Compare commits

...

66 Commits

Author SHA1 Message Date
7796e13606 WIP: reduce emulated cross pkgset; aborted x86-x86 cross compilation 2023-02-14 10:19:32 +00:00
a6470aec95 moby: ship the full recommended guiApps again 2023-02-11 00:51:49 +00:00
d1d4509d7a phosh: disable konsole. it drags in a large closure, especially qt stuff which doesn't cross compile well 2023-02-11 00:51:20 +00:00
3ce78a1996 cross packages: full moby build can cross compile (except konsole is untested) 2023-02-11 00:50:46 +00:00
3fc0233d42 programs: split the guiApps category into slightly smaller bits 2023-02-10 00:47:10 +00:00
9a44b96f57 moby: ship some of the base apps 2023-02-10 00:46:27 +00:00
690307e198 cross packages: cross compile more stuff 2023-02-10 00:46:04 +00:00
3da6e1fb41 gpodder: fix makeWrapper to be a nativeBuildInput 2023-02-10 00:45:44 +00:00
67c561cf8e phosh-mobile-settings: cross compile 2023-02-09 19:40:16 +00:00
f387a21dee cross packages: cross compile more gnome packages 2023-02-09 07:58:32 +00:00
172a1ed5a6 working moby cross compilation 2023-02-09 06:13:23 +00:00
60e30c643d cross packages: get more things to build and further reduce the emulated closure 2023-02-09 01:05:25 +00:00
cba200efb4 cross packages: get more things to build and further reduce the emulated closure 2023-02-08 22:30:27 +00:00
77ecde7289 cross packages: reduce the emulated package set 2023-02-07 09:46:13 +00:00
8390e3d280 phosh: disable gvfs service 2023-02-07 09:44:58 +00:00
2631d6f590 phosh: enable fewer gnome services/packages 2023-02-07 03:24:46 +00:00
fe16b72081 programs: re-enable cdrtools, fwupd; disable duplicity/backblaze 2023-02-07 03:24:10 +00:00
a3fb2f06a5 tune emulated package set (e.g. only emulate one of gvfs' deps; not the WHOLE thing 2023-02-07 03:23:18 +00:00
e8ac4fee7a WIP: moby: partially working cross compilation for phosh w/o apps (webkitgtk build OOMs) 2023-02-06 22:42:11 +00:00
fcf6f9f6f3 moby: get working cross compilation for the base image (i.e. no GUI) 2023-02-06 22:41:51 +00:00
398c07ea9f WIP: moby-cross: is cross-by-default instead of opt-in 2023-02-05 19:35:54 +00:00
39edaabcc7 gjs, libadwaita, libsecret: skip flakey check phase 2023-02-05 19:35:54 +00:00
3a14a44483 mesa: downgrade from 22.3.4 -> 22.3.2 to address a memory leak 2023-02-05 19:35:54 +00:00
bcfd8e1725 nit: remove trailing space 2023-02-05 19:35:34 +00:00
e0a6f8ea4a flake: add host-pkgs.<host>.<pkg> output
this builds packages precisely as they are defined by the given host.
significant for testing whether a cross-compiled host builds things
correctly, for example.
2023-02-05 19:34:32 +00:00
80f3d0472b handbrake patch: fix hash (updated upstream) 2023-02-05 07:18:20 +00:00
b6685c9e6c refactor: move konsole from moby/default.nix -> gui/phosh.nix 2023-02-04 10:00:10 +00:00
0c2d8af448 remove sane.gui.enable option 2023-02-04 00:50:47 +00:00
7ce0c34f43 sway: specify dependent packages more idiomatically, and fix bug where phosh wasn't actually shipping its dependents 2023-02-04 00:43:00 +00:00
f2e8be3bd1 phosh: specify dependent packages more idiomatically 2023-02-03 22:55:39 +00:00
9b2e7b02cc Merge branch 'staging/nixpkgs-2023-02-01' 2023-02-03 22:14:47 +00:00
1b3e0b95be persist: remove rust/cargo 2023-02-03 18:18:10 +00:00
f78968c73a persist /var/lib/systemd/coredump 2023-02-03 18:17:22 +00:00
d5d755a4b2 flake update: nixpkgs 2023-01-25 -> 2023-02-01; sops-nix
```
• Updated input 'nixpkgs':
    'path:/nix/store/760ff23zl95q4jza8mkg47vs9ff20hq3-source/nixpatches?lastModified=1&narHash=sha256-arp7Uy7ct5ryTcmSY032eN7hr33i7D2XvjTRLliCFDc=' (1970-01-01)
  → 'path:/nix/store/pr622dac2xv2fzxvkfdfzl3sba1m7xkm-source/nixpatches?lastModified=1&narHash=sha256-arp7Uy7ct5ryTcmSY032eN7hr33i7D2XvjTRLliCFDc=' (1970-01-01)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/9b97ad7b4330aacda9b2343396eb3df8a853b4fc' (2023-01-25)
  → 'github:nixos/nixpkgs/4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db' (2023-02-01)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c' (2023-01-24)
