Merge #325
325: feature: Add pkgs fetch manager nvfetcher r=blaggacao a=GTrunSec Regarding motivation in https://github.com/divnix/devos/issues/299 Any question here? Example: - overlay ``` inherit (prev.sources.<PackageName>) pname version src; ``` - pkgs ``` stdenv.mkDerivation rec { inherit (sources.<PackageName>) pname version src; ``` Resolves #299 Co-authored-by: GTrunSec <gtrunsec@hardenedlinux.org> Co-authored-by: David Arnold <dgx.arnold@gmail.com>
This commit is contained in:
commit
e3b7c07daf
13 changed files with 154 additions and 109 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -8,3 +8,5 @@ doc/index.html
|
||||||
vm
|
vm
|
||||||
iso
|
iso
|
||||||
doi
|
doi
|
||||||
|
|
||||||
|
pkgs/_sources/.shake*
|
||||||
|
|
34
README.md
34
README.md
|
@ -69,6 +69,7 @@ following giants][giants]:
|
||||||
### :family: — like family
|
### :family: — like family
|
||||||
- [`numtide/devshell`][devshell]
|
- [`numtide/devshell`][devshell]
|
||||||
- [`serokell/deploy-rs`][deploy]
|
- [`serokell/deploy-rs`][deploy]
|
||||||
|
- [`berberman/nvfetcher`][nvfetcher]
|
||||||
- [`NixOS/nixpkgs`][nixpkgs]
|
- [`NixOS/nixpkgs`][nixpkgs]
|
||||||
|
|
||||||
:heart:
|
:heart:
|
||||||
|
@ -94,22 +95,23 @@ goals are sufficiently upstreamed into "the Nix", dissolved.
|
||||||
# License
|
# License
|
||||||
DevOS is licensed under the [MIT License][mit].
|
DevOS is licensed under the [MIT License][mit].
|
||||||
|
|
||||||
[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake
|
|
||||||
[nixpkgs]: https://github.com/NixOS/nixpkgs
|
|
||||||
[deploy]: https://github.com/serokell/deploy-rs
|
|
||||||
[toc]: https://github.com/divnix/devos/blob/core/flake.nix
|
|
||||||
[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants
|
|
||||||
[digga]: https://github.com/divnix/digga
|
|
||||||
[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus
|
|
||||||
[fu]: https://github.com/numtide/flake-utils
|
|
||||||
[devshell]: https://github.com/numtide/devshell
|
|
||||||
[nix]: https://nixos.org/manual/nix/stable
|
|
||||||
[mit]: https://mit-license.org
|
|
||||||
[nixos]: https://nixos.org/manual/nixos/stable
|
|
||||||
[home-manager]: https://nix-community.github.io/home-manager
|
|
||||||
[flakes]: https://nixos.wiki/wiki/Flakes
|
|
||||||
[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md
|
|
||||||
[core]: https://github.com/divnix/devos
|
|
||||||
[community]: https://github.com/divnix/devos/tree/community
|
[community]: https://github.com/divnix/devos/tree/community
|
||||||
|
[core]: https://github.com/divnix/devos
|
||||||
|
[deploy]: https://github.com/serokell/deploy-rs
|
||||||
|
[devshell]: https://github.com/numtide/devshell
|
||||||
|
[digga]: https://github.com/divnix/digga
|
||||||
[dotfiles]: https://github.com/hlissner/dotfiles
|
[dotfiles]: https://github.com/hlissner/dotfiles
|
||||||
|
[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md
|
||||||
|
[flakes]: https://nixos.wiki/wiki/Flakes
|
||||||
|
[fu]: https://github.com/numtide/flake-utils
|
||||||
|
[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus
|
||||||
|
[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants
|
||||||
|
[home-manager]: https://nix-community.github.io/home-manager
|
||||||
|
[mit]: https://mit-license.org
|
||||||
|
[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake
|
||||||
|
[nix]: https://nixos.org/manual/nix/stable
|
||||||
|
[nixos]: https://nixos.org/manual/nixos/stable
|
||||||
|
[nixpkgs]: https://github.com/NixOS/nixpkgs
|
||||||
|
[nvfetcher]: https://github.com/berberman/nvfetcher
|
||||||
[please]: https://github.com/nrdxp/devos/tree/nrd
|
[please]: https://github.com/nrdxp/devos/tree/nrd
|
||||||
|
[toc]: https://github.com/divnix/devos/blob/core/flake.nix
|
||||||
|
|
|
@ -31,5 +31,6 @@
|
||||||
- [Integrations](./integrations/index.md)
|
- [Integrations](./integrations/index.md)
|
||||||
- [Cachix](./integrations/cachix.md)
|
- [Cachix](./integrations/cachix.md)
|
||||||
- [Deploy RS](./integrations/deploy.md)
|
- [Deploy RS](./integrations/deploy.md)
|
||||||
|
- [NvFetcher](./integrations/nvfetcher.md)
|
||||||
- [Hercules CI](./integrations/hercules.md)
|
- [Hercules CI](./integrations/hercules.md)
|
||||||
- [Contributing](./CONTRIBUTING.md)
|
- [Contributing](./CONTRIBUTING.md)
|
||||||
|
|
43
doc/integrations/nvfetcher.md
Normal file
43
doc/integrations/nvfetcher.md
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
# nvfetcher
|
||||||
|
[NvFetcher][nvf] is a workflow companion for updating nix sources.
|
||||||
|
|
||||||
|
You can specify an origin source and an update configuration, and
|
||||||
|
nvfetcher can for example track updates to a specific branch and
|
||||||
|
automatically update your nix sources configuration on each run
|
||||||
|
to the tip of that branch.
|
||||||
|
|
||||||
|
All package source declaration is done in [sources.toml][sources.toml].
|
||||||
|
|
||||||
|
From within the devshell of this repo, run `nvfetcher`, a wrapped
|
||||||
|
version of `nvfetcher` that knows where to find and place its files
|
||||||
|
and commit the results.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Statically fetching (not tracking) a particular tag from a github repo:
|
||||||
|
```toml
|
||||||
|
[manix]
|
||||||
|
src.manual = "v0.6.3"
|
||||||
|
fetch.github = "mlvzk/manix"
|
||||||
|
```
|
||||||
|
|
||||||
|
Tracking the latest github _release_ from a github repo:
|
||||||
|
```toml
|
||||||
|
[manix]
|
||||||
|
src.github = "mlvzk/manix" # responsible for tracking
|
||||||
|
fetch.github = "mlvzk/manix" # responsible for fetching
|
||||||
|
```
|
||||||
|
|
||||||
|
Tracking the latest commit of a git repository and fetch from a git repo:
|
||||||
|
```toml
|
||||||
|
[manix]
|
||||||
|
src.git = "https://github.com/mlvzk/manix.git" # responsible for tracking
|
||||||
|
fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching
|
||||||
|
```
|
||||||
|
|
||||||
|
> ##### _Note:_
|
||||||
|
> Please refer to the [NvFetcher Readme][nvf-readme] for more options.
|
||||||
|
|
||||||
|
[nvf: https://github.com/berberman/nvfetcher
|
||||||
|
[nvf-readme]: https://github.com/berberman/nvfetcher#readme
|
||||||
|
[sources.toml]: https://github.com/divnix/devos/tree/core/pkgs/sources.toml
|
53
flake.lock
53
flake.lock
|
@ -166,6 +166,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-compat_3": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1606424373,
|
||||||
|
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1623660459,
|
"lastModified": 1623660459,
|
||||||
|
@ -181,6 +197,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1620759905,
|
||||||
|
"narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home": {
|
"home": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -332,20 +363,26 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"pkgs": {
|
"nvfetcher": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat_3",
|
||||||
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"latest"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"narHash": "sha256-Zs7dc0dNNa0Z3//+Gckxj7SKrMqVovY0xZZ1z8xWnEg=",
|
"lastModified": 1624534673,
|
||||||
"path": "./pkgs",
|
"narHash": "sha256-7HWt8Xh4aIFfGKAFQus5euhYxcWLe6kXz1DsGuV0WbU=",
|
||||||
"type": "path"
|
"owner": "berberman",
|
||||||
|
"repo": "nvfetcher",
|
||||||
|
"rev": "a8514f53c7999d23b48d2f42de63660bc3d7850f",
|
||||||
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"path": "./pkgs",
|
"owner": "berberman",
|
||||||
"type": "path"
|
"repo": "nvfetcher",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"pre-commit-hooks-nix": {
|
"pre-commit-hooks-nix": {
|
||||||
|
@ -375,7 +412,7 @@
|
||||||
"nixos": "nixos",
|
"nixos": "nixos",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
"pkgs": "pkgs"
|
"nvfetcher": "nvfetcher"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"utils": {
|
"utils": {
|
||||||
|
|
20
flake.nix
20
flake.nix
|
@ -24,13 +24,12 @@
|
||||||
agenix.inputs.nixpkgs.follows = "latest";
|
agenix.inputs.nixpkgs.follows = "latest";
|
||||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||||
|
|
||||||
pkgs.url = "path:./pkgs";
|
nvfetcher.url = "github:berberman/nvfetcher";
|
||||||
pkgs.inputs.nixpkgs.follows = "nixos";
|
nvfetcher.inputs.nixpkgs.follows = "latest";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs =
|
outputs =
|
||||||
{ self
|
{ self
|
||||||
, pkgs
|
|
||||||
, digga
|
, digga
|
||||||
, nixos
|
, nixos
|
||||||
, ci-agent
|
, ci-agent
|
||||||
|
@ -38,6 +37,7 @@
|
||||||
, nixos-hardware
|
, nixos-hardware
|
||||||
, nur
|
, nur
|
||||||
, agenix
|
, agenix
|
||||||
|
, nvfetcher
|
||||||
, ...
|
, ...
|
||||||
} @ inputs:
|
} @ inputs:
|
||||||
digga.lib.mkFlake {
|
digga.lib.mkFlake {
|
||||||
|
@ -49,10 +49,11 @@
|
||||||
nixos = {
|
nixos = {
|
||||||
imports = [ (digga.lib.importers.overlays ./overlays) ];
|
imports = [ (digga.lib.importers.overlays ./overlays) ];
|
||||||
overlays = [
|
overlays = [
|
||||||
./pkgs/default.nix
|
|
||||||
pkgs.overlay # for `srcs`
|
|
||||||
nur.overlay
|
nur.overlay
|
||||||
agenix.overlay
|
agenix.overlay
|
||||||
|
nvfetcher.overlay
|
||||||
|
(final: prev: { nvfetcher-bin = nvfetcher.defaultPackage.${final.system}; })
|
||||||
|
./pkgs/default.nix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
latest = { };
|
latest = { };
|
||||||
|
@ -109,7 +110,14 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
devshell.externalModules = { pkgs, ... }: {
|
devshell.externalModules = { pkgs, ... }: {
|
||||||
packages = [ pkgs.agenix ];
|
commands = [
|
||||||
|
{ package = pkgs.agenix; category = "secrets"; }
|
||||||
|
{
|
||||||
|
name = pkgs.nvfetcher-bin.pname;
|
||||||
|
help = pkgs.nvfetcher-bin.meta.description;
|
||||||
|
command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml --no-output $@; nixpkgs-fmt _sources/";
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
|
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
|
||||||
|
|
5
overlays/manix.nix
Normal file
5
overlays/manix.nix
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
final: prev: {
|
||||||
|
manix = prev.manix.overrideAttrs (o: rec{
|
||||||
|
inherit (prev.sources.manix) pname version src;
|
||||||
|
});
|
||||||
|
}
|
|
@ -7,7 +7,6 @@ channels: final: prev: {
|
||||||
dhall
|
dhall
|
||||||
discord
|
discord
|
||||||
element-desktop
|
element-desktop
|
||||||
manix
|
|
||||||
rage
|
rage
|
||||||
nixpkgs-fmt
|
nixpkgs-fmt
|
||||||
qutebrowser
|
qutebrowser
|
||||||
|
|
17
pkgs/_sources/generated.nix
Normal file
17
pkgs/_sources/generated.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# This file was generated by nvfetcher, please do not modify it manually.
|
||||||
|
{ fetchgit, fetchurl }:
|
||||||
|
{
|
||||||
|
manix = {
|
||||||
|
pname = "manix";
|
||||||
|
version = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
|
||||||
|
src = fetchgit {
|
||||||
|
url = "https://github.com/mlvzk/manix";
|
||||||
|
rev = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
|
||||||
|
fetchSubmodules = false;
|
||||||
|
deepClone = false;
|
||||||
|
leaveDotGit = false;
|
||||||
|
sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs";
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
|
@ -1 +1,5 @@
|
||||||
final: prev: { }
|
final: prev: {
|
||||||
|
# keep sources this first
|
||||||
|
sources = prev.callPackage (import ./_sources/generated.nix) { };
|
||||||
|
# then, call packages with `final.callPackage`
|
||||||
|
}
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
{
|
|
||||||
"nodes": {
|
|
||||||
"nixpkgs": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1615926763,
|
|
||||||
"narHash": "sha256-yeq8A3EPNuQVlsxlEQrIRsklfJwJK0Us6jtcG/u8wNs=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "b702a56d417647de4090ac56c0f18bdc7e646610",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"id": "nixpkgs",
|
|
||||||
"type": "indirect"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"root": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": "nixpkgs"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"root": "root",
|
|
||||||
"version": 7
|
|
||||||
}
|
|
|
@ -1,52 +0,0 @@
|
||||||
{
|
|
||||||
description = "Package Sources";
|
|
||||||
|
|
||||||
inputs = { };
|
|
||||||
|
|
||||||
outputs = { self, nixpkgs, ... }: {
|
|
||||||
overlay = final: prev: {
|
|
||||||
inherit (self) srcs;
|
|
||||||
};
|
|
||||||
|
|
||||||
srcs =
|
|
||||||
let
|
|
||||||
inherit (nixpkgs) lib;
|
|
||||||
|
|
||||||
mkVersion = name: input:
|
|
||||||
let
|
|
||||||
inputs = (builtins.fromJSON
|
|
||||||
(builtins.readFile ./flake.lock)).nodes;
|
|
||||||
|
|
||||||
ref =
|
|
||||||
if lib.hasAttrByPath [ name "original" "ref" ] inputs
|
|
||||||
then inputs.${name}.original.ref
|
|
||||||
else "";
|
|
||||||
|
|
||||||
version =
|
|
||||||
let version' = builtins.match
|
|
||||||
"[[:alpha:]]*[-._]?([0-9]+(\.[0-9]+)*)+"
|
|
||||||
ref;
|
|
||||||
in
|
|
||||||
if lib.isList version'
|
|
||||||
then lib.head version'
|
|
||||||
else if input ? lastModifiedDate && input ? shortRev
|
|
||||||
then "${lib.substring 0 8 input.lastModifiedDate}_${input.shortRev}"
|
|
||||||
else null;
|
|
||||||
in
|
|
||||||
version;
|
|
||||||
in
|
|
||||||
lib.mapAttrs
|
|
||||||
(pname: input:
|
|
||||||
let
|
|
||||||
version = mkVersion pname input;
|
|
||||||
in
|
|
||||||
input // { inherit pname; }
|
|
||||||
// lib.optionalAttrs (! isNull version)
|
|
||||||
{
|
|
||||||
inherit version;
|
|
||||||
}
|
|
||||||
)
|
|
||||||
(lib.filterAttrs (n: _: n != "nixpkgs")
|
|
||||||
self.inputs);
|
|
||||||
};
|
|
||||||
}
|
|
4
pkgs/sources.toml
Normal file
4
pkgs/sources.toml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# nvfetcher.toml
|
||||||
|
[manix]
|
||||||
|
src.git = "https://github.com/mlvzk/manix"
|
||||||
|
fetch.github = "mlvzk/manix"
|
Loading…
Reference in a new issue