Merge branch 'staging/nur'

flake.nix

@@ -241,9 +241,12 @@
             (! elem name [ "feeds" "pythonPackagesExtensions" ])
             && (allPkgs.lib.meta.availableOn allPkgs.stdenv.hostPlatform pkg)
           )
-          (allPkgs.sane // {
-            inherit (allPkgs) uninsane-dot-org;
-          })
+          (
+            # expose sane packages and chosen inputs (uninsane.org)
+            (import ./pkgs { pkgs = allPkgs; }) // {
+              inherit (allPkgs) uninsane-dot-org;
+            }
+          )
         )
         # self.legacyPackages;
         { inherit (self.legacyPackages) x86_64-linux; }
@@ -260,13 +263,13 @@
         in {
           update-feeds = {
             type = "app";
-            program = "${pkgs.feeds.passthru.updateScript}";
+            program = "${pkgs.feeds.updateScript}";
           };
 
           init-feed = {
             # use like `nix run '.#init-feed' uninsane.org`
             type = "app";
-            program = "${pkgs.feeds.passthru.initFeedScript}";
+            program = "${pkgs.feeds.initFeedScript}";
           };
 
           deploy-moby-test = {

integrations/nur/default.nix

@@ -0,0 +1,36 @@
+# Nix User Repository (NUR)
+# - <https://github.com/nix-community/NUR>
+#
+# this file is not reachable from the top-level of my nixos configs (i.e. toplevel flake.nix)
+# nor is it intended for anyone who wants to reference my config directly
+#   (consider the toplevel flake.nix outputs instead).
+#
+# rather, this is the entrypoint through which NUR finds my packages, modules, overlays.
+# it's reachable only from those using this repo via NUR.
+#
+# to manually query available packages, modules, etc, try:
+# - nix eval --impure --expr 'builtins.attrNames (import ./. {})'
+#
+# to validate this before a push that would propagate to NUR:
+#   NIX_PATH= NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1 nix-env -f . -qa \* --meta --xml \
+#     --allowed-uris https://static.rust-lang.org \
+#     --option restrict-eval true \
+#     --option allow-import-from-derivation true \
+#     --drv-path --show-trace \
+#     -I nixpkgs=$(nix-instantiate --find-file nixpkgs) \
+#     -I ../../
+# ^ source: <https://github.com/nix-community/nur-packages-template/blob/master/.github/workflows/build.yml#L63>
+#   N.B.: nur eval allows only PATH (inherited) and NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM="1" (forced),
+#   hence the erasing of NIX_PATH above (to remove external overlays)
+
+{ pkgs ? import <nixpkgs> {} }:
+let
+  sanePkgs = import ../../pkgs { inherit pkgs; };
+in
+({
+  overlays.pkgs = import ../../overlays/pkgs.nix;
+  pkgs = sanePkgs;
+
+  modules = import ../../modules { inherit (pkgs) lib; };
+  lib = import ../../modules/lib { inherit (pkgs) lib; };
+} // sanePkgs)

modules/default.nix

@@ -1,4 +1,4 @@
-{ lib, utils, ... }:
+{ lib, ... }:
 
 {
   imports = [
@@ -15,7 +15,7 @@
   ];
 
   _module.args =  {
-    sane-lib = import ./lib { inherit lib utils; };
+    sane-lib = import ./lib { inherit lib; };
     sane-data = import ./data { inherit lib; };
   };
 }

modules/lib/default.nix

@@ -1,12 +1,12 @@
-{ lib, ... }@moduleArgs:
+{ lib, ... }:
 
 let
 sane-lib = rec {
-  feeds = import ./feeds.nix moduleArgs;
-  fs = import ./fs.nix moduleArgs;
-  merge = import ./merge.nix ({ inherit sane-lib; } // moduleArgs);
-  path = import ./path.nix moduleArgs;
-  types = import ./types.nix moduleArgs;
+  feeds = import ./feeds.nix { inherit lib; };
+  fs = import ./fs.nix { inherit lib; };
+  merge = import ./merge.nix { inherit lib sane-lib; };
+  path = import ./path.nix { inherit lib; };
+  types = import ./types.nix { inherit lib; };
 
