From 63bf243c4c9be0b673b159cbdf9436b5efa48ba6 Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Fri, 18 Oct 2024 19:22:11 -0700 Subject: [PATCH 1/3] lix: use the lix module This is primarily to banish CppNix from Colmena's closure among other places. --- configurations.nix | 10 +++++ flake.lock | 92 +++++++++++++++++++++++++++++++++++++----- flake.nix | 16 +++++++- modules/nix-daemon.nix | 5 --- 4 files changed, 107 insertions(+), 16 deletions(-) diff --git a/configurations.nix b/configurations.nix index dc67926..0d5facd 100644 --- a/configurations.nix +++ b/configurations.nix @@ -3,6 +3,7 @@ let inherit (self.inputs) nixpkgs + lix-module home-manager agenix nur @@ -44,6 +45,9 @@ let # srvos.nixosModules.mixins-telegraf # srvos.nixosModules.mixins-terminfo + # use lix + lix-module.nixosModules.default + agenix.nixosModules.default ({ pkgs , config @@ -102,6 +106,12 @@ in flake.colmena = { meta.nixpkgs = import nixpkgs { system = "x86_64-linux"; + # yikes, this overlay has to be listed twice since colmena makes us + # import nixpkgs explicitly here + overlays = [ + # bonking cppnix out of the closure as much as possible + lix-module.overlays.default + ]; }; epyc = { imports = diff --git a/flake.lock b/flake.lock index 88fbc09..1486bf8 100644 --- a/flake.lock +++ b/flake.lock @@ -245,6 +245,39 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -298,11 +331,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1728506278, - "narHash": "sha256-ZAPqzjR86En31Yfau0auQmkDuyzr2QfD8yW+7205e8A=", + "lastModified": 1729296222, + "narHash": "sha256-fwJyGrkTemR1SwkAPXfxlY0RYCxy34NedmR35amytCc=", "ref": "refs/heads/main", - "rev": "9865ebaaa618d82a7b7fdccc636cbaa7dfa42427", - "revCount": 16335, + "rev": "60578b4d7d0dfc296c61cae963b6b2763422788e", + "revCount": 16362, "type": "git", "url": "https://git.lix.systems/lix-project/lix.git" }, @@ -311,14 +344,37 @@ "url": "https://git.lix.systems/lix-project/lix.git" } }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils_3", + "flakey-profile": "flakey-profile", + "lix": [ + "lix" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1727752861, + "narHash": "sha256-jowmo2aEzrEpPSM96IWtajuogdJm7DjAWxFTEb7Ct0s=", + "rev": "fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d.tar.gz?rev=fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" + } + }, "nix2container": { "flake": false, "locked": { - "lastModified": 1720642556, - "narHash": "sha256-qsnqk13UmREKmRT7c8hEnz26X3GFFyIQrqx4EaRc1Is=", + "lastModified": 1724996935, + "narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=", "owner": "nlewo", "repo": "nix2container", - "rev": "3853e5caf9ad24103b13aa6e0e8bcebb47649fe4", + "rev": "fa6bb0a1159f55d071ba99331355955ae30b3401", "type": "github" }, "original": { @@ -424,11 +480,11 @@ "pre-commit-hooks": { "flake": false, "locked": { - "lastModified": 1721042469, - "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", + "lastModified": 1726745158, + "narHash": "sha256-D5AegvGoEjt4rkKedmxlSEmC+nNLMBPWFxvmYnVLhjk=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", + "rev": "4e743a6920eab45e8ba0fbe49dc459f1423a4b74", "type": "github" }, "original": { @@ -447,6 +503,7 @@ "flake-registry": "flake-registry", "home-manager": "home-manager_2", "lix": "lix", + "lix-module": "lix-module", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nur": "nur", @@ -503,6 +560,21 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 7dc5499..f191459 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,10 @@ lix.url = "git+https://git.lix.systems/lix-project/lix.git"; lix.inputs.nixpkgs.follows = "nixpkgs"; + lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; + lix-module.inputs.nixpkgs.follows = "nixpkgs"; + lix-module.inputs.lix.follows = "lix"; + disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; @@ -61,9 +65,19 @@ # ./pkgs/flake-module.nix # ./templates ]; + + # provide debug, allSystems, currentSystem in the