nix-files/flake.nix

# docs:
#   https://nixos.wiki/wiki/Flakes
#   https://serokell.io/blog/practical-nix-flakes

{
  inputs = {
    nixpkgs.url = "nixpkgs/nixos-22.05";
    # pkgs-telegram.url = "nixpkgs/33775ec9a2173a08e46edf9f46c9febadbf743e8";# 2022/04/18; telegram 3.7.3. fails: nix log /nix/store/y5kv47hnv55qknb6cnmpcyraicay79fx-telegram-desktop-3.7.3.drv: g++: fatal error: cannot execute '/nix/store/njk5sbd21305bhr7gwibxbbvgbx5lxvn-gcc-9.3.0/libexec/gcc/aarch64-unknown-linux-gnu/9.3.0/cc1plus': execv: No such file or directory
    mobile-nixos = {
      url = "github:nixos/mobile-nixos";
      flake = false;
    };
    home-manager = {
      url = "github:nix-community/home-manager/release-22.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nurpkgs.url = "github:nix-community/NUR";
    sops-nix.url = "github:Mic92/sops-nix";
    impermanence.url = "github:nix-community/impermanence";
  };

  outputs = { self, nixpkgs, mobile-nixos, home-manager, nurpkgs, sops-nix, impermanence }: {
    machines.servo = self.decl-bootable-machine { name = "servo"; system = "aarch64-linux"; };
    machines.desko = self.decl-bootable-machine { name = "desko"; system = "x86_64-linux"; };
    machines.lappy = self.decl-bootable-machine { name = "lappy"; system = "x86_64-linux"; };
    machines.moby = self.decl-bootable-machine { name = "moby"; system = "aarch64-linux"; };

    nixosConfigurations = builtins.mapAttrs (name: value: value.nixosConfiguration) self.machines;
    imgs = builtins.mapAttrs (name: value: value.img) self.machines;

    decl-machine = { name, system }: let
      patchedPkgs = nixpkgs.legacyPackages.${system}.applyPatches {
        name = "nixpkgs-patched-uninsane";
        src = nixpkgs;
        patches = [
          # phosh: allow fractional scaling
          (nixpkgs.legacyPackages.${system}.fetchpatch {
            url = "https://github.com/NixOS/nixpkgs/pull/175872.diff";
            sha256 = "sha256-mEmqhe8DqlyCxkFWQKQZu+2duz69nOkTANh9TcjEOdY=";
          })
          # for raspberry pi: allow building u-boot for rpi 4{,00}
          # TODO: remove after upstreamed: https://github.com/NixOS/nixpkgs/pull/176018
          ./nixpatches/02-rpi4-uboot.patch
          # alternative to https://github.com/NixOS/nixpkgs/pull/173200
          ./nixpatches/04-dart-2.7.0.patch
          # whalebird: suuport aarch64
          (nixpkgs.legacyPackages.${system}.fetchpatch {
            url = "https://github.com/NixOS/nixpkgs/pull/176476.diff";
            sha256 = "sha256-126DljM06hqPZ3fjLZ3LBZR64nFbeTfzSazEu72d4y8=";
          })
          # TODO: upstream
          ./nixpatches/07-duplicity-rich-url.patch
        ];
      };
      nixosSystem = import (patchedPkgs + "/nixos/lib/eval-config.nix");
      in (nixosSystem {
        inherit system;
        specialArgs = { inherit nixpkgs mobile-nixos home-manager nurpkgs impermanence; };
        modules = [
          ./modules
          ./machines/${name}
          (import ./helpers/set-hostname.nix name)
          sops-nix.nixosModules.sops
          {
            nixpkgs.config.allowUnfree = true;
            nixpkgs.overlays = [
              nurpkgs.overlay
              (import "${mobile-nixos}/overlay/overlay.nix")
              (import ./pkgs/overlay.nix)
            ];
          }
        ];
    });

    decl-bootable-machine = { name, system }: rec {
      nixosConfiguration = self.decl-machine { inherit name system; };
      # this produces a EFI-bootable .img file (GPT with a /boot partition and a system (/ or /nix) partition).
      # after building this:
      #   - flash it to a bootable medium (SD card, flash drive)
      #   - boot
      #   - checkout this flake into /etc/nixos AND UPDATE THE FS UUIDS.
      #   - `nixos-rebuild --flake './#<machine>' switch`
      img = nixosConfiguration.config.system.build.img;
    };
  };
}
experimental flake support 2022-05-21 00:07:49 +00:00			`# docs:`
			`# https://nixos.wiki/wiki/Flakes`
			`# https://serokell.io/blog/practical-nix-flakes`