   # re-exports
   inherit (merge) mkTypedMerge;

modules/lib/path.nix

@@ -1,4 +1,4 @@
-{ lib, utils, ... }:
+{ lib, ... }:
 
 let path = rec {
 

overlays/pkgs.nix

@@ -1,64 +1,8 @@
 (next: prev:
-  with next;
-  let
-    sane = rec {
-      sane-lib = import ../modules/lib next;
-      #### my own, non-upstreamable packages:
-      static-nix-shell = callPackages ../pkgs/static-nix-shell { };
-      sane-scripts = callPackage ../pkgs/sane-scripts { };
-      mx-sanebot = callPackage ../pkgs/mx-sanebot { };
-      feeds = recurseIntoAttrs (callPackage ../pkgs/feeds { });
-      tow-boot-pinephone = callPackage ../pkgs/tow-boot-pinephone { };
-      tow-boot-rpi4 = callPackage ../pkgs/tow-boot-rpi4 { };
-      bootpart-uefi-x86_64 = callPackage ../pkgs/bootpart-uefi-x86_64 { };
-      bootpart-tow-boot-rpi-aarch64 = callPackage ../pkgs/bootpart-tow-boot-rpi-aarch64 { };
-      bootpart-u-boot-rpi-aarch64 = callPackage ../pkgs/bootpart-u-boot-rpi-aarch64 { };
-      rtl8723cs-firmware = callPackage ../pkgs/rtl8723cs-firmware { };
-      linux-megous = callPackage ../pkgs/linux-megous {
-        kernelPatches = [
-          prev.kernelPatches.bridge_stp_helper
-          prev.kernelPatches.request_key_helper
-        ];
-      };
-
-      sublime-music-mobile = callPackage ../pkgs/sublime-music-mobile { };
-
-      #### customized packages
-      fluffychat-moby = callPackage ../pkgs/fluffychat-moby { };
-      gpodder-configured = callPackage ../pkgs/gpodder-configured { };
-      # jackett doesn't allow customization of the bind address: this will probably always be here.
-      jackett = callPackage ../pkgs/jackett { inherit (prev) jackett; };
-      # mozilla keeps nerfing itself and removing configuration options
-      firefox-unwrapped = callPackage ../pkgs/firefox-unwrapped { inherit (prev) firefox-unwrapped; };
-
-      # patch rpi uboot with something that fixes USB HDD boot
-      ubootRaspberryPi4_64bit = callPackage ../pkgs/ubootRaspberryPi4_64bit { };
-
-      gocryptfs = callPackage ../pkgs/gocryptfs { inherit (prev) gocryptfs; };
-
-      browserpass = callPackage ../pkgs/browserpass { inherit (prev) browserpass; };
-
-      fractal-latest = callPackage ../pkgs/fractal-latest { };
-
-      #### TEMPORARY: PACKAGES WAITING TO BE UPSTREAMED
-
-      cargo-docset = callPackage ../pkgs/cargo-docset { };
-
-      pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
-        (py-final: py-prev: {
-          feedsearch-crawler = py-final.callPackage ../pkgs/feedsearch-crawler { };
-        })
-      ];
-
-      kaiteki = callPackage ../pkgs/kaiteki { };
-      lightdm-mobile-greeter = callPackage ../pkgs/lightdm-mobile-greeter { };
-      browserpass-extension = callPackage ../pkgs/browserpass-extension { };
-      gopass-native-messaging-host = callPackage ../pkgs/gopass-native-messaging-host { };
-      tokodon = prev.libsForQt5.callPackage ../pkgs/tokodon { };
-
-      # provided by nixpkgs patch or upstream preview
-      # splatmoji = callPackage ../pkgs/splatmoji { };
-    };
-  in sane // { inherit sane; }
+  # expose all my packages into the root scope:
+  # - `additional` packages
+  # - `patched` versions of nixpkgs (which necessarily shadow their nixpkgs version)
+  # - `pythonPackagesExtensions`
+  import ../pkgs
+    { pkgs = next; lib = prev.lib; unpatched = prev; }
 )
-

