de-flake: part 2

This commit is contained in:
Grimmauld 2024-05-07 12:19:14 +02:00
parent 6960ecd6c3
commit d1e1113d8c
Signed by: Grimmauld
GPG key ID: C2946668769F91FB
12 changed files with 333 additions and 154 deletions

View file

@ -1,4 +1,4 @@
{ inputs, pkgs, config, lib, ... }:
{ pkgs, config, lib, ... }:
let
cfg = config.grimmShared;
in

View file

@ -1,4 +1,4 @@
{ grimm-shared-inputs, pkgs, config, lib, ... }:
{ pkgs, config, lib, ... }:
let
cfg = config.grimmShared;
in

View file

@ -1,10 +1,10 @@
# source: https://github.com/fufexan/nix-gaming/raw/master/modules/pipewireLowLatency.nix
{
config,
pkgs,
lib,
...
}: let
{ config
, pkgs
, lib
, ...
}:
let
inherit (lib.modules) mkIf;
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.types) int;
@ -12,10 +12,11 @@
cfg = config.services.pipewire.lowLatency;
qr = "${toString cfg.quantum}/${toString cfg.rate}";
in {
in
{
# low-latency PipeWire configuration
# extends the nixpkgs module
meta.maintainers = with lib.maintainers; [fufexan];
meta.maintainers = with lib.maintainers; [ fufexan ];
options = {
services.pipewire.lowLatency = {
@ -54,7 +55,7 @@ in {
modules = [
{
name = "libpipewire-module-rtkit";
flags = ["ifexists" "nofail"];
flags = [ "ifexists" "nofail" ];
args = {
nice.level = -15;
rt = {
@ -67,7 +68,7 @@ in {
{
name = "libpipewire-module-protocol-pulse";
args = {
server.address = ["unix:native"];
server.address = [ "unix:native" ];
pulse.min = {
req = qr;
quantum = qr;
@ -89,30 +90,33 @@ in {
# and write extra config to ship low latency rules for alsa
wireplumber = {
enable = true;
configPackages = let
# generate "matches" section of the rules
matches = toLua {
multiline = false; # looks better while inline
indent = false;
} [[["node.name" "matches" "alsa_output.*"]]]; # nested lists are to produce `{{{ }}}` in the output
# generate "apply_properties" section of the rules
apply_properties = toLua {} {
"audio.format" = "S32LE";
"audio.rate" = cfg.rate * 2;
"api.alsa.period-size" = 2;
};
in [
(pkgs.writeTextDir "share/lowlatency.lua.d/99-alsa-lowlatency.lua" ''
-- Generated by nix-gaming
alsa_monitor.rules = {
configPackages =
let
# generate "matches" section of the rules
matches = toLua
{
matches = ${matches};
apply_properties = ${apply_properties};
multiline = false; # looks better while inline
indent = false;
} [ [ [ "node.name" "matches" "alsa_output.*" ] ] ]; # nested lists are to produce `{{{ }}}` in the output
# generate "apply_properties" section of the rules
apply_properties = toLua { } {
"audio.format" = "S32LE";
"audio.rate" = cfg.rate * 2;
"api.alsa.period-size" = 2;
};
in
[
(pkgs.writeTextDir "share/lowlatency.lua.d/99-alsa-lowlatency.lua" ''
-- Generated by nix-gaming
alsa_monitor.rules = {
{
matches = ${matches};
apply_properties = ${apply_properties};
}
}
}
'')
];
'')
];
};
};
};

View file

@ -16,6 +16,7 @@ in
nixpkgs-hammering
nix-output-monitor
nix-search-cli
niv
];
environment.sessionVariables = {
@ -36,7 +37,7 @@ in
dates = "weekly";
options = "--delete-older-than 30d";
};
nix.package = pkgs.nixVersions.latest;
# nix.package = pkgs.nixVersions.latest;
nix.optimise.automatic = true;
nixpkgs.hostPlatform = system;

View file

@ -1,4 +1,4 @@
{ pkgs, config, lib, inputs, system, ... }:
{ pkgs, config, lib, ... }:
let
cfg = config.grimmShared;
in
@ -22,7 +22,7 @@ in
libsecret
vulnix
doas-sudo-shim # muscle memory
inputs.agenix.packages.${system}.default
agenix
] ++ lib.optionals (tooling.enable && tooling.pass) [
pass
(writeShellScriptBin "passw" "pass $@")