  → 'github:Mic92/sops-nix/a81ce6c961480b3b93498507074000c589bd9d60' (2023-02-01)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/918b760070bb8f48cb511300fcd7e02e13058a2e' (2023-01-22)
  → 'github:NixOS/nixpkgs/a3a1400571e3b9ccc270c2e8d36194cf05aab6ce' (2023-02-01)
```
2023-02-03 09:46:26 +00:00
e08281c380 fix: typo in config option name 2023-02-03 09:09:37 +00:00
afb006f6ec programs: port last users & remove the old packages.nix 2023-02-03 05:26:57 +00:00
a76cf03232 remove unused "enableDevPkgs" option 2023-02-03 05:18:38 +00:00
9c24f24306 programs: port GUI apps to new config system 2023-02-03 05:08:52 +00:00
736999eea6 programs: port console packages to new config system 2023-02-03 04:24:17 +00:00
979ed38506 programs: make system be some type of meta-program/package 2023-02-03 04:03:22 +00:00
46285852d0 modules: add a sane.programs interface which i can use going forward in place of sane.packages 2023-02-03 03:38:23 +00:00
0e756d5064 packages: add sox sound converter 2023-02-02 10:23:01 +00:00
a52ead5aec nit: document what "foliate" application is 2023-02-02 00:21:07 +00:00
c0377ff1a0 dovecot: define Drafts and Trash folders 2023-01-31 08:22:20 +00:00
062ef20d05 dovecot: auto-create the "Sent" message box 2023-01-31 06:57:35 +00:00
a0861edc5f packages: enable kitty on servo to fix login error 2023-01-31 06:43:02 +00:00
eae075acb5 flake: remove unused nixpkgs-stable argument. we can re-add it when needed 2023-01-31 04:09:49 +00:00
ef2ba01141 pins: remove dead nheko code 2023-01-31 04:05:18 +00:00
2756e15bab flake update: nixpkgs-stable 2023-01-29 -> 2023-01-30
```
• Updated input 'nixpkgs-stable':
    'github:nixos/nixpkgs/22c4a7a4796a91c297a7e59078a84ec29515f86e' (2023-01-29)
  → 'github:nixos/nixpkgs/f413457e0dd7a42adefdbcea4391dd9751509025' (2023-01-30)
• Updated input 'uninsane-dot-org':
    'git+https://git.uninsane.org/colin/uninsane?ref=refs%2fheads%2fmaster&rev=80c6ec95bd430e29d231cf745f19279bb76fb382' (2022-10-27)
  → 'git+https://git.uninsane.org/colin/uninsane?ref=refs%2fheads%2fmaster&rev=b099c24091cc192abf3997b94342d4b31cc5757b' (2023-01-31)
```
2023-01-31 03:56:39 +00:00
940aac3a22 refactor: move persist settings into persist.nix 2023-01-31 03:44:48 +00:00
5f24e029af persist stores: make private/crypt support backing stores that aren't /nix/persist 2023-01-31 03:38:41 +00:00
98b542332b persist: crypt store: make paths overridable 2023-01-31 03:36:15 +00:00
70b62e9f76 persist stores: define the path for private at the host level 2023-01-31 03:29:53 +00:00
7c81df00df move nixcache.nix from modules -> hosts/modules 2023-01-30 11:25:46 +00:00
f288f34d1e nixpkgs-stable: 2023-01-28 -> 2023-01-29
```
• Updated input 'nixpkgs-stable':
    'github:nixos/nixpkgs/ce20e9ebe1903ea2ba1ab006ec63093020c761cb' (2023-01-28)
  → 'github:nixos/nixpkgs/22c4a7a4796a91c297a7e59078a84ec29515f86e' (2023-01-29)
```
2023-01-30 11:13:37 +00:00
854977c3aa move duplicity out of modules -> hosts 2023-01-30 11:11:42 +00:00
3653776399 cleanup: modules/users.nix: allow explicitly setting home, if needed 2023-01-30 11:06:47 +00:00
e4bff9b5ef refactor: persist: remove dead code 2023-01-30 10:51:41 +00:00
ec22c128e0 remove reference to /home/colin from modules/persist 2023-01-30 10:48:32 +00:00
77cc560052 use sane.user.persist instead of sane.persist.home 2023-01-30 10:35:03 +00:00
c1f3fc502d sane.users.<user>.persist: forward to sane.persist.home 2023-01-30 10:34:36 +00:00
4d3248d315 lib: mkTypedMerge: fix to work with recursive attrsets 2023-01-30 10:33:59 +00:00
45a1c07210 refactor: make use of sane.user.fs 2023-01-30 09:27:19 +00:00
a1a711190f refactor: make use of sane.user 2023-01-30 09:13:43 +00:00
ee9a2b320d add a sane.user option which is shorthand for the default user 2023-01-30 08:53:40 +00:00
870afec07e add which is shorthand to define a fs entry inside that user's home 2023-01-30 08:32:55 +00:00
58 changed files with 2385 additions and 1075 deletions