pkgs/additional/feeds/default.nix

@@ -1,15 +1,15 @@
 { lib
 , callPackage
 , python3
+, sane-data
 , static-nix-shell
 , writeShellScript
 }:
 
 let
   # TODO: dependency-inject this.
-  sane-data = import ../../modules/data { inherit lib; };
   template = callPackage ./template.nix;
-  feed-pkgs = lib.mapAttrs
+  feed-pkgs' = lib.mapAttrs
     (name: feed-details: template {
       feedName = name;
       jsonPath = "modules/data/feeds/sources/${name}/default.json";
@@ -18,9 +18,9 @@ let
     sane-data.feeds;
   update-scripts = lib.mapAttrsToList
     (name: feed: builtins.concatStringsSep " " feed.passthru.updateScript)
-    feed-pkgs;
+    feed-pkgs';
 in rec {  # TODO: make this a scope
-  inherit feed-pkgs;
+  feed-pkgs = lib.recurseIntoAttrs feed-pkgs';
   update = static-nix-shell.mkPython3Bin {
     pname = "update";
     src = ./.;
@@ -49,10 +49,9 @@ in rec {  # TODO: make this a scope
       ${update}/bin/update.py "$name" "$json_path"
       cat "$json_path"
     '';
-  passthru = {
-    updateScript = writeShellScript
-      "feeds-update"
-      (builtins.concatStringsSep "\n" update-scripts);
-    initFeedScript = init-feed;
-  };
+
+  updateScript = writeShellScript
+    "feeds-update"
+    (builtins.concatStringsSep "\n" update-scripts);
+  initFeedScript = init-feed;
 }

pkgs/additional/linux-megous/default.nix

@@ -1,8 +1,18 @@
-{ lib, buildPackages, fetchFromGitHub, perl, buildLinux, nixosTests, modDirVersionArg ? null, ... } @ args:
+{ lib
+, buildLinux
+, buildPackages
+, fetchFromGitHub
+, kernelPatches
+, modDirVersionArg ? null
+, nixosTests
+, perl
+, ...
+} @ args:
 
 with lib;
 
 let
+  kernelPatches' = kernelPatches;
   base = "6.2.0";
   # set to empty if not a release candidate
   rc = "-rc5";
@@ -15,6 +25,11 @@ in buildLinux (args // rec {
   # branchVersion needs to be x.y
   extraMeta.branch = versions.majorMinor version;
 
+  kernelPatches = [
+    kernelPatches'.bridge_stp_helper
+    kernelPatches'.request_key_helper
+  ];
+
   src = fetchFromGitHub {
     # HOW TO UPDATE:
     # - `git fetch` from megous' github.

pkgs/additional/static-nix-shell/default.nix

@@ -2,14 +2,12 @@
 , lib
 , makeWrapper
 , python3
-, sane-lib
 , stdenv
 }:
 
 let
-  inherit (builtins) attrNames attrValues concatStringsSep map typeOf;
+  inherit (builtins) attrNames attrValues concatStringsSep foldl' map typeOf;
   inherit (lib) concatMapAttrs;
-  inherit (sane-lib) mapToAttrs;
   pkgs' = pkgs;
 in {
   # transform a file which uses `#!/usr/bin/env nix-shell` shebang with a `python3` interpreter
@@ -28,10 +26,9 @@ in {
       #   <value> = package to provide
       pkgsToAttrs = prefix: pkgSet: expr: ({
         "lambda" = expr: pkgsToAttrs prefix pkgSet (expr pkgSet);
-        "list" = expr: mapToAttrs (pname: {
-          name = prefix + pname;
-          value = pkgSet."${pname}";
-        }) expr;
+        "list" = expr: foldl' (acc: pname: acc // {
+          "${prefix + pname}" = pkgSet."${pname}";
+        }) {} expr;
         "set" = expr: expr;
       })."${typeOf expr}" expr;
       pyEnv = python3.withPackages (ps: attrValues (