View file

@ -1,7 +1,14 @@
{ system, config, pkgs, ... }:
{ config, pkgs, ... }:
{
imports =
[
./overlays
./common
./fake_flake.nix
./specific/grimm-nixos-laptop/configuration.nix
./modules/users.nix
./modules/system-packages.nix
./modules/kvm.nix
./sway
];

29
fake_flake.nix Normal file
View file

@ -0,0 +1,29 @@
{ pkgs, lib, ... }:
let
nivSources = import ./nix/sources.nix;
asGithubRef = src: "github:${src.owner}/${src.repo}/${src.rev}";
in
{
imports = [
"${nivSources.agenix}/modules/age.nix"
(import "${nivSources.lix-module}/module.nix" { lix = nivSources.lix-pkg; })
(builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default # fixme: ideally we'd not rely on the flake syntax to load the module
];
nixpkgs.hostPlatform = "x86_64-linux";
nixpkgs.overlays = lib.singleton (final: prev: {
agenix = final.callPackage "${nivSources.agenix}/pkgs/agenix.nix" { };
});
nix.settings.extra-substituters = [
"https://cache.lix.systems"
"https://nyx.chaotic.cx/"
];
nix.settings.trusted-public-keys = [
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
];
}

View file

@ -1,28 +1,5 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1714136352,
"narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=",
"owner": "ryantm",
"repo": "agenix",
"rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"attic": {
"inputs": {
"crane": [
@ -66,7 +43,7 @@
"flake-compat": "flake-compat",
"flake-schemas": "flake-schemas",
"flake-utils": "flake-utils",
"home-manager": "home-manager_2",
"home-manager": "home-manager",
"jovian": "jovian",
"jujutsu": "jujutsu",
"niri": "niri",
@ -74,7 +51,7 @@
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_2",
"systems": "systems",
"yafas": "yafas"
},
"locked": {
@ -190,28 +167,6 @@
"url": "https://flakehub.com/f/ipetkov/crane/%3D0.16.1.tar.gz"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
@ -283,27 +238,6 @@
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"chaotic",
@ -479,22 +413,6 @@
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1714782413,
"narHash": "sha256-tbg0MEuKaPcUrnmGCu4xiY5F+7LW2+ECPKVAJd2HLwM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "651b4702e27a388f0f18e1b970534162dec09aff",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"rocksdb": {
"flake": false,
"locked": {
@ -514,10 +432,8 @@
},
"root": {
"inputs": {
"agenix": "agenix",
"chaotic": "chaotic",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable_2"
"nixpkgs": "nixpkgs"
}
},
"rust-analyzer-src": {
@ -565,21 +481,6 @@
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",

View file

@ -10,13 +10,9 @@
url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs @ { self, agenix, nixpkgs, chaotic, ... }:
outputs = inputs @ { self, nixpkgs, chaotic, ... }:
let
patches = [
{
@ -45,15 +41,8 @@
nixosConfigurations = {
grimmauld-nixos = customNixosSystem "x86_64-linux" {
modules = [
agenix.nixosModules.default
chaotic.nixosModules.default
./overlays
./common
./specific/grimm-nixos-laptop/configuration.nix
# chaotic.nixosModules.default
./configuration.nix
./modules/users.nix
./modules/system-packages.nix
./modules/kvm.nix
];
};
};