51
flake.lock generated
View File

@@ -39,38 +39,22 @@
},
"locked": {
"lastModified": 1,
"narHash": "sha256-arp7Uy7ct5ryTcmSY032eN7hr33i7D2XvjTRLliCFDc=",
"path": "/nix/store/rk489311m97gs49qid05c1xra05h64sm-source/nixpatches",
"narHash": "sha256-lOtSD7yBRLM6OF1prrI11ZSmsd2grhnL8ltYrktzuoA=",
"path": "/nix/store/why3zigp1ddj1i9pfq47fs5iri80y6nw-source/nixpatches",
"type": "path"
},
"original": {
"path": "/nix/store/rk489311m97gs49qid05c1xra05h64sm-source/nixpatches",
"path": "/nix/store/why3zigp1ddj1i9pfq47fs5iri80y6nw-source/nixpatches",
"type": "path"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1674868155,
"narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1674352297,
"narHash": "sha256-OkAnJPrauEcUCrst4/3DKoQfUn2gXKuU6CFvhtMrLgg=",
"lastModified": 1675265860,
"narHash": "sha256-PZNqc4ZnTRT34NsHJYbXn+Yhghh56l8HEXn39SMpGNc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "918b760070bb8f48cb511300fcd7e02e13058a2e",
"rev": "a3a1400571e3b9ccc270c2e8d36194cf05aab6ce",
"type": "github"
},
"original": {
@@ -82,11 +66,11 @@
},
"nixpkgs-unpatched": {
"locked": {
"lastModified": 1674641431,
"narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=",
"lastModified": 1675273418,
"narHash": "sha256-tpYc4TEGvDzh9uRf44QemyQ4TpVuUbxb07b2P99XDbM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc",
"rev": "4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db",
"type": "github"
},
"original": {
@@ -100,7 +84,6 @@
"inputs": {
"mobile-nixos": "mobile-nixos",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unpatched": "nixpkgs-unpatched",
"sops-nix": "sops-nix",
"uninsane-dot-org": "uninsane-dot-org"
@@ -111,14 +94,14 @@
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_2"
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1674546403,
"narHash": "sha256-vkyNv0xzXuEnu9v52TUtRugNmQWIti8c2RhYnbLG71w=",
"lastModified": 1675288837,
"narHash": "sha256-76s8TLENa4PzWDeuIpEF78gqeUrXi6rEJJaKEAaJsXw=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c",
"rev": "a81ce6c961480b3b93498507074000c589bd9d60",
"type": "github"
},
"original": {
@@ -135,11 +118,11 @@
]
},
"locked": {
"lastModified": 1666870107,
"narHash": "sha256-b9eXZxSwhzdJI5uQgfrMhu4SY2POrPkinUg7F5gQVYo=",
"lastModified": 1675131883,
"narHash": "sha256-yBgJDG72YqIr1bltasqHD1E/kHc9uRFgDjxDmy6kI8M=",
"ref": "refs/heads/master",
"rev": "80c6ec95bd430e29d231cf745f19279bb76fb382",
"revCount": 164,
"rev": "b099c24091cc192abf3997b94342d4b31cc5757b",
"revCount": 170,
"type": "git",
"url": "https://git.uninsane.org/colin/uninsane"
},