pkgs/browserpass/default.nix

@@ -1,48 +0,0 @@
-{ lib
-, browserpass
-, bash
-, fetchFromGitea
-, gnused
-, sane-scripts
-, sops
-, stdenv
-, substituteAll
-}:
-
-let
-  sane-browserpass-gpg = stdenv.mkDerivation {
-    pname = "sane-browserpass-gpg";
-    version = "0.1.0";
-    src = ./.;
-
-    inherit bash gnused sops;
-    sane_scripts = sane-scripts;
-    installPhase = ''
-      mkdir -p $out/bin
-      substituteAll ${./sops-gpg-adapter} $out/bin/gpg
-      chmod +x $out/bin/gpg
-      ln -s $out/bin/gpg $out/bin/gpg2
-    '';
-
-  };
-in
-(browserpass.overrideAttrs (upstream: {
-  src = fetchFromGitea {
-    domain = "git.uninsane.org";
-    owner = "colin";
-    repo = "browserpass-native";
-    # don't forcibly append '.gpg'
-    rev = "d3ef88e12cb127914fb0ead762b7baee6913592f";
-    hash = "sha256-FRnFmCJI/1f92DOI1VXSPivSBzIR372gmgLUfLLiuPc=";
-  };
-  installPhase = ''
-    make install
-
-    wrapProgram $out/bin/browserpass \
-      --prefix PATH : ${lib.makeBinPath [ sane-browserpass-gpg ]}
-
-    # This path is used by our firefox wrapper for finding native messaging hosts
-    mkdir -p $out/lib/mozilla/native-messaging-hosts
-    ln -s $out/lib/browserpass/hosts/firefox/*.json $out/lib/mozilla/native-messaging-hosts
-  '';
-}))

pkgs/default.nix

@@ -0,0 +1,73 @@
+{ pkgs ? import <nixpkgs> {}, lib ? pkgs.lib, unpatched ? pkgs }:
+let
+
+  pythonPackagesOverlay = py-final: py-prev: import ./python-packages {
+    inherit (py-final) callPackage;
+  };
+  # this scope ensures that my packages can all take each other as inputs,
+  # even when evaluated bare (i.e. outside of an overlay)
+  sane = lib.makeScope pkgs.newScope (self: with self; {
+    sane-data = import ../modules/data { inherit lib; };
+    sane-lib = import ../modules/lib pkgs;
+
+    ### ADDITIONAL PACKAGES
+    bootpart-uefi-x86_64 = callPackage ./additional/bootpart-uefi-x86_64 { };
+    browserpass-extension = callPackage ./additional/browserpass-extension { };
+    cargo-docset = callPackage ./additional/cargo-docset { };
+    feeds = lib.recurseIntoAttrs (callPackage ./additional/feeds { });
+    gopass-native-messaging-host = callPackage ./additional/gopass-native-messaging-host { };
+    gpodder-configured = callPackage ./additional/gpodder-configured { };
+    lightdm-mobile-greeter = callPackage ./additional/lightdm-mobile-greeter { };
+    linux-megous = callPackage ./additional/linux-megous { };
+    mx-sanebot = callPackage ./additional/mx-sanebot { };
+    rtl8723cs-firmware = callPackage ./additional/rtl8723cs-firmware { };
+    sane-scripts = callPackage ./additional/sane-scripts { };
+    static-nix-shell = callPackage ./additional/static-nix-shell { };
+    sublime-music-mobile = callPackage ./additional/sublime-music-mobile { };
+    tow-boot-pinephone = callPackage ./additional/tow-boot-pinephone { };
+
+    # packages i haven't used for a while, may or may not still work
+    # fluffychat-moby = callPackage ./additional/fluffychat-moby { };
+    # fractal-latest = callPackage ./additional/fractal-latest { };
+    # kaiteki = callPackage ./additional/kaiteki { };
+    # tokodon = libsForQt5.callPackage ./additional/tokodon { };
+
+    # old rpi packages that may or may not still work
+    # bootpart-tow-boot-rpi-aarch64 = callPackage ./additional/bootpart-tow-boot-rpi-aarch64 { };
+    # bootpart-u-boot-rpi-aarch64 = callPackage ./additional/bootpart-u-boot-rpi-aarch64 { };
+    # tow-boot-rpi4 = callPackage ./additional/tow-boot-rpi4 { };
+    # patch rpi uboot with something that fixes USB HDD boot
+    # ubootRaspberryPi4_64bit = callPackage ./additional/ubootRaspberryPi4_64bit { };
+
+    # provided by nixpkgs patch or upstream PR
+    # splatmoji = callPackage ./additional/splatmoji { };
+
+
+    ### PATCHED PACKAGES
+
+    # XXX: the `inherit`s here are because:
+    # - pkgs.callPackage draws from the _final_ package set.
+    # - unpatched.XYZ draws (selectively) from the _unpatched_ package set.
+    # see <overlays/pkgs.nix>
+    browserpass = callPackage ./patched/browserpass { inherit (unpatched) browserpass; };
+
+    # mozilla keeps nerfing itself and removing configuration options
+    firefox-unwrapped = callPackage ./patched/firefox-unwrapped { inherit (unpatched) firefox-unwrapped; };
+
+    gocryptfs = callPackage ./patched/gocryptfs { inherit (unpatched) gocryptfs; };
+
+    # jackett doesn't allow customization of the bind address: this will probably always be here.
+    jackett = callPackage ./patched/jackett { inherit (unpatched) jackett; };
+
+
+    ### PYTHON PACKAGES
+    pythonPackagesExtensions = (unpatched.pythonPackagesExtensions or []) ++ [
+      pythonPackagesOverlay
+    ];
+    # when this scope's applied as an overlay pythonPackagesExtensions is propagated as desired.
+    # but when freestanding (e.g. NUR), it never gets plumbed into the outer pkgs, so we have to do that explicitly.
+    python3 = unpatched.python3.override {
+      packageOverrides = pythonPackagesOverlay;
+    };
+  });
+in sane.packages sane