			`{`
			`inputs = {`
update nixos-21.11 -> nixos-22.05 2022-05-28 19:35:43 +00:00			`nixpkgs.url = "nixpkgs/nixos-22.05";`
moby: upgrade pkgs from 2022/03/30 -> 2022/05/20 this upstreams the manual phosh tweaks i had previously applied. 2022-05-25 03:57:43 +00:00			`# pkgs-telegram.url = "nixpkgs/33775ec9a2173a08e46edf9f46c9febadbf743e8";# 2022/04/18; telegram 3.7.3. fails: nix log /nix/store/y5kv47hnv55qknb6cnmpcyraicay79fx-telegram-desktop-3.7.3.drv: g++: fatal error: cannot execute '/nix/store/njk5sbd21305bhr7gwibxbbvgbx5lxvn-gcc-9.3.0/libexec/gcc/aarch64-unknown-linux-gnu/9.3.0/cc1plus': execv: No such file or directory`
moby: populate from lappy config (gnome, firefox, etc) it's not the best: probably want to replace with phosh 2022-05-23 02:45:54 +00:00			`mobile-nixos = {`
moby: abandon the flake fork of mobile-nixos and compile against tip instead 2022-05-24 05:47:32 +00:00			`url = "github:nixos/mobile-nixos";`
			`flake = false;`
moby: populate from lappy config (gnome, firefox, etc) it's not the best: probably want to replace with phosh 2022-05-23 02:45:54 +00:00			`};`
add a #lappy-gpt target which builds a flat, flashable image. the root part is ext4 instead of btrfs. nixos-generators doesn't support btrfs. the underlying machinery does though, so we can remove the middleman in a future patch to achieve that. 2022-05-22 01:05:32 +00:00			`home-manager = {`
home manager: update 21.11 -> 22.05 this is necessary for sway to build 2022-06-03 08:39:34 +00:00			`url = "github:nix-community/home-manager/release-22.05";`
add a #lappy-gpt target which builds a flat, flashable image. the root part is ext4 instead of btrfs. nixos-generators doesn't support btrfs. the underlying machinery does though, so we can remove the middleman in a future patch to achieve that. 2022-05-22 01:05:32 +00:00			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
add the NixOS User Repository, and source some firefox extensions from it 2022-05-22 11:03:30 +00:00			`nurpkgs.url = "github:nix-community/NUR";`
secrets: add an example sops secret 2022-06-06 23:36:22 +00:00			`sops-nix.url = "github:Mic92/sops-nix";`
lappy: enable impermanence it mostly went smooth, though i lost a .ssh key. probably the best upgrade process is to do most of the heavy work in the initrd: write the new nix config, notably, configuring a tmpfs / mount and moving the previous / to /nix. then boot and in the initrd, move all the `/nix/nix/...` items up a level. 2022-06-20 10:28:01 +00:00			`impermanence.url = "github:nix-community/impermanence";`
experimental flake support 2022-05-21 00:07:49 +00:00			`};`
factor out the uninsane machine a bit better 2022-05-21 07:30:29 +00:00
lappy: enable impermanence it mostly went smooth, though i lost a .ssh key. probably the best upgrade process is to do most of the heavy work in the initrd: write the new nix config, notably, configuring a tmpfs / mount and moving the previous / to /nix. then boot and in the initrd, move all the `/nix/nix/...` items up a level. 2022-06-20 10:28:01 +00:00			`outputs = { self, nixpkgs, mobile-nixos, home-manager, nurpkgs, sops-nix, impermanence }: {`
rename 'uninsane' machine -> 'servo' 2022-06-12 22:11:41 +00:00			`machines.servo = self.decl-bootable-machine { name = "servo"; system = "aarch64-linux"; };`
flake: factor out some machine helpers new structure is `imgs.<foo>` to build a disk image 2022-05-22 21:39:52 +00:00			`machines.desko = self.decl-bootable-machine { name = "desko"; system = "x86_64-linux"; };`
