@
# Layout
Each of the following sections is a directory whose contents are output to the
outside world via the flake's outputs. Check each chapter for details.

4
modules/README.md → doc/outputs/modules.md
View file

@ -4,13 +4,13 @@ The modules directory is a replica of nixpkg's NixOS [modules][nixpkgs-modules]
nixpkgs proper once your module is sufficiently stable.
All modules linked in _module-list.nix_ are automatically exported via
`nixosModules.<file-basename>`, and imported into all [hosts](../hosts).
`nixosModules.<file-basename>`, and imported into all [hosts](../concepts/hosts.md).
> ##### _Note:_
> This is reserved for declaring brand new module options. If you just want to
> declare a coherent configuration of already existing and related NixOS options
> , use [profiles](../profiles) instead.
> , use [profiles](../concepts/profiles.md) instead.
## Semantics
In case you've never written a module for nixpkgs before, here is a brief

4
overlays/README.md → doc/outputs/overlays.md
View file

@ -3,8 +3,8 @@ Writing overlays is a common occurence when using a NixOS system. Therefore,
we want to keep the process as simple and straightforward as possible.
Any _.nix_ files declared in this directory will be assumed to be a valid
overlay, and will be automatically imported into all [hosts](../hosts), and
exported via `overlays.<file-basename>` _as well as_
overlay, and will be automatically imported into all [hosts](../concepts/hosts.md), and
exported via `overlays.<channel>/<pkgName>` _as well as_
`packages.<system>.<pkgName>` (for valid systems), so all you have to do is
write it.

9
pkgs/README.md → doc/outputs/pkgs.md
View file

@ -1,5 +1,5 @@
# Packages
Similar to [modules](../modules), the pkgs directory mirrors the upstream
Similar to [modules](./modules.md), the pkgs directory mirrors the upstream
[nixpkgs/pkgs][pkgs], and for the same reason; if you ever want to upstream
your package, it's as simple as dropping it into the nixpkgs/pkgs directory.
@ -12,18 +12,17 @@ And all the packages are exported via `packages.<system>.<pkg-name>`, for all
the supported systems listed in the package's `meta.platforms` attribute.
And, as usual, every package in the overlay is also available to any NixOS
[host](../hosts).
[host](../concepts/hosts.md).
## Automatic Source Updates
There is the added, but optional, convenience of declaring your sources in
_pkgs/flake.nix_ as an input. You can then access them from the `srcs` package.
This allows updates to be managed automatically by simply
[updating](../doc/flk/update.md#updating-package-sources) the lock file. No
[updating](../flk/update.md#updating-package-sources) the lock file. No
more manually entering sha256 hashes!
As an added bonus, version strings are also generated automatically from either
the flake ref, or the date and git revision of the source. For examples,
definitely checkout the [community branch](../#community-profiles).
the flake ref, or the date and git revision of the source.
## Example
pkgs/development/libraries/libinih/default.nix:

0
secrets/README.md → doc/secrets.md
View file

6
doc/start/bootstrapping.md
View file

@ -1,7 +1,7 @@
# Bootstrapping
This will help you boostrap a bare host with the help of the
[bespoke iso](./iso) live installer.
[bespoke iso](./iso.md) live installer.
_Note: nothing prevents you from remotely executing the boostrapping
process. See below._
@ -50,7 +50,7 @@ in your network, there is a static link-local IPv6 address configured to
`n=14 i=9 x=24; 47 = n+i+x`).
Provided that you have added your public key to the authorized keys of the
`root` user _(hint: [`deploy-rs`](../integrations/deploy) needs passwordless
`root` user _(hint: [`deploy-rs`](../integrations/deploy.md) needs passwordless
sudo access)_:
```nix
@ -73,7 +73,7 @@ ssh root@fe80::47%eno1 # where eno1 is your network interface on which you are
_Note: the [static link-local IPv6 address][staticLLA] and [MulticastDNS][mDNS] is only
configured on the live installer. If you wish to enable [MulticastDNS][mDNS]
for your environment, you ought to configure that in a regular [profile](../../profiles)._
for your environment, you ought to configure that in a regular [profile](../concepts/profiles.md)._
### EUI-64 LLA & Host Identity

25
doc/start/from-nixos.md
View file

@ -1,7 +1,7 @@
# From NixOS
## Generate Configuration
Assuming your happy with your existing partition layout, you can generate a
Assuming you're happy with your existing partition layout, you can generate a
basic NixOS configuration for your system using:
```sh
flk up
@ -10,13 +10,21 @@ flk up
This will make a new file `hosts/up-$(hostname).nix`, which you can edit to
your liking.
Make sure your `i18n.defaultLocale` and `time.timeZone` are set properly for
your region. Keep in mind that `networking.hostName` with be automatically
set to the filename of your hosts file, so `hosts/my-host.nix` will have the
hostname `my-host`.
You must then add a host to `nixos.hosts` in flake.nix:
```nix
{
nixos.hosts = {
modules = hosts/NixOS.nix;
};
}
```
Now might be a good time to read the docs on [suites](../../suites) and
[profiles](../../profiles) and add or create any that you need.
Make sure your `i18n.defaultLocale` and `time.timeZone` are set properly for
your region. Keep in mind that `networking.hostName` will be automatically
set to the name of your host;
Now might be a good time to read the docs on [suites](../concepts/suites.md) and
[profiles](../concepts/profiles.md) and add or create any that you need.
> ##### _Note:_
> While the `up` sub-command is provided as a convenience to quickly set up and
@ -28,7 +36,7 @@ Now might be a good time to read the docs on [suites](../../suites) and
> them directly into a host module of your own making, and commit that instead.
# Installation
Once your ready to deploy `hosts/my-host.nix`:
Once you're ready to deploy `hosts/my-host.nix`:
```sh
flk my-host switch
```
@ -44,4 +52,3 @@ This calls `nixos-rebuild` with sudo to build and install your configuration.
> simply `sudo nixos-rebuild switch` from anywhere on the system, but it is
> not required.

4
doc/start/index.md
View file

@ -22,7 +22,7 @@ This will place you in a new folder named `flk` with git initialized, and a
nix-shell that provides all the dependencies, including the unstable nix
version required.
In addition, the [binary cache](../../cachix) is added for faster deployment.
In addition, the [binary cache](../integrations/cachix.md) is added for faster deployment.
> ##### _Notes:_
> - You can change `core` to [`community`](../../index.md#community-profiles)
@ -31,6 +31,8 @@ In addition, the [binary cache](../../cachix) is added for faster deployment.
> files before building the system.
> - You can choose to simply clone the repo with git if you want to follow
> upstream changes.
> - If the `nix-shell -p cachix --run "cachix use nrdxp"` line doesn't work
> you can try with sudo: `sudo nix-shell -p cachix --run "cachix use nrdxp"`
## Next Steps:
- [Make installable ISO](./iso.md)

10
doc/start/iso.md
View file

@ -12,13 +12,13 @@ This works for any file matching `hosts/*.nix` excluding `default.nix`.
## ISO image nix store & cache
The iso image holds the store to the live environment and _also_ acts as a binay cache
The iso image holds the store to the live environment and _also_ acts as a binary cache
to the installer. To considerably speed up things, the image already includes all flake
`inputs` as well as the `devshell` closures.
While you _could_ provision any machine with a single stick, a bespoke iso maximises
those local cache hits.
While you _could_ provision any machine with a single stick, a custom-made iso for
the host you want to install DevOS to, maximises those local cache hits.
For hosts that don't differ too much, a common usb stick might be ok, whereas when
there are bigger differences, a bespoke usb stick will be considerably faster.
For hosts that don't differ too much, a single usb stick might be ok, whereas when
there are bigger differences, a custom-made usb stick will be considerably faster.