pkgs/patched/browserpass/default.nix

@@ -0,0 +1,48 @@
+{ lib
+, browserpass
+, bash
+, fetchFromGitea
+, gnused
+, sane-scripts
+, sops
+, stdenv
+, substituteAll
+}:
+
+let
+  sane-browserpass-gpg = stdenv.mkDerivation {
+    pname = "sane-browserpass-gpg";
+    version = "0.1.0";
+    src = ./.;
+
+    inherit bash gnused sops;
+    sane_scripts = sane-scripts;
+    installPhase = ''
+      mkdir -p $out/bin
+      substituteAll ${./sops-gpg-adapter} $out/bin/gpg
+      chmod +x $out/bin/gpg
+      ln -s $out/bin/gpg $out/bin/gpg2
+    '';
+
+  };
+in
+  browserpass.overrideAttrs (upstream: {
+    src = fetchFromGitea {
+      domain = "git.uninsane.org";
+      owner = "colin";
+      repo = "browserpass-native";
+      # don't forcibly append '.gpg'
+      rev = "d3ef88e12cb127914fb0ead762b7baee6913592f";
+      hash = "sha256-FRnFmCJI/1f92DOI1VXSPivSBzIR372gmgLUfLLiuPc=";
+    };
+    installPhase = ''
+      make install
+
+      wrapProgram $out/bin/browserpass \
+        --prefix PATH : ${lib.makeBinPath [ sane-browserpass-gpg ]}
+
+      # This path is used by our firefox wrapper for finding native messaging hosts
+      mkdir -p $out/lib/mozilla/native-messaging-hosts
+      ln -s $out/lib/browserpass/hosts/firefox/*.json $out/lib/mozilla/native-messaging-hosts
+    '';
+  })

pkgs/python-packages/default.nix

@@ -0,0 +1,4 @@
+{ callPackage }:
+{
+  feedsearch-crawler = callPackage ./feedsearch-crawler { };
+}