View File

@@ -19,7 +19,7 @@
# but `inputs` is required to be a strict attrset: not an expression.
inputs = {
# <https://github.com/nixos/nixpkgs/tree/nixos-22.11>
nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-22.11";
# nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-22.11";
# <https://github.com/nixos/nixpkgs/tree/nixos-unstable>
nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=nixos-unstable";
@@ -46,12 +46,12 @@
outputs = {
self,
nixpkgs,
nixpkgs-stable,
nixpkgs-unpatched,
mobile-nixos,
sops-nix,
uninsane-dot-org
}:
uninsane-dot-org,
...
}@inputs:
let
nixpkgsCompiledBy = local: nixpkgs.legacyPackages."${local}";
@@ -67,7 +67,9 @@
(nixosSystem {
# we use pkgs built for and *by* the target, i.e. emulation, by default.
# cross compilation only happens on explicit access to `pkgs.cross`
system = target;
# system = target;
# localSystem = local;
# crossSystem = target;
modules = [
(import ./hosts/instantiate.nix { localSystem = local; hostName = name; })
self.nixosModules.default
@@ -78,6 +80,9 @@
self.overlays.passthru
self.overlays.pins
];
# nixpkgs.crossSystem = target;
nixpkgs.hostPlatform = target;
nixpkgs.buildPlatform = local;
}
];
});
@@ -111,15 +116,20 @@
# - `nixos-rebuild --flake './#<host>' switch`
imgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.img) self.nixosConfigurations;
host-pkgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.pkgs) self.nixosConfigurations;
overlays = rec {
default = pkgs;
pkgs = import ./overlays/pkgs.nix;
pins = import ./overlays/pins.nix; # TODO: move to `nixpatches/` input
passthru =
let
stable = next: prev: {
stable = nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform.system}";
};
stable =
if inputs ? "nixpkgs-stable" then (
next: prev: {
stable = inputs.nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform.system}";
}
) else (next: prev: {});
mobile = (import "${mobile-nixos}/overlay/overlay.nix");
uninsane = uninsane-dot-org.overlay;
in

View File

@@ -4,8 +4,6 @@
./fs.nix
];
# sane.packages.enableDevPkgs = true;
sane.roles.client = true;
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."desko".wg-home.ip;
@@ -16,6 +14,8 @@
sane.gui.sway.enable = true;
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
boot.loader.efi.canTouchEfiVariables = false;
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
@@ -49,12 +49,12 @@
};
programs.steam = {
enable = true;
# enable = true;
# not sure if needed: stole this whole snippet from the wiki
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
sane.persist.home.plaintext = [
sane.user.persