diff --git a/channels.nix b/channels.nix new file mode 100644 index 00000000..9235ee44 --- /dev/null +++ b/channels.nix @@ -0,0 +1,13 @@ +let + nixos-20-09 = { + nixpkgs-channel = "nixos-20.09"; + home-manager-channel = "home-manager-20.09"; + }; + unstable = { + nixpkgs-channel = "nixos-unstable"; + home-manager-channel = "home-manager-master"; + }; +in { + hera = nixos-20-09; + apollo = unstable; +} diff --git a/home-manager/machines.nix b/home-manager/machines.nix index 3783a4f1..22918cee 100644 --- a/home-manager/machines.nix +++ b/home-manager/machines.nix @@ -1,9 +1,10 @@ let - inherit (import (import ../nix/sources.nix).nixpkgs { }) lib; + inherit (import (import ../nix/sources.nix).nixos-unstable { }) lib; makeConfig = hostName: imports: { ... }: { imports = imports ++ [ ./roles/default.nix ]; m-0.hostName = hostName; + nixpkgs.overlays = [ (_: _: (import ../channels.nix).${hostName}) ]; }; in { apollo = let diff --git a/home-manager/target.nix b/home-manager/target.nix index 73f2686c..98084e12 100644 --- a/home-manager/target.nix +++ b/home-manager/target.nix @@ -1,16 +1,16 @@ let sources = import ../nix/sources.nix; - inherit (import sources.nixpkgs { }) lib pkgs; + inherit (import sources.nixos-unstable { }) lib pkgs; modes = import ./machines.nix; - home-manager = import "${sources.home-manager}/home-manager/home-manager.nix"; - buildHomeManager = attr: - (home-manager { + home-manager = channel: import "${sources.${channel}}/home-manager/home-manager.nix"; + buildHomeManager = host: mode: + (home-manager (import ../channels.nix).${host}.home-manager-channel { confPath = ../home.nix; - confAttr = attr; + confAttr = "${host}-${mode}"; }).activationPackage; buildModesForHost = host: modes: pkgs.runCommandLocal "${host}-modes" { } '' mkdir $out ${lib.concatStringsSep "\n" (lib.mapAttrsToList (mode: config: - "ln -s ${buildHomeManager "${host}-${mode}"} $out/${mode}") modes)}''; + "ln -s ${buildHomeManager host mode} $out/${mode}") modes)}''; in lib.mapAttrs buildModesForHost modes diff --git a/home.nix b/home.nix index 72fcc319..18146d1d 100644 --- a/home.nix +++ b/home.nix @@ -1,5 +1,5 @@ let - inherit (import (import ./nix/sources.nix).nixpkgs { }) lib; + inherit (import (import ./nix/sources.nix).nixos-unstable { }) lib; modes = import home-manager/machines.nix; in lib.listToAttrs (lib.flatten (lib.mapAttrsToList (host: configs: lib.mapAttrsToList (mode: config: { diff --git a/nix/sources.json b/nix/sources.json index a9e700de..f7fe3035 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -1,5 +1,5 @@ { - "home-manager": { + "home-manager-20.09": { "branch": "release-20.09", "description": "Manage a user environment using Nix", "homepage": "", @@ -11,52 +11,76 @@ "url": "https://github.com/nix-community/home-manager/archive/63f299b3347aea183fc5088e4d6c4a193b334a41.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, + "home-manager-master": { + "branch": "master", + "description": "Manage a user environment using Nix", + "homepage": "", + "owner": "nix-community", + "repo": "home-manager", + "rev": "275d1b52126674764f0f3d15c73c2add511bd310", + "sha256": "0ci6llimysmshs6zi8nq0ynzw07g8w43avh21s1hci78mlvbf6xd", + "type": "tarball", + "url": "https://github.com/nix-community/home-manager/archive/275d1b52126674764f0f3d15c73c2add511bd310.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, "kassandra": { - "ref": "master", + "branch": "master", "repo": "https://git.darmstadt.ccc.de/maralorn/kassandra", "rev": "1a0d19ce5d384e15ca64f7f043e5817cbaaf9f6d", "type": "git" }, "kassandra2": { - "ref": "master", + "branch": "master", "repo": "git@hera.m-0.eu:kassandra2", "rev": "312a8bc1fd1ed04c6564be4db4d08b7bcdc64764", "type": "git" }, "nix-output-monitor": { - "ref": "master", + "branch": "master", "repo": "git@hera.m-0.eu:nix-output-monitor", "rev": "5bf7534a9992d5b3f08b16b1a389d869f6f4c835", "type": "git" }, + "nixos-20.09": { + "branch": "nixos-20.09", + "description": "Nixpkgs/NixOS branches that track the Nixpkgs/NixOS channels", + "homepage": null, + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "99f8282a65821f148df596ba389606e732eaf99d", + "sha256": "1mm4j1vjs875yzv03plng43ivny0qm09hxpn0if8g9vc849rwc2g", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/99f8282a65821f148df596ba389606e732eaf99d.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, "nixos-hardware": { "branch": "master", "description": "A collection of NixOS modules covering hardware quirks.", "homepage": "", "owner": "nixos", "repo": "nixos-hardware", - "rev": "025c7a2a7efd9edf341879dbd46988d3a65a76dc", - "sha256": "0y7ybybsa91ny5zp1p1r1yq8i2ibsmf1p831zqyb5k4kdijw2dra", + "rev": "87522b29a276a4cab5718e5309aa7d74bc7de75a", + "sha256": "1zdky8vv7aznvmkkf53f5bm73n19a7728m33hhs8dg1psrb9lkx1", "type": "tarball", - "url": "https://github.com/nixos/nixos-hardware/archive/025c7a2a7efd9edf341879dbd46988d3a65a76dc.tar.gz", + "url": "https://github.com/nixos/nixos-hardware/archive/87522b29a276a4cab5718e5309aa7d74bc7de75a.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixos-mailserver": { - "ref": "master", + "branch": "master", "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver", "rev": "7c06f610f15642e3664f01a51c08c64cc8835f51", "type": "git" }, - "nixpkgs": { - "branch": "nixos-20.09", + "nixos-unstable": { + "branch": "nixos-unstable-small", "description": "Nixpkgs/NixOS branches that track the Nixpkgs/NixOS channels", "homepage": null, "owner": "NixOS", "repo": "nixpkgs", - "rev": "e34208e10033315fddf6909d3ff68e2d3cf48a23", - "sha256": "0ngkx5ny7bschmiwc5q9yza8fdwlc3zg47avsywwp8yn96k2cpmg", + "rev": "bb2a7b943917aba1c9c86f049e75a4a594040746", + "sha256": "10h82dl959klx3fhwvhxi5pk42jfl4ar0w7v7mbl537af916qxnw", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e34208e10033315fddf6909d3ff68e2d3cf48a23.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/bb2a7b943917aba1c9c86f049e75a4a594040746.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs-master": { @@ -65,10 +89,10 @@ "homepage": null, "owner": "NixOS", "repo": "nixpkgs", - "rev": "18493dab889d8afbefde6380c7b00fae3d376d3e", - "sha256": "1pfw1bqi5psjgxym9lf83hh26sam0d0y26n561ayb0cl1035qvrb", + "rev": "4d20dc5e87a79e9367b577b9263515932c87f513", + "sha256": "06mrwrxvsl4q5r1f534qlszs9g8lmnw3anviv35mgckpg9dml05s", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/18493dab889d8afbefde6380c7b00fae3d376d3e.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/4d20dc5e87a79e9367b577b9263515932c87f513.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "obelisk": { @@ -94,17 +118,5 @@ "type": "tarball", "url": "https://github.com/maralorn/taskwarrior-git-backend/archive/e29c4335e2cb10d6c73832dcbdf931fdc6872e94.tar.gz", "url_template": "https://github.com///archive/.tar.gz" - }, - "unstable": { - "branch": "nixos-unstable", - "description": "Nixpkgs/NixOS branches that track the Nixpkgs/NixOS channels", - "homepage": null, - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "296793637b22bdb4d23b479879eba0a71c132a66", - "sha256": "0j09yih9693w5vjx64ikfxyja1ha7pisygrwrpg3wfz3sssglg69", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/296793637b22bdb4d23b479879eba0a71c132a66.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" } } diff --git a/nix/sources.nix b/nix/sources.nix index b64b8f82..b796fffa 100644 --- a/nix/sources.nix +++ b/nix/sources.nix @@ -6,25 +6,33 @@ let # The fetchers. fetch_ fetches specs of type . # - fetch_file = pkgs: spec: - if spec.builtin or true then - builtins_fetchurl { inherit (spec) url sha256; } - else - pkgs.fetchurl { inherit (spec) url sha256; }; + fetch_file = pkgs: name: spec: + let + name' = sanitizeName name + "-src"; + in + if spec.builtin or true then + builtins_fetchurl { inherit (spec) url sha256; name = name'; } + else + pkgs.fetchurl { inherit (spec) url sha256; name = name'; }; fetch_tarball = pkgs: name: spec: let - ok = str: ! builtins.isNull (builtins.match "[a-zA-Z0-9+-._?=]" str); - # sanitize the name, though nix will still fail if name starts with period - name' = stringAsChars (x: if ! ok x then "-" else x) "${name}-src"; + name' = sanitizeName name + "-src"; in if spec.builtin or true then builtins_fetchTarball { name = name'; inherit (spec) url sha256; } else pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; - fetch_git = spec: - builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; }; + fetch_git = name: spec: + let + ref = + if spec ? ref then spec.ref else + if spec ? branch then "refs/heads/${spec.branch}" else + if spec ? tag then "refs/tags/${spec.tag}" else + abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; + in + builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; }; fetch_local = spec: spec.path; @@ -40,11 +48,21 @@ let # Various helpers # + # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 + sanitizeName = name: + ( + concatMapStrings (s: if builtins.isList s then "-" else s) + ( + builtins.split "[^[:alnum:]+._?=-]+" + ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name) + ) + ); + # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: + mkPkgs = sources: system: let sourcesNixpkgs = - import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}; + import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; }; hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; hasThisAsNixpkgsPath = == ./.; in @@ -64,9 +82,9 @@ let if ! builtins.hasAttr "type" spec then abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then fetch_file pkgs spec + else if spec.type == "file" then fetch_file pkgs name spec else if spec.type == "tarball" then fetch_tarball pkgs name spec - else if spec.type == "git" then fetch_git spec + else if spec.type == "git" then fetch_git name spec else if spec.type == "local" then fetch_local spec else if spec.type == "builtin-tarball" then fetch_builtin-tarball name else if spec.type == "builtin-url" then fetch_builtin-url name @@ -98,25 +116,29 @@ let # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); + concatMapStrings = f: list: concatStrings (map f list); concatStrings = builtins.concatStringsSep ""; + # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 + optionalAttrs = cond: as: if cond then as else {}; + # fetchTarball version that is compatible between all the versions of Nix - builtins_fetchTarball = { url, name, sha256 }@attrs: + builtins_fetchTarball = { url, name ? null, sha256 }@attrs: let inherit (builtins) lessThan nixVersion fetchTarball; in if lessThan nixVersion "1.12" then - fetchTarball { inherit name url; } + fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) else fetchTarball attrs; # fetchurl version that is compatible between all the versions of Nix - builtins_fetchurl = { url, sha256 }@attrs: + builtins_fetchurl = { url, name ? null, sha256 }@attrs: let inherit (builtins) lessThan nixVersion fetchurl; in if lessThan nixVersion "1.12" then - fetchurl { inherit url; } + fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) else fetchurl attrs; @@ -135,7 +157,8 @@ let mkConfig = { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) - , pkgs ? mkPkgs sources + , system ? builtins.currentSystem + , pkgs ? mkPkgs sources system }: rec { # The sources, i.e. the attribute set of spec name to spec inherit sources; diff --git a/nixos/roles/admin.nix b/nixos/roles/admin.nix index 192c15b2..a80bfcf5 100644 --- a/nixos/roles/admin.nix +++ b/nixos/roles/admin.nix @@ -5,7 +5,6 @@ let in { users.users = { maralorn = { - linger = true; description = "maralorn"; isNormalUser = true; uid = 1000; diff --git a/nixos/roles/default.nix b/nixos/roles/default.nix index 9c6ae9bc..ea18e21e 100644 --- a/nixos/roles/default.nix +++ b/nixos/roles/default.nix @@ -1,16 +1,15 @@ { pkgs, config, lib, ... }: { - imports = [ - ../../common - ./modules/laptop.nix - ./modules/loginctl-linger.nix - ./admin.nix - ]; + imports = [ ../../common ./modules/laptop.nix ./admin.nix ]; i18n.defaultLocale = "en_US.UTF-8"; # For nixos-rebuild - nixpkgs.overlays = [ (_: _: { withSecrets = false; }) ] - ++ import ../../overlays { inherit lib; }; + nixpkgs.overlays = [ + (_: _: + { + withSecrets = false; + } // (import ../../channels.nix).${config.networking.hostName}) + ] ++ import ../../overlays { inherit lib; }; time.timeZone = "Europe/Berlin"; @@ -36,7 +35,9 @@ etc = lib.mapAttrs' (name: value: lib.nameValuePair "nix-path/${name}" { source = value; }) (lib.filterAttrs (name: value: name != "__functor") pkgs.sources) // { - "nix-path/nixos".source = pkgs.sources.nixpkgs; + "nix-path/nixos".source = pkgs.sources.${pkgs.nixpkgs-channel}; + "nix-path/nixpkgs".source = pkgs.sources.${pkgs.nixpkgs-channel}; + "nix-path/home-manager".source = pkgs.sources.${pkgs.home-manager-channel}; }; variables = lib.genAttrs [ "CURL_CA_BUNDLE" "GIT_SSL_CAINFO" "SSL_CERT_FILE" ] diff --git a/nixos/roles/modules/loginctl-linger.nix b/nixos/roles/modules/loginctl-linger.nix deleted file mode 100644 index 92e7d2f0..00000000 --- a/nixos/roles/modules/loginctl-linger.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, lib, pkgs, ... }: - -# A temporary hack to `loginctl enable-linger $somebody` (for -# multiplexer sessions to last), until this one is unresolved: -# https://github.com/NixOS/nixpkgs/issues/3702 -# -# Usage: `users.extraUsers.somebody.linger = true` or slt. - -with lib; - -let - - dataDir = "/var/lib/systemd/linger"; - - lingeringUsers = map (u: u.name) - (attrValues (flip filterAttrs config.users.users (n: u: u.linger))); - - lingeringUsersFile = builtins.toFile "lingering-users" (concatStrings (map - (s: '' - ${s} - '') (sort (a: b: a < b) - lingeringUsers))); # this sorting is important for `comm` to work correctly - - updateLingering = pkgs.writeScript "update-lingering" '' - # Stop when the system is not running, e.g. during nixos-install - [[ -e /run/booted-system ]] || exit 0 - lingering=$(ls ${dataDir} 2> /dev/null | sort) - echo "$lingering" | comm -3 -1 ${lingeringUsersFile} - | xargs -r ${pkgs.systemd}/bin/loginctl disable-linger - echo "$lingering" | comm -3 -2 ${lingeringUsersFile} - | xargs -r ${pkgs.systemd}/bin/loginctl enable-linger - ''; - -in { - options = { - users.users = mkOption { - options = [{ linger = mkEnableOption "lingering for the user"; }]; - }; - }; - - config = { - system.activationScripts.update-lingering = - stringAfter [ "users" ] updateLingering; - }; -} diff --git a/overlays/10-previews.nix b/overlays/10-previews.nix index 17fca228..2c00cb2c 100644 --- a/overlays/10-previews.nix +++ b/overlays/10-previews.nix @@ -1,7 +1,2 @@ self: super: -let - unstable = import self.sources.unstable { }; - nixpkgs-master = import self.sources.nixpkgs-master { }; -in { - inherit (unstable) gomuks syncplay; -} +{} diff --git a/overlays/20-unfree.nix b/overlays/20-unfree.nix index 12489e37..f60d278d 100644 --- a/overlays/20-unfree.nix +++ b/overlays/20-unfree.nix @@ -1,7 +1,8 @@ self: super: let - unfree = import self.sources.nixpkgs { config.allowUnfree = true; }; - unstableUnfree = import self.sources.unstable { config.allowUnfree = true; }; - releaseUnfree = - import self.sources.nixpkgs-release { config.allowUnfree = true; }; -in { inherit (unfree) discord factorio steam zoom-us skypeforlinux google-chrome; } + unfree = import self.sources."${self.nixpkgs-channel}" { config.allowUnfree = true; }; + unstableUnfree = + import self.sources.nixos-unstable { config.allowUnfree = true; }; +in { + inherit (unfree) discord factorio steam zoom-us skypeforlinux google-chrome; +} diff --git a/overlays/pkgSets.nix b/overlays/pkgSets.nix index 7ea38945..9239a88a 100644 --- a/overlays/pkgSets.nix +++ b/overlays/pkgSets.nix @@ -53,7 +53,7 @@ self: super: { system-pkgs = self.core-system-pkgs // self.extra-system-pkgs // { inherit (self) test-system-config test-home-config test-config; home-manager = - self.callPackage "${self.sources.home-manager}/home-manager" { }; + self.callPackage "${self.sources.${self.home-manager-channel}}/home-manager" { }; }; foreign-home-pkgs = self.extra-system-pkgs; } diff --git a/overlays/writeHaskellScript.nix b/overlays/writeHaskellScript.nix index 8da25a70..6b772820 100644 --- a/overlays/writeHaskellScript.nix +++ b/overlays/writeHaskellScript.nix @@ -51,10 +51,12 @@ self: super: { pure . Text.dropAround ('"' ==) . decodeUtf8 . trim $ escaped myNixPath :: Text -> IO [String] - myNixPath path = concat <$> mapM getNivAssign ["home-manager", "nixpkgs", "unstable"] + myNixPath path = concat <$> mapM getNivAssign [("home-manager", "${self.home-manager-channel}"), + ("nixpkgs", "${self.nixpkgs-channel}"), + ("nixos-unstable", "nixos-unstable")] where tag name str = ["-I", [i|#{name :: Text}=#{str :: Text}|]] :: [String] - getNivAssign name = tag name <$> getNivPath path name + getNivAssign (name, repo) = tag name <$> getNivPath path repo buildSystemParams :: [String] buildSystemParams = ["", "-A", "system"]