4
tests/README.md → doc/tests.md
View file

@ -3,11 +3,11 @@
Testing is always an important aspect of any software development project, and
NixOS offers some incredibly powerful tools to write tests for your
configuration, and, optionally, run them in
[CI](../doc/integrations/hercules.md).
[CI](./integrations/hercules.md).
## Lib Tests
You can easily write tests for your own library functions in the
___tests/lib.nix___ file and they will be run on every `nix flake check` or
lib/___tests/lib.nix___ file and they will be run on every `nix flake check` or
during a CI run.
## Unit Tests

0
theme/highlight.js → doc/theme/highlight.js vendored
View file

45
extern/README.md vendored
View file

@ -1,45 +0,0 @@
# External Art
When you need to use a module, overlay, or pass a value from one of your inputs
to the rest of your NixOS configuration, [extern][extern] is where you do it.
Modules and overlays are self explanatory, and the `specialArgs` attribute is
used to extend the arguments passed to all NixOS modules, allowing for
arbitrary values to be passed from flake inputs to the rest of your
configuration.
## Home Manager
There is also an `hmModules` attribute set for pulling home-manager modules in
from the outside world:
### Declare:
flake.nix:
```nix
{
inputs.doom-emacs.url = "github:vlaci/nix-doom-emacs";
}
```
extern/default.nix:
```nix
with inputs;
{
hmModules = {
doom-emacs = doom-emacs.hmModule;
};
}
```
### Use:
users/nixos/default.nix:
```nix
{ hmModules, ... }:
{
home-manager.users.nixos = {
imports = [ hmModules.doom-emacs ] ;
programs.doom-emacs.enable = true;
};
}
```
[extern]: https://github.com/divnix/devos/tree/core/extern/default.nix

29
extern/default.nix vendored
View file

@ -1,29 +0,0 @@
{ inputs }: with inputs;
{
modules = [
home.nixosModules.home-manager
ci-agent.nixosModules.agent-profile
];
overlays = [
nur.overlay
devshell.overlay
(final: prev: {
deploy-rs = deploy.packages.${prev.system}.deploy-rs;
})
pkgs.overlay
];
# passed to all nixos modules
specialArgs = {
overrideModulesPath = "${override}/nixos/modules";
hardware = nixos-hardware.nixosModules;
};
# added to home-manager
userModules = [
];
# passed to all home-manager modules
userSpecialArgs = { };
}