resulting flake + debug = true; + perSystem = - { self', pkgs, ... }: + { self', pkgs, system, ... }: { + # apply the lix overlay to banish CppNix + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + overlays = [ inputs.lix-module.overlays.default ]; + }; + devShells.default = pkgs.mkShellNoCC { buildInputs = [ pkgs.ipmitool diff --git a/modules/nix-daemon.nix b/modules/nix-daemon.nix index 499fdac..5ee34c6 100644 --- a/modules/nix-daemon.nix +++ b/modules/nix-daemon.nix @@ -1,7 +1,6 @@ { lib , config , pkgs -, inputs , ... }: @@ -57,10 +56,6 @@ in # Randomize GC to avoid thundering herd effects. gc.randomizedDelaySec = "1800"; - # A much better choice. - # Raito: We use this machine as a testing bed for cutting edge Lix features. - package = inputs.lix.packages.x86_64-linux.default; - # should be enough? nrBuildUsers = 128; -- 2.44.1 From 3e78d0a0cf1cfba3effeaeb010745df590cb1711 Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Fri, 18 Oct 2024 19:22:49 -0700 Subject: [PATCH 2/3] lix: link debuginfo into the closure This is to ease debugging of https://git.lix.systems/lix-project/lix/issues/549 --- hosts/epyc.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hosts/epyc.nix b/hosts/epyc.nix index c7acff8..70dc3e4 100644 --- a/hosts/epyc.nix +++ b/hosts/epyc.nix @@ -16,6 +16,15 @@ in ../modules/lix-bug-details-pls ]; + # Include debuginfo for Lix + environment.systemPackages = [ + pkgs.lix.debug + pkgs.lix.passthru.capnproto-lix.debug + ]; + environment.pathsToLink = [ + "/lib/debug" + ]; + networking.hostName = "epyc"; security.acme.acceptTerms = true; -- 2.44.1 From b9dbaf9dcd2bd382cda5119277c5699cd34f119d Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Fri, 18 Oct 2024 19:25:06 -0700 Subject: [PATCH 3/3] nix config: misc tidying Let's be real, I am doing this because I got impatient with the gratuitous copy to the store this eliminates caused by pkgs.path. Also gets rid of stuff in nix.extraOptions which is deprecated. --- configurations.nix | 7 ++----- flake.lock | 17 ----------------- flake.nix | 3 --- 3 files changed, 2 insertions(+), 25 deletions(-) diff --git a/configurations.nix b/configurations.nix index 0d5facd..f969ee5 100644 --- a/configurations.nix +++ b/configurations.nix @@ -60,7 +60,7 @@ let { nix.nixPath = [ "home-manager=${home-manager}" - "nixpkgs=${pkgs.path}" + "nixpkgs=flake:nixpkgs" "nur=${nur}" ]; # TODO: share nixpkgs for each machine to speed up local evaluation. @@ -72,10 +72,7 @@ let #}; # sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile; - nix.extraOptions = '' - flake-registry = ${flake-registry}/flake-registry.json - builders-use-substitutes = true - ''; + nix.settings.builders-use-substitutes = true; nix.registry = { home-manager.flake = home-manager; diff --git a/flake.lock b/flake.lock index 1486bf8..a3b009e 100644 --- a/flake.lock +++ b/flake.lock @@ -199,22 +199,6 @@ "type": "github" } }, - "flake-registry": { - "flake": false, - "locked": { - "lastModified": 1717415742, - "narHash": "sha256-HKvoLGZUsBpjkxWkdtctGYj6RH0bl6vcw0OjTOqyzJk=", - "owner": "NixOS", - "repo": "flake-registry", - "rev": "895a65f8d5acf848136ee8fe8e8f736f0d27df96", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "flake-registry", - "type": "github" - } - }, "flake-utils": { "locked": { "lastModified": 1667395993, @@ -500,7 +484,6 @@ "colmena": "colmena", "disko": "disko", "flake-parts": "flake-parts", - "flake-registry": "flake-registry", "home-manager": "home-manager_2", "lix": "lix", "lix-module": "lix-module", diff --git a/flake.nix b/flake.nix index f191459..368ffd7 100644 --- a/flake.nix +++ b/flake.nix @@ -41,9 +41,6 @@ # Private repository, you need a valid SSH key to access it # nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main"; # nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs"; - - flake-registry.url = "github:NixOS/flake-registry"; - flake-registry.flake = false; }; outputs = -- 2.44.1