			`machines.lappy = self.decl-bootable-machine { name = "lappy"; system = "x86_64-linux"; };`
decrease the moby-specific stuff in flake.nix 2022-06-23 22:42:20 +00:00			`machines.moby = self.decl-bootable-machine { name = "moby"; system = "aarch64-linux"; };`
add a #lappy-gpt target which builds a flat, flashable image. the root part is ext4 instead of btrfs. nixos-generators doesn't support btrfs. the underlying machinery does though, so we can remove the middleman in a future patch to achieve that. 2022-05-22 01:05:32 +00:00
flake: simplify machine generation 2022-05-22 22:11:08 +00:00			`nixosConfigurations = builtins.mapAttrs (name: value: value.nixosConfiguration) self.machines;`
			`imgs = builtins.mapAttrs (name: value: value.img) self.machines;`
factor out the uninsane machine a bit better 2022-05-21 07:30:29 +00:00
flake: remove unused parameters 2022-06-23 22:49:59 +00:00			`decl-machine = { name, system }: let`
			`patchedPkgs = nixpkgs.legacyPackages.${system}.applyPatches {`
phoc: simplify the config by patching nixpkgs 2022-06-01 10:28:49 +00:00			`name = "nixpkgs-patched-uninsane";`
flake: remove unused parameters 2022-06-23 22:49:59 +00:00			`src = nixpkgs;`
phoc: simplify the config by patching nixpkgs 2022-06-01 10:28:49 +00:00			`patches = [`
remove phosh patch and use upstream diff 2022-06-06 04:19:03 +00:00			`# phosh: allow fractional scaling`
flake: remove unused parameters 2022-06-23 22:49:59 +00:00			`(nixpkgs.legacyPackages.${system}.fetchpatch {`
remove phosh patch and use upstream diff 2022-06-06 04:19:03 +00:00			`url = "https://github.com/NixOS/nixpkgs/pull/175872.diff";`
			`sha256 = "sha256-mEmqhe8DqlyCxkFWQKQZu+2duz69nOkTANh9TcjEOdY=";`
			`})`
port raspberry pi bootloader fixes to a nixpkgs patch 2022-06-02 21:18:41 +00:00			`# for raspberry pi: allow building u-boot for rpi 4{,00}`
remove phosh patch and use upstream diff 2022-06-06 04:19:03 +00:00			`# TODO: remove after upstreamed: https://github.com/NixOS/nixpkgs/pull/176018`
port raspberry pi bootloader fixes to a nixpkgs patch 2022-06-02 21:18:41 +00:00			`./nixpatches/02-rpi4-uboot.patch`
remove phosh patch and use upstream diff 2022-06-06 04:19:03 +00:00			`# alternative to https://github.com/NixOS/nixpkgs/pull/173200`
try to add Kaiteki as a package requires updating dart (flutter), which is causing problems... 2022-06-05 09:28:23 +00:00			`./nixpatches/04-dart-2.7.0.patch`
replace whalebird patch with upstream patch 2022-06-19 23:14:28 +00:00			`# whalebird: suuport aarch64`
flake: remove unused parameters 2022-06-23 22:49:59 +00:00			`(nixpkgs.legacyPackages.${system}.fetchpatch {`
replace whalebird patch with upstream patch 2022-06-19 23:14:28 +00:00			`url = "https://github.com/NixOS/nixpkgs/pull/176476.diff";`
			`sha256 = "sha256-126DljM06hqPZ3fjLZ3LBZR64nFbeTfzSazEu72d4y8=";`
			`})`
duplicity: migrate secrets to sops 2022-06-07 09:33:11 +00:00			`# TODO: upstream`
			`./nixpatches/07-duplicity-rich-url.patch`
phoc: simplify the config by patching nixpkgs 2022-06-01 10:28:49 +00:00			`];`
			`};`
			`nixosSystem = import (patchedPkgs + "/nixos/lib/eval-config.nix");`
			`in (nixosSystem {`
flake: factor out some machine helpers new structure is `imgs.<foo>` to build a disk image 2022-05-22 21:39:52 +00:00			`inherit system;`
decrease the moby-specific stuff in flake.nix 2022-06-23 22:42:20 +00:00			`specialArgs = { inherit nixpkgs mobile-nixos home-manager nurpkgs impermanence; };`