50
nix/sources.json Normal file
View file

@ -0,0 +1,50 @@
{
"agenix": {
"branch": "main",
"description": "age-encrypted secrets for NixOS and Home manager",
"homepage": "https://matrix.to/#/#agenix:nixos.org",
"owner": "ryantm",
"repo": "agenix",
"rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e",
"sha256": "165am10r61wl5v4hz169zrlljvj929hgnhr9sn7ak3bz73cr1m86",
"type": "tarball",
"url": "https://github.com/ryantm/agenix/archive/24a7ea390564ccd5b39b7884f597cfc8d7f6f44e.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"chaotic": {
"branch": "main",
"description": "Nix flake for \"too much bleeding-edge\" and unreleased packages (e.g., mesa_git, linux_cachyos, firefox_nightly, sway_git, gamescope_git). And experimental modules (e.g., HDR, duckdns).",
"homepage": "https://nyx.chaotic.cx",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "b2e432016233fe80948ea8e0eabf0b176ad847f0",
"sha256": "1bdpxc0p18zw50pzfmhijcd0w2865a7i2lbgn146bs7bwyvrpnak",
"type": "tarball",
"url": "https://github.com/chaotic-cx/nyx/archive/b2e432016233fe80948ea8e0eabf0b176ad847f0.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"lix-module": {
"branch": "main",
"repo": "https://git.lix.systems/lix-project/nixos-module.git",
"rev": "aaf759cd93d1946336247808e7551df714cfd332",
"type": "git"
},
"lix-pkg": {
"branch": "main",
"repo": "https://git.lix.systems/lix-project/lix.git",
"rev": "005b2b61e671e11d0427507883f8ae66e15d939d",
"type": "git"
},
"nixpkgs": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": null,
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "25865a40d14b3f9cf19f19b924e2ab4069b09588",
"sha256": "03954l2g8kczg2skf1c7xfz60a3v6jri7l2h4r9g3157n2v5jm2j",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/25865a40d14b3f9cf19f19b924e2ab4069b09588.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

198
nix/sources.nix Normal file
View file

@ -0,0 +1,198 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
else
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
fetch_tarball = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
else
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
fetch_git = name: spec:
let
ref =
spec.ref or (
if spec ? branch then "refs/heads/${spec.branch}" else
if spec ? tag then "refs/tags/${spec.tag}" else
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"
);
submodules = spec.submodules or false;
submoduleArg =
let
nixSupportsSubmodules = builtins.compareVersions builtins.nixVersion "2.4" >= 0;
emptyArgWithWarning =
if submodules
then
builtins.trace
(
"The niv input \"${name}\" uses submodules "
+ "but your nix's (${builtins.nixVersion}) builtins.fetchGit "
+ "does not support them"
)
{ }
else { };
in
if nixSupportsSubmodules
then { inherit submodules; }
else emptyArgWithWarning;
in
builtins.fetchGit
({ url = spec.repo; inherit (spec) rev; inherit ref; } // submoduleArg);
fetch_local = spec: spec.path;
fetch_builtin-tarball = name: throw
''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=tarball -a builtin=true'';
fetch_builtin-url = name: throw
''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
#
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
(
concatMapStrings (s: if builtins.isList s then "-" else s)
(
builtins.split "[^[:alnum:]+._?=-]+"
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
)
);
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
sourcesNixpkgs =
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
import <nixpkgs> { }
else
abort
''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if ! builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file" then fetch_file pkgs name spec
else if spec.type == "tarball" then fetch_tarball pkgs name spec
else if spec.type == "git" then fetch_git name spec
else if spec.type == "local" then fetch_local spec
else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
else if spec.type == "builtin-url" then fetch_builtin-url name
else
abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in
if ersatz == "" then drv else
# this turns the string into an actual Nix path (for both absolute and
# relative paths)
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs = builtins.mapAttrs or (
f: set: with builtins;
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
concatMapStrings = f: list: concatStrings (map f list);
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
optionalAttrs = cond: as: if cond then as else { };
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12" then
fetchTarball ({ inherit url; } // (optionalAttrs (name != null) { inherit name; }))
else
fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12" then
fetchurl ({ inherit url; } // (optionalAttrs (name != null) { inherit name; }))
else
fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs
(
name: spec:
if builtins.hasAttr "outPath" spec
then
abort
"The values in sources.json should not have an 'outPath' attribute"
else
spec // { outPath = replace name (fetch config.pkgs name spec); }
)
config.sources;
# The "config" used by the fetchers
mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if sourcesFile == null then { } else builtins.fromJSON (builtins.readFile sourcesFile)
, system ? builtins.currentSystem
, pkgs ? mkPkgs sources system
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); }

View file

@ -1,4 +1,4 @@
{ inputs, system, pkgs, config, lib, ... }:
{ system, pkgs, config, lib, ... }:
let
searchclip = let inherit (lib) getExe; in with pkgs; writeShellScriptBin "searchclip" ''
xdg-open https://www.google.com/search?q=$(wl-paste -p | ${getExe urlencode})