271
flake.lock
View file

@ -2,9 +2,7 @@
"nodes": {
"ci-agent": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-compat": "flake-compat",
"nix-darwin": [
"darwin"
],
@ -12,7 +10,7 @@
"nixos"
],
"nixos-unstable": [
"override"
"latest"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix"
},
@ -33,15 +31,15 @@
"darwin": {
"inputs": {
"nixpkgs": [
"override"
"latest"
]
},
"locked": {
"lastModified": 1617693609,
"narHash": "sha256-/+6wm08yHK8mhyljzELD4WE9Gh8XUVbHL0R1TQpZtTQ=",
"lastModified": 1622060422,
"narHash": "sha256-hPVlvrAyf6zL7tTx0lpK+tMxEfZeMiIZ/A2xaJ41WOY=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "a7492a8c76dcc702d0a65cd820a5f9baa8702684",
"rev": "007d700e644ac588ad6668e6439950a5b6e2ff64",
"type": "github"
},
"original": {
@ -52,25 +50,17 @@
},
"deploy": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"naersk": [
"naersk"
],
"nixpkgs": [
"override"
],
"utils": [
"utils"
]
"flake-compat": "flake-compat_2",
"naersk": "naersk",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1620708296,
"narHash": "sha256-8o6qy8kYYNX+gMgKWnNqGvmX0GCEmJ4ubDS3gdWH7sI=",
"lastModified": 1616406726,
"narHash": "sha256-n9zmgxR03QNrvs9/fHewqE0j3SjL7Y+cglBCFu3U3rg=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "896f9d3b5d7c0dc2566c7d2c6fe854ecef17daec",
"rev": "9e405fbc5ab5bacbd271fd78c6b6b6877c4d9f8d",
"type": "github"
},
"original": {
@ -81,11 +71,11 @@
},
"devshell": {
"locked": {
"lastModified": 1620641550,
"narHash": "sha256-o359KdI/LNiPL6EbirONff2MOvZHtZr9MgYx3R9oVFk=",
"lastModified": 1618523768,
"narHash": "sha256-Gev9da35pHUey3kGz/zrJFc/9ICs++vPCho7qB1mqd8=",
"owner": "numtide",
"repo": "devshell",
"rev": "a47493423092f6c4c0a7eb605a7cd515a77db4a8",
"rev": "709fe4d04a9101c9d224ad83f73416dce71baf21",
"type": "github"
},
"original": {
@ -94,20 +84,72 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"digga": {
"inputs": {
"deploy": "deploy",
"devshell": "devshell",
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_2",
"utils": "utils_2"
},
"locked": {
"lastModified": 1611461076,
"narHash": "sha256-ad++dTtMNeitUIKi1c66aTrVJOSf+mdZTrGrXzjDr6Q=",
"owner": "BBBSnowball",
"repo": "flake-compat",
"rev": "a565cb46bee9fa856a6c15bc9c3bb947fbb784ec",
"lastModified": 1622484894,
"narHash": "sha256-n3Vn4H1muqDcoMtXS59c0ZZthSJ11gFAodfo1LSQvj8=",
"owner": "divnix",
"repo": "digga",
"rev": "0cbc8bd4defee8fddc0c582556267bd2c1c02704",
"type": "github"
},
"original": {
"owner": "BBBSnowball",
"ref": "pr-1",
"owner": "divnix",
"repo": "digga",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1620759905,
"narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
@ -118,11 +160,11 @@
]
},
"locked": {
"lastModified": 1621407112,
"narHash": "sha256-zPYM4SNvVktHmdYRkfjj/T6aG3hs3Ov3r96P4xmxebA=",
"lastModified": 1622678600,
"narHash": "sha256-mDNqOvtiZs6HuNxkfMUGhmUwAbQxdOyqecf0rVGq7h0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b449cb77b19be059f2a3cf9e7e26d3f68cea56a8",
"rev": "95da56b783e4ccc8ded71137e4add780b239dd46",
"type": "github"
},
"original": {
@ -131,10 +173,45 @@
"type": "github"
}
},
"latest": {
"locked": {
"lastModified": 1622714794,
"narHash": "sha256-ZS8crhH0qwPZQFPQMvaDsWieyoblgb29Phfmk323iG4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6d0f8c801534c9f8f90daa385ddf010692bab310",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"naersk": {
"inputs": {
"nixpkgs": [
"override"
"latest"
]
},
"locked": {
"lastModified": 1610392286,
"narHash": "sha256-3wFl5y+4YZO4SgRYK8WE7JIS3p0sxbgrGaQ6RMw+d98=",
"owner": "nmattia",
"repo": "naersk",
"rev": "d7bfbad3304fd768c0f93a4c3b50976275e6d4be",
"type": "github"
},
"original": {
"owner": "nmattia",
"ref": "master",
"repo": "naersk",
"type": "github"
}
},
"naersk_2": {
"inputs": {
"nixpkgs": [
"latest"
]
},
"locked": {
@ -151,13 +228,28 @@
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1620519687,
"narHash": "sha256-+6Dd72b2CASuXm2W7KRxZIE7AOy/dj4mU28vaF+zxcs=",
"owner": "divnix",
"repo": "nixpkgs.lib",
"rev": "c7b6169809c5f74dd0c34f3d69e9d12ba4d448de",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos": {
"locked": {
"lastModified": 1621073999,
"narHash": "sha256-Cp99YreSFedcWovxNmO8g8qFYltQQJPRLfuot6Z7iGE=",
"lastModified": 1622545032,
"narHash": "sha256-1Y+2LFqnMBEH9OZzMBdLWl6GWFt/xzNz0V5X+m05Ing=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "83d907fd760d9ee4f49b4b7e4b1c6682f137b573",
"rev": "1c2986bbb806c57f9470bf3231d8da7250ab9091",
"type": "github"
},
"original": {
@ -168,11 +260,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1620983891,
"narHash": "sha256-E2OKVgGo/cUqDsrIeYGVx64b4cxgzd7+bX33NHL0rbA=",
"lastModified": 1622521809,
"narHash": "sha256-7XcqrtrHDeaasKzg/ruroLsC2fb6Fi3aenCrv1+xVLk=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "c4399b921fa7ff5f93ee10b3521b56b722ed74d8",
"rev": "b2186d6c3cdc58fb3a8def0f608bcae61138cc6f",
"type": "github"
},
"original": {
@ -181,13 +273,44 @@
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1610942247,
"narHash": "sha256-PKo1ATAlC6BmfYSRmX0TVmNoFbrec+A5OKcabGEu2yU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7d71001b796340b219d1bfa8552c81995017544a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1620962350,
"narHash": "sha256-9ASW4d4/Z8HmRvuJI8rxbEOTbXTBpQ8y+CmFYBwtXzE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5d4a430472cafada97888cc80672fab255231f57",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1621408301,
"narHash": "sha256-1j1I1oO7I2ihAYSM7R/GA79qhVfiES978buHouJ5wmM=",
"lastModified": 1622714715,
"narHash": "sha256-/Ss4De3n3lmAOTutJi28tEZ2yLfQeNNllSc/oYATaAE=",
"owner": "nix-community",
"repo": "NUR",
"rev": "3a4856d8334f5d8fc47bf9e6dceedc293866df26",
"rev": "0d391975d40c80301c19df291d54cc8bc30926be",
"type": "github"
},
"original": {
@ -195,20 +318,6 @@
"type": "indirect"
}
},
"override": {
"locked": {
"lastModified": 1621410834,
"narHash": "sha256-dTnT197eNAeC6Yvoa5BNcU6281oNs368tkj6/NRu0TA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ea87fc7c63bd906871c7182a9c385e879fbb8311",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"pkgs": {
"inputs": {
"nixpkgs": [
@ -216,7 +325,7 @@
]
},
"locked": {
"narHash": "sha256-XG4TOZObj2Wd8KiqnHgtlWjjMbJOIJB7+DxUFzMCXw8=",
"narHash": "sha256-Zs7dc0dNNa0Z3//+Gckxj7SKrMqVovY0xZZ1z8xWnEg=",
"path": "./pkgs",
"type": "path"
},
@ -245,26 +354,23 @@
"inputs": {
"ci-agent": "ci-agent",
"darwin": "darwin",
"deploy": "deploy",
"devshell": "devshell",
"flake-compat": "flake-compat",
"digga": "digga",
"home": "home",
"naersk": "naersk",
"latest": "latest",
"naersk": "naersk_2",
"nixos": "nixos",
"nixos-hardware": "nixos-hardware",
"nur": "nur",
"override": "override",
"pkgs": "pkgs",
"utils": "utils"
"pkgs": "pkgs"
}
},
"utils": {
"locked": {
"lastModified": 1620759905,
"narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=",
"lastModified": 1610051610,
"narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8",
"rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
"type": "github"
},
"original": {
@ -272,6 +378,25 @@
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1620801141,
"narHash": "sha256-XPJ+/nP/s218E11R+4LJyvkrQXvdT3D6TzNjfWVYZnI=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "1a742047f3f7c97b22768ba7738ac5a01052099e",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"ref": "staging",
"repo": "flake-utils-plus",
"type": "github"
}
}
},
"root": "root",