factor out a decl-machine helper 2022-05-21 07:40:56 +00:00			`modules = [`
gui/sway: port to module system 2022-06-07 00:35:28 +00:00			`./modules`
flake: simplify the machine declartion helpers 2022-05-24 00:15:38 +00:00			`./machines/${name}`
set hostname per machine 2022-05-24 03:20:05 +00:00			`(import ./helpers/set-hostname.nix name)`
secrets: add an example sops secret 2022-06-06 23:36:22 +00:00			`sops-nix.nixosModules.sops`
inline image building, and (for lappy) use a generic-extlinux-compatible bootloader the generic bootloader will allow more code-sharing with rpi and pinephone. desko should soon use the generic bootloader as well. problems: lappy can't boot from USB stick. it makes it to the initrd, but there's no dev nodes for the USB drive. unsure if this is how it was before, too. 2022-06-23 07:24:39 +00:00			`{`
move the custom packages overlay into pkgs/overlay.nix 2022-06-23 22:47:35 +00:00			`nixpkgs.config.allowUnfree = true;`
inline image building, and (for lappy) use a generic-extlinux-compatible bootloader the generic bootloader will allow more code-sharing with rpi and pinephone. desko should soon use the generic bootloader as well. problems: lappy can't boot from USB stick. it makes it to the initrd, but there's no dev nodes for the USB drive. unsure if this is how it was before, too. 2022-06-23 07:24:39 +00:00			`nixpkgs.overlays = [`
move the custom packages overlay into pkgs/overlay.nix 2022-06-23 22:47:35 +00:00			`nurpkgs.overlay`
inline image building, and (for lappy) use a generic-extlinux-compatible bootloader the generic bootloader will allow more code-sharing with rpi and pinephone. desko should soon use the generic bootloader as well. problems: lappy can't boot from USB stick. it makes it to the initrd, but there's no dev nodes for the USB drive. unsure if this is how it was before, too. 2022-06-23 07:24:39 +00:00			`(import "${mobile-nixos}/overlay/overlay.nix")`
move the custom packages overlay into pkgs/overlay.nix 2022-06-23 22:47:35 +00:00			`(import ./pkgs/overlay.nix)`
inline image building, and (for lappy) use a generic-extlinux-compatible bootloader the generic bootloader will allow more code-sharing with rpi and pinephone. desko should soon use the generic bootloader as well. problems: lappy can't boot from USB stick. it makes it to the initrd, but there's no dev nodes for the USB drive. unsure if this is how it was before, too. 2022-06-23 07:24:39 +00:00			`];`
			`}`
flake: remove unused parameters 2022-06-23 22:49:59 +00:00			`];`
factor out a decl-machine helper 2022-05-21 07:40:56 +00:00			`});`

flake: simplify decl-bootable-machine 2022-06-23 22:53:35 +00:00			`decl-bootable-machine = { name, system }: rec {`
remove the last remnants of the old `secrets` system. using SOPS exclusively now 2022-06-09 00:07:48 +00:00			`nixosConfiguration = self.decl-machine { inherit name system; };`
flake: simplify decl-bootable-machine 2022-06-23 22:53:35 +00:00			`# this produces a EFI-bootable .img file (GPT with a /boot partition and a system (/ or /nix) partition).`
			`# after building this:`
			`# - flash it to a bootable medium (SD card, flash drive)`
			`# - boot`
			`# - checkout this flake into /etc/nixos AND UPDATE THE FS UUIDS.`
			# - `nixos-rebuild --flake './#<machine>' switch`
			`img = nixosConfiguration.config.system.build.img;`
flake: simplify the machine declartion helpers 2022-05-24 00:15:38 +00:00			`};`
experimental flake support 2022-05-21 00:07:49 +00:00			`};`
			`}`