138
flake.nix
View file

@ -4,105 +4,97 @@
inputs =
{
nixos.url = "nixpkgs/nixos-unstable";
override.url = "nixpkgs";
latest.url = "nixpkgs";
digga.url = "github:divnix/digga";
ci-agent = {
url = "github:hercules-ci/hercules-ci-agent";
inputs = { nix-darwin.follows = "darwin"; flake-compat.follows = "flake-compat"; nixos-20_09.follows = "nixos"; nixos-unstable.follows = "override"; };
inputs = { nix-darwin.follows = "darwin"; nixos-20_09.follows = "nixos"; nixos-unstable.follows = "latest"; };
};
darwin.url = "github:LnL7/nix-darwin";
darwin.inputs.nixpkgs.follows = "override";
deploy = {
url = "github:serokell/deploy-rs";
inputs = { flake-compat.follows = "flake-compat"; naersk.follows = "naersk"; nixpkgs.follows = "override"; utils.follows = "utils"; };
};
devshell.url = "github:numtide/devshell";
flake-compat.url = "github:BBBSnowball/flake-compat/pr-1";
flake-compat.flake = false;
darwin.inputs.nixpkgs.follows = "latest";
home.url = "github:nix-community/home-manager";
home.inputs.nixpkgs.follows = "nixos";
naersk.url = "github:nmattia/naersk";
naersk.inputs.nixpkgs.follows = "override";
naersk.inputs.nixpkgs.follows = "latest";
nixos-hardware.url = "github:nixos/nixos-hardware";
utils.url = "github:numtide/flake-utils";
pkgs.url = "path:./pkgs";
pkgs.inputs.nixpkgs.follows = "nixos";
};
outputs = inputs@{ deploy, nixos, nur, self, utils, ... }:
let
inherit (self) lib;
inherit (lib) os;
outputs = inputs@{ self, pkgs, digga, nixos, ci-agent, home, nixos-hardware, nur, ... }:
digga.lib.mkFlake {
inherit self inputs;
extern = import ./extern { inherit inputs; };
overrides = import ./overrides;
channelsConfig = { allowUnfree = true; };
multiPkgs = os.mkPkgs {
inherit extern overrides;
channels = {
nixos = {
imports = [ (digga.lib.importers.overlays ./overlays) ];
overlays = [
./pkgs/default.nix
pkgs.overlay # for `srcs`
nur.overlay
];
};
latest = { };
};
suites = os.mkSuites {
suites = import ./suites;
users = os.mkProfileAttrs "${self}/users";
profiles = os.mkProfileAttrs "${self}/profiles";
userProfiles = os.mkProfileAttrs "${self}/users/profiles";
lib = import ./lib { lib = digga.lib // nixos.lib; };
sharedOverlays = [
(final: prev: {
lib = prev.lib.extend (lfinal: lprev: {
our = self.lib;
});
})
];
nixos = {
hostDefaults = {
system = "x86_64-linux";
channelName = "nixos";
modules = ./modules/module-list.nix;
externalModules = [
{ _module.args.ourLib = self.lib; }
ci-agent.nixosModules.agent-profile
home.nixosModules.home-manager
./modules/customBuilds.nix
];
};
outputs = {
nixosConfigurations = os.mkHosts {
dir = "${self}/hosts";
overrides = import ./overrides;
inherit multiPkgs suites extern;
imports = [ (digga.lib.importers.hosts ./hosts) ];
hosts = {
/* set host specific properties here */
NixOS = { };
};
profiles = [ ./profiles ./users ];
suites = { profiles, users, ... }: with profiles; rec {
base = [ users.root ];
workstation = [ users.root sway develop game profiles.workstation ssh flatpak torrents pwn tor ];
desktop = workstation ++ [ users.mae-desk amd school three_dee ];
lap = workstation ++ [ users.mae-lap laptop bluetooth print networkmanager androidev ];
};
};
homeConfigurations = os.mkHomeConfigurations;
home = {
modules = ./users/modules/module-list.nix;
externalModules = [ ];
profiles = [ ./users/profiles ];
suites = { profiles, ... }: with profiles; rec {
base = [ direnv git ];
};
};
nixosModules =
let moduleList = import ./modules/module-list.nix;
in lib.pathsToImportedAttrs moduleList;
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
homeModules =
let moduleList = import ./users/modules/module-list.nix;
in lib.pathsToImportedAttrs moduleList;
overlay = import ./pkgs;
overlays = lib.pathsToImportedAttrs (lib.pathsIn ./overlays);
lib = import ./lib { inherit nixos self inputs; };
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { };
defaultTemplate = self.templates.flk;
templates.flk.path = ./.;
templates.flk.description = "flk template";
defaultTemplate = self.templates.flk;
deploy.nodes = os.mkNodes deploy self.nixosConfigurations;
};
systemOutputs = utils.lib.eachDefaultSystem (system:
let
pkgs = multiPkgs.${system};
# all packages that are defined in ./pkgs
legacyPackages = os.mkPackages { inherit pkgs; };
in
{
checks =
let
tests = nixos.lib.optionalAttrs (system == "x86_64-linux")
(import ./tests { inherit self pkgs; });
deployHosts = nixos.lib.filterAttrs
(n: _: self.nixosConfigurations.${n}.config.nixpkgs.system == system)
self.deploy.nodes;
deployChecks = deploy.lib.${system}.deployChecks { nodes = deployHosts; };
in
nixos.lib.recursiveUpdate tests deployChecks;
inherit legacyPackages;
packages = lib.filterPackages system legacyPackages;
devShell = import ./shell {
inherit self system extern overrides;
};
}
);
in
nixos.lib.recursiveUpdate outputs systemOutputs;
;
}

45
lib/attrs.nix
View file

@ -1,45 +0,0 @@
{ lib, ... }:
rec {
# mapFilterAttrs ::
# (name -> value -> bool )
# (name -> value -> { name = any; value = any; })
# attrs
mapFilterAttrs = seive: f: attrs:
lib.filterAttrs
seive
(lib.mapAttrs' f attrs);
# Generate an attribute set by mapping a function over a list of values.
genAttrs' = values: f: lib.listToAttrs (map f values);
# Convert a list of file paths to attribute set where
# the key is the folder or filename stripped of nix
# extension and imported content of the file as value.
#
pathsToImportedAttrs = paths:
let
paths' = lib.filter
(path: lib.hasSuffix ".nix" path
|| lib.pathExists "${path}/default.nix")
paths;
in
genAttrs' paths' (path: {
name = lib.removeSuffix ".nix"
# Safe as long this is just used as a name
(builtins.unsafeDiscardStringContext (baseNameOf path));
value = import path;
});
concatAttrs = lib.fold (attr: sum: lib.recursiveUpdate sum attr) { };
# Filter out packages that support given system and follow flake check requirements
filterPackages = system: packages:
let
# Everything that nix flake check requires for the packages output
filter = (n: v: with v; let platforms = meta.hydraPlatforms or meta.platforms or [ ]; in
lib.isDerivation v && !meta.broken && builtins.elem system platforms);
in
lib.filterAttrs filter packages;
safeReadDir = path: lib.optionalAttrs (builtins.pathExists path) (builtins.readDir path);
}

8
compat/default.nix → lib/compat/default.nix
View file

@ -1,16 +1,14 @@
let
inherit (lock.nodes.flake-compat.locked) rev narHash;
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
rev = "e7e5d481a0e15dcd459396e55327749989e04ce0";
flake = (import
(
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${rev}.tar.gz";
sha256 = narHash;
sha256 = "0zd3x46fswh5n6faq4x2kkpy6p3c6j593xbdlbsl40ppkclwc80x";
}
)
{
src = ../.;
src = ../../.;
});
in
flake

0
compat/nixos/default.nix → lib/compat/nixos/default.nix
View file

26
lib/default.nix
View file

@ -1,24 +1,2 @@
args@{ nixos, self, ... }:
let inherit (nixos) lib; in
lib.makeExtensible (final:
let callLibs = file: import file
({
inherit lib;
dev = final;
} // args);
in
with final;
{
inherit callLibs;
attrs = callLibs ./attrs.nix;
os = callLibs ./devos;
lists = callLibs ./lists.nix;
strings = callLibs ./strings.nix;
inherit (attrs) mapFilterAttrs genAttrs' safeReadDir
pathsToImportedAttrs concatAttrs filterPackages;
inherit (lists) pathsIn;
inherit (strings) rgxToString;
})
{ lib }:
lib.makeExtensible (self: { })

30
lib/devos/default.nix
View file

@ -1,30 +0,0 @@
{ lib, nixos, dev, ... }:
{
# pkgImport :: Nixpkgs -> Overlays -> System -> Pkgs
pkgImport = nixpkgs: overlays: system:
import nixpkgs {
inherit system overlays;
config = { allowUnfree = true; };
};
profileMap = map (profile: profile.default);
mkNodes = dev.callLibs ./mkNodes.nix;
mkHosts = dev.callLibs ./mkHosts.nix;
mkSuites = dev.callLibs ./mkSuites.nix;
mkProfileAttrs = dev.callLibs ./mkProfileAttrs.nix;
mkPkgs = dev.callLibs ./mkPkgs.nix;
recImport = dev.callLibs ./recImport.nix;
devosSystem = dev.callLibs ./devosSystem.nix;
mkHomeConfigurations = dev.callLibs ./mkHomeConfigurations.nix;
mkPackages = dev.callLibs ./mkPackages.nix;
}

103
lib/devos/devosSystem.nix
View file

@ -1,103 +0,0 @@
{ lib, nixos, self, inputs, ... }:
{ modules, ... } @ args:
lib.nixosSystem (args // {
modules =
let
moduleList = builtins.attrValues modules;
modpath = "nixos/modules";
fullHostConfig = (lib.nixosSystem (args // { modules = moduleList; })).config;
isoConfig = (lib.nixosSystem
(args // {
modules = moduleList ++ [
"${nixos}/${modpath}/installer/cd-dvd/installation-cd-minimal-new-kernel.nix"
({ config, suites, ... }: {
# avoid unwanted systemd service startups
# all strings in disabledModules get appended to modulesPath
# so convert each to list which can be coerced to string
disabledModules = map (x: [ x ])
(lib.remove modules.core suites.allProfiles);
nix.registry = lib.mapAttrs (n: v: { flake = v; }) inputs;
isoImage.isoBaseName = "nixos-" + config.networking.hostName;
isoImage.contents = [{
source = self;
target = "/devos/";
}];
isoImage.storeContents = [
self.devShell.${config.nixpkgs.system}
# include also closures that are "switched off" by the
# above profile filter on the local config attribute
fullHostConfig.system.build.toplevel
];
# still pull in tools of deactivated profiles
environment.systemPackages = fullHostConfig.environment.systemPackages;
# confilcts with networking.wireless which might be slightly
# more useful on a stick
networking.networkmanager.enable = lib.mkForce false;
# confilcts with networking.wireless
networking.wireless.iwd.enable = lib.mkForce false;
# Set up a link-local boostrap network
# See also: https://github.com/NixOS/nixpkgs/issues/75515#issuecomment-571661659
networking.usePredictableInterfaceNames = lib.mkForce true; # so prefix matching works
networking.useNetworkd = lib.mkForce true;
networking.useDHCP = lib.mkForce false;
networking.dhcpcd.enable = lib.mkForce false;
systemd.network = {
# https://www.freedesktop.org/software/systemd/man/systemd.network.html
networks."boostrap-link-local" = {
matchConfig = {
Name = "en* wl* ww*";
};
networkConfig = {
Description = "Link-local host bootstrap network";
MulticastDNS = true;
LinkLocalAddressing = "ipv6";
DHCP = "yes";
};
address = [
# fall back well-known link-local for situations where MulticastDNS is not available
"fe80::47" # 47: n=14 i=9 x=24; n+i+x
];
extraConfig = ''
# Unique, yet stable. Based off the MAC address.
IPv6LinkLocalAddressGenerationMode = "eui64"
'';
};
};
})
];
})).config;
hmConfig = (lib.nixosSystem
(args // {
modules = moduleList ++ [
({ config, ... }: {
home-manager.useUserPackages = lib.mkForce false;
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
})
];
})).config;
in
moduleList ++ [{
system.build = {
iso = isoConfig.system.build.isoImage;
homes = hmConfig.home-manager.users;
};
}];
})

12
lib/devos/mkHomeConfigurations.nix
View file

@ -1,12 +0,0 @@
{ lib, self, ... }:
with lib;
let
mkHomes = host: config:
mapAttrs' (user: v: nameValuePair "${user}@${host}" v)
config.config.system.build.homes;
hmConfigs = mapAttrs mkHomes self.nixosConfigurations;
in
foldl recursiveUpdate { } (attrValues hmConfigs)

103
lib/devos/mkHosts.nix
View file

@ -1,103 +0,0 @@
{ lib, dev, nixos, inputs, self, ... }:
{ dir, extern, suites, overrides, multiPkgs, ... }:
let
defaultSystem = "x86_64-linux";
experimentalFeatures = [
"flakes"
"nix-command"
"ca-references"
"ca-derivations"
];
modules = {
core = "${self}/profiles/core";
modOverrides = { config, overrideModulesPath, ... }:
let
inherit (overrides) modules disabledModules;
in
{
disabledModules = modules ++ disabledModules;
imports = map
(path: "${overrideModulesPath}/${path}")
modules;
};
global = { config, ... }: {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = extern.userSpecialArgs // { suites = suites.user; };
sharedModules = extern.userModules ++ (builtins.attrValues self.homeModules);
};
hardware.enableRedistributableFirmware = lib.mkDefault true;
nix.nixPath = [
"nixpkgs=${nixos}"
"nixos-config=${self}/compat/nixos"
"home-manager=${inputs.home}"
];
nixpkgs.pkgs = lib.mkDefault multiPkgs.${config.nixpkgs.system};
nix.registry = {
devos.flake = self;
nixos.flake = nixos;
override.flake = inputs.override;
};
nix.extraOptions = ''
experimental-features = ${lib.concatStringsSep " "
experimentalFeatures
}
'';
system.configurationRevision = lib.mkIf (self ? rev) self.rev;
};
# Everything in `./modules/list.nix`.
flakeModules = { imports = builtins.attrValues self.nixosModules ++ extern.modules; };
cachix = ../../cachix.nix;
};
specialArgs = extern.specialArgs // { suites = suites.system; };
mkHostConfig = hostName:
let
local = {
require = [
"${dir}/${hostName}.nix"
];
networking = { inherit hostName; };
_module.args = {
inherit self;
hosts = builtins.mapAttrs (_: host: host.config)
(removeAttrs hosts [ hostName ]);
};
};
lib = {
lib = { inherit specialArgs; };
lib.testModule = {
imports = builtins.attrValues modules;
};
};
in
dev.os.devosSystem {
inherit specialArgs;
system = defaultSystem;
modules = modules // { inherit local lib; };
};
hosts = dev.os.recImport
{
inherit dir;
_import = mkHostConfig;
};
in
hosts

16
lib/devos/mkNodes.nix
View file

@ -1,16 +0,0 @@
{ lib, ... }:
/**
Synopsis: mkNodes _nixosConfigurations_
Generate the `nodes` attribute expected by deploy-rs
where _nixosConfigurations_ are `nodes`.
**/
deploy: lib.mapAttrs (_: config: {
hostname = config.config.networking.hostName;
profiles.system = {
user = "root";
path = deploy.lib.x86_64-linux.activate.nixos config;
};
})

18
lib/devos/mkPackages.nix
View file

@ -1,18 +0,0 @@
{ lib, dev, self, ... }:
{ pkgs }:
let
inherit (self) overlay overlays;
packagesNames = lib.attrNames (overlay null null)
++ lib.attrNames (dev.concatAttrs
(lib.attrValues
(lib.mapAttrs (_: v: v null null) overlays)
)
);
in
lib.fold
(key: sum: lib.recursiveUpdate sum {
${key} = pkgs.${key};
})
{ }
packagesNames

27
lib/devos/mkPkgs.nix
View file

@ -1,27 +0,0 @@
{ lib, dev, nixos, self, inputs, ... }:
{ extern, overrides }:
(inputs.utils.lib.eachDefaultSystem
(system:
let
overridePkgs = dev.os.pkgImport inputs.override [ ] system;
overridesOverlay = overrides.packages;
overlays = [
(final: prev: {
lib = prev.lib.extend (lfinal: lprev: {
inherit dev;
inherit (lib) nixosSystem;
utils = inputs.utils.lib;
});
})
(overridesOverlay overridePkgs)
self.overlay
]
++ extern.overlays
++ (lib.attrValues self.overlays);
in
{ pkgs = dev.os.pkgImport nixos overlays system; }
)
).pkgs

35
lib/devos/mkProfileAttrs.nix
View file

@ -1,35 +0,0 @@
{ lib, dev, ... }:
let mkProfileAttrs =
/**
Synopsis: mkProfileAttrs _path_
Recursively collect the subdirs of _path_ containing a default.nix into attrs.
This sets a contract, eliminating ambiguity for _default.nix_ living under the
profile directory.
Example:
let profiles = mkProfileAttrs ./profiles; in
assert profiles ? core.default; 0
**/
dir:
let
imports =
let
files = dev.safeReadDir dir;
p = n: v:
v == "directory"
&& n != "profiles";
in
lib.filterAttrs p files;
f = n: _:
lib.optionalAttrs
(lib.pathExists "${dir}/${n}/default.nix")
{ default = "${dir}/${n}"; }
// mkProfileAttrs "${dir}/${n}";
in
lib.mapAttrs f imports;
in mkProfileAttrs

24
lib/devos/mkSuites.nix
View file

@ -1,24 +0,0 @@
{ lib, dev, ... }:
{ users, profiles, userProfiles, suites } @ args:
let
inherit (dev) os;
definedSuites = suites {
inherit (args) users profiles userProfiles;
};
allProfiles =
let defaults = lib.collect (x: x ? default) profiles;
in map (x: x.default) defaults;
allUsers =
let defaults = lib.collect (x: x ? default) users;
in map (x: x.default) defaults;
createSuites = _: suites: lib.mapAttrs (_: v: os.profileMap v) suites // {
inherit allProfiles allUsers;
};
in
lib.mapAttrs createSuites definedSuites

12
lib/devos/recImport.nix
View file

@ -1,12 +0,0 @@
{ lib, dev, ... }:
{ dir, _import ? base: import "${dir}/${base}.nix" }:
dev.mapFilterAttrs
(_: v: v != null)
(n: v:
if n != "default.nix" && lib.hasSuffix ".nix" n && v == "regular"
then
let name = lib.removeSuffix ".nix" n; in lib.nameValuePair (name) (_import name)
else
lib.nameValuePair ("") (null))
(dev.safeReadDir dir)

8
lib/lists.nix
View file

@ -1,8 +0,0 @@
{ lib, dev, ... }:
{
pathsIn = dir:
let
fullPath = name: "${toString dir}/${name}";
in
map fullPath (lib.attrNames (dev.safeReadDir dir));
}

20
lib/strings.nix
View file

@ -1,20 +0,0 @@
{ lib, ... }:
{
# returns matching part of _regex_ _string_; null indicates failure.
rgxToString = regex: string:
let
match =
let
head = lib.substring 0 1 regex;
sec = lib.substring 1 2 regex;
in
if head == "^"
|| head == "."
|| (sec == "*" || sec == "+" || sec == "?")
then builtins.match "(${regex}).*" string
else builtins.match ".*(${regex}).*" string;
in
if lib.isList match
then lib.head match
else null;
}

30
modules/customBuilds.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, self, diggaLib, config, modules, channel, ... }:
let
mkBuild = buildModule:
# TODO: get specialArgs as a module argument and drop builderArgs usage
channel.input.lib.nixosSystem (diggaLib.mergeAny config.lib.builderArgs {
modules = [ buildModule ];
});
in
{
system.build = {
iso = (mkBuild (diggaLib.modules.isoConfig {
inherit self;
inherit (self) inputs;
fullHostConfig = config;
})).config.system.build.isoImage;
homes = (mkBuild ({ config, ... }: {
home-manager.useUserPackages = lib.mkForce false;
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
})).config.home-manager.users;
};
}

31
nix/ci.nix
View file

@ -1,31 +0,0 @@
let
inherit (default.inputs.nixos) lib;
default = (import "${../.}/compat").defaultNix;
ciSystems = [
"aarch64-linux"
"i686-linux"
"x86_64-linux"
];
filterSystems = lib.filterAttrs
(system: _: lib.elem system ciSystems);
recurseIntoAttrsRecursive = lib.mapAttrs (_: v:
if lib.isAttrs v
then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v)
else v
);
systemOutputs = lib.filterAttrs
(name: set: lib.isAttrs set
&& lib.any
(system: set ? ${system} && name != "legacyPackages")
ciSystems
)
default.outputs;
ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs;
in
recurseIntoAttrsRecursive ciDrvs

28
overlays/overrides.nix Normal file
View file

@ -0,0 +1,28 @@
channels: final: prev: {
__dontExport = true; # overrides clutter up actual creations
inherit (channels.latest)
cachix
dhall
discord
element-desktop
manix
nixpkgs-fmt
qutebrowser
signal-desktop
starship;
haskellPackages = prev.haskellPackages.override {
overrides = hfinal: hprev:
let version = prev.lib.replaceChars [ "." ] [ "" ] prev.ghc.version;
in
{
# same for haskell packages, matching ghc versions
inherit (channels.latest.haskell.packages."ghc${version}")
haskell-language-server;
};
};
}

46
overrides/README.md
View file

@ -1,46 +0,0 @@
# Overrides
By default, the NixOS systems are based on the latest release. While it is
trivial to change this to nixos-unstable or any other branch of nixpkgs by
changing the flake url, sometimes all we want is a single package from another
branch.
This is what the overrides are for. By default, they are pulled directly from
nixpkgs/master, but you can change the `override` flake input url to
nixos-unstable, or even a specific sha revision.
## Example
### Packages
The override packages are defined as a regular overlay with an extra arguement
`pkgs`. This refers to the packages built from the `override` flake.
Pulling the manix package from the override flake:
```nix
{
packages = pkgs: final: prev: {
inherit (pkgs) manix;
};
}
```
### Modules
You can also pull modules from override. Simply specify their path relative to
the nixpkgs [modules][nixpkgs-modules] directory. The old version will be added
to `disabledModules` and the new version imported into the configuration.
Pulling the zsh module from the override flake:
```nix
{
modules = [ "programs/zsh/zsh.nix" ];
}
```
> ##### _Note:_
> Sometimes a modules name will change from one branch to another. This is what
> the `disabledModules` list is for. If the module name changes, the old
> version will not automatically be disabled, so simply put it's old name in
> this list to disable it.
[nixpkgs-modules]: https://github.com/NixOS/nixpkgs/tree/master/nixos/modules

13
overrides/default.nix
View file

@ -1,13 +0,0 @@
# override defaults to nixpkgs/master
{
# modules to pull from override, stable version is automatically disabled
modules = [ ];
# if a modules name changed in override, add the old name here
disabledModules = [ ];
# packages pulled from override
packages = pkgs: final: prev: {
# inherit (pkgs) tracker;
};
}

11
profiles/core/default.nix
View file

@ -1,8 +1,8 @@
{ config, lib, pkgs, ... }:
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
nix.package = pkgs.nixFlakes;
imports = [ ../cachix ];
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
@ -11,7 +11,6 @@ in
binutils
coreutils
curl
deploy-rs
direnv
dnsutils
dosfstools
@ -31,12 +30,10 @@ in
tmux
nmap
ripgrep
skim
tealdeer
whois
imagemagick
youtube-dl
ffmpeg
libqalculate
nur.repos.xe.comma
];

6
profiles/hosts_block/default.nix
View file

@ -1,6 +0,0 @@
{
networking.extraHosts =
''
127.0.0.1 is.badat.dev
'';
}

2
shell.nix
View file

@ -1 +1 @@
(import ./compat).shellNix
(import ./lib/compat).shellNix

51
shell/default.nix
View file

@ -1,51 +0,0 @@
{ self ? (import ../compat).defaultNix
, system ? builtins.currentSystem
, extern ? import ../extern { inherit (self) inputs; }
, overrides ? import ../overrides
}:
let
pkgs = (self.lib.os.mkPkgs {
inherit overrides extern;
}).${system};
inherit (pkgs) lib;
installPkgs = (lib.nixosSystem {
inherit system;
modules = [ ];
}).config.system.build;
flk = pkgs.callPackage ./flk.nix { };
in
pkgs.devshell.mkShell
{
imports = [ (pkgs.devshell.importTOML ./devshell.toml) ];
packages = with installPkgs; [
nixos-install
nixos-generate-config
nixos-enter
];
git.hooks = {
pre-commit.text = lib.fileContents ./pre-commit.sh;
};
commands = with pkgs; [
{ package = flk; }
{
name = "nix";
help = pkgs.nixFlakes.meta.description;
command = ''
${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes ca-references" "${"\${@}"}"
'';
}
]
++ lib.optional (system != "i686-linux") { package = cachix; }
++ lib.optional (system == "x86_64-linux") {
name = "deploy";
package = deploy-rs;
help = "A simple multi-profile Nix-flake deploy tool.";
};
}

29
shell/devshell.toml
View file

@ -1,29 +0,0 @@
imports = [ "git.hooks" ]
[devshell]
packages = [
"git-crypt"
]
[[commands]]
package = "git"
category = "vcs"
[[commands]]
package = "nixpkgs-fmt"
category = "linters"
[[commands]]
package = "editorconfig-checker"
category = "linters"
[[commands]]
package = "python3Packages.grip"
category = "documentation"
[[commands]]
package = "mdbook"
category = "documentation"
[git.hooks]
enable = true

23
shell/flk.nix
View file

@ -1,23 +0,0 @@
{ stdenv }:
let
name = "flk";
in
stdenv.mkDerivation {
inherit name;
src = ./flk.sh;
dontUnpack = true;
dontBuild = true;
installPhase = ''
mkdir -p $out/bin
install $src $out/bin/${name}
'';
checkPhase = ''
${stdenv.shell} -n -O extglob $out/bin/${name}
'';
meta.description = "Build, deploy, and install NixOS";
}

98
shell/flk.sh
View file

@ -1,98 +0,0 @@
#!/usr/bin/env bash
[[ -d "$DEVSHELL_ROOT" ]] ||
{
echo "This script must be run from devos's devshell" >&2
exit 1
}
shopt -s extglob
HOSTNAME="$(hostname)"
usage () {
printf "%b\n" \
"\e[4mUsage\e[0m: $(basename $0) COMMAND [ARGS]\n" \
"\e[4mCommands\e[0m:"
printf " %-30s %s\n\n" \
"up" "Generate $DEVSHELL_ROOT/hosts/up-$HOSTNAME.nix" \
"update [INPUT]" "Update and commit the lock file, or specific input" \
"get (core|community) [DEST]" "Copy the desired template to DEST" \
"iso HOST" "Generate an ISO image of HOST" \
"install HOST [ARGS]" "Shortcut for nixos-install" \
"home HOST USER [switch]" "Home-manager config of USER from HOST" \
"HOST (switch|boot|test)" "Shortcut for nixos-rebuild"
}
case "$1" in
""|"-h"|"help"|*(-)"help")
usage
;;
"up")
mkdir -p "$DEVSHELL_ROOT/up"
nixos-generate-config --dir "$DEVSHELL_ROOT/up/$HOSTNAME"
printf "%s\n" \
"{ suites, ... }:" \
"{" \
" imports = [" \
" ../up/$HOSTNAME/configuration.nix" \
" ] ++ suites.core;" \
"}" > "$DEVSHELL_ROOT/hosts/up-$HOSTNAME.nix"
git add -f \
"$DEVSHELL_ROOT/up/$HOSTNAME" \
"$DEVSHELL_ROOT/hosts/up-$HOSTNAME.nix"
;;
"update")
if [[ -n "$2" ]]; then
if [[ -n "$3" ]]; then
(cd $2; nix flake list-inputs --update-input "$3")
else
(cd $2; nix flake update)
fi
nix flake list-inputs --update-input "$2" "$DEVSHELL_ROOT"
else
nix flake update "$DEVSHELL_ROOT"
fi
;;
"get")
if [[ "$2" == "core" || "$2" == "community" ]]; then
nix flake new -t "github:divnix/devos/$2" "${3:-flk}"
else
echo "flk get (core|community) [DEST]"
exit 1
fi
;;
"iso")
nix build \
"$DEVSHELL_ROOT#nixosConfigurations.$2.config.system.build.iso" \
"${@:3}"
;;
"install")
sudo nixos-install --flake "$DEVSHELL_ROOT#$2" "${@:3}"
;;
"home")
ref="$DEVSHELL_ROOT/#homeConfigurations.$3@$2.home.activationPackage"
if [[ "$4" == "switch" ]]; then
nix build "$ref" && result/activate &&
unlink result
else
nix build "$ref" "${@:4}"
fi
;;
*)
sudo nixos-rebuild --flake "$DEVSHELL_ROOT#$1" "${@:2}"
;;
esac

29
shell/pre-commit.sh
View file

@ -1,29 +0,0 @@
#!/usr/bin/env bash
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=$(${git}/bin/git hash-object -t tree /dev/null)
fi
diff="git diff-index --name-only --cached $against --diff-filter d"
nix_files=($($diff -- '*.nix'))
all_files=($($diff))
# Format staged nix files.
if [[ -n "${nix_files[@]}" ]]; then
nixpkgs-fmt "${nix_files[@]}" \
&& git add "${nix_files[@]}"
fi
# check editorconfig
editorconfig-checker -- "${all_files[@]}"
if [[ $? != '0' ]]; then
printf "%b\n" \
"\nCode is not aligned with .editorconfig" \
"Review the output and commit your fixes" >&2
exit 1
fi

74
tests/default.nix
View file

@ -1,74 +0,0 @@
{ self, pkgs }:
let
inherit (self.inputs) nixos;
inherit (self.nixosConfigurations.NixOS.config.lib) testModule specialArgs;
mkTest =
let
nixosTesting =
(import "${nixos}/nixos/lib/testing-python.nix" {
inherit (pkgs.stdenv.hostPlatform) system;
inherit specialArgs;
inherit pkgs;
extraConfigurations = [
testModule
];
});
in
test:
let
loadedTest =
if builtins.typeOf test == "path"
then import test
else test;
calledTest =
if pkgs.lib.isFunction loadedTest
then pkgs.callPackage loadedTest { }
else loadedTest;
in
nixosTesting.makeTest calledTest;
in
{
profilesTest = mkTest {
name = "profiles";
machine = { suites, ... }: {
imports = suites.allProfiles ++ suites.allUsers;
};
testScript = ''
machine.systemctl("is-system-running --wait")
'';
};
homeTest = self.homeConfigurations."nixos@NixOS".home.activationPackage;
libTests = pkgs.runCommandNoCC "devos-lib-tests"
{
buildInputs = [
pkgs.nix
(
let tests = import ./lib.nix { inherit self pkgs; };
in
if tests == [ ]
then null
else throw (builtins.toJSON tests)
)
];
} ''
datadir="${pkgs.nix}/share"
export TEST_ROOT=$(pwd)/test-tmp
export NIX_BUILD_HOOK=
export NIX_CONF_DIR=$TEST_ROOT/etc
export NIX_LOCALSTATE_DIR=$TEST_ROOT/var
export NIX_LOG_DIR=$TEST_ROOT/var/log/nix
export NIX_STATE_DIR=$TEST_ROOT/var/nix
export NIX_STORE_DIR=$TEST_ROOT/store
export PAGER=cat
cacheDir=$TEST_ROOT/binary-cache
nix-store --init
touch $out
'';
}

99
tests/lib.nix
View file

@ -1,99 +0,0 @@
{ self, pkgs }:
let inherit (self.inputs.nixos) lib; in
with self.lib;
lib.runTests {
testConcatAttrs = {
expr = concatAttrs [{ foo = 1; } { bar = 2; } { baz = 3; }];
expected = { foo = 1; bar = 2; baz = 3; };
};
testGenAttrs' = {
expr = genAttrs'
[ "/foo/bar" "/baz/buzz" ]
(path: {
name = baseNameOf path;
value = "${path}/fizz";
});
expected = { bar = "/foo/bar/fizz"; buzz = "/baz/buzz/fizz"; };
};
testMapFilterAttrs = {
expr = mapFilterAttrs
(n: v: n == "foobar" && v == 1)
(n: v: lib.nameValuePair ("${n}bar") (v + 1))
{ foo = 0; bar = 2; };
expected = { foobar = 1; };
};
testPathsIn =
let testPaths = pkgs.runCommandNoCC "test-paths-in" { } ''
mkdir -p $out/{foo,bar,baz}
'';
in
{
expr = pathsIn testPaths;
expected = [
"${testPaths}/bar"
"${testPaths}/baz"
"${testPaths}/foo"
];
};
testPathsToImportedAttrs = {
expr =
pathsToImportedAttrs [
"${self}/tests/testPathsToImportedAttrs/dir"
"${self}/tests/testPathsToImportedAttrs/foo.nix"
"${self}/tests/testPathsToImportedAttrs/bar.nix"
"${self}/tests/testPathsToImportedAttrs/t.nix"
"${self}/tests/testPathsToImportedAttrs/f.nix"
];
expected = {
dir = { a = 5; };
foo = { bar = 1; };
bar = { foo = 2; };
t = true;
f = false;
};
};
testRgxToString = lib.testAllTrue [
(rgxToString ".+x" "vxk" == "vx")
(rgxToString "^fo" "foo" == "fo")
(rgxToString "a?" "a" == "a")
(rgxToString "hat" "foohatbar" == "hat")
];
testSafeReadDir = {
expr = safeReadDir "${self}/tests/profiles" // safeReadDir "${self}/nonexistentdir";
expected = {
foo = "directory";
t = "directory";
};
};
testSuites =
let
profiles = os.mkProfileAttrs (toString ./profiles);
users = "";
userProfiles = "";
suites = { profiles, ... }: {
system.bar = [ profiles.foo ];
};
in
{
expr = os.mkSuites { inherit profiles users userProfiles suites; };
expected = {
system = {
bar = [ profiles.foo.default ];
allProfiles = [ profiles.foo.default profiles.t.default ];
allUsers = [ ];
};
};
};
}

3
tests/profiles/foo/default.nix
View file

@ -1,3 +0,0 @@
{
bar = 5;
}

1
tests/profiles/t/default.nix
View file

@ -1 +0,0 @@

1
tests/testPathsToImportedAttrs/bar.nix
View file

@ -1 +0,0 @@
{ foo = 2; }

1
tests/testPathsToImportedAttrs/dir/default.nix
View file

@ -1 +0,0 @@
{ a = 5; }

1
tests/testPathsToImportedAttrs/f.nix
View file

@ -1 +0,0 @@
true && false

1
tests/testPathsToImportedAttrs/foo.nix
View file

@ -1 +0,0 @@
{ bar = 1; }

1
tests/testPathsToImportedAttrs/t.nix
View file

@ -1 +0,0 @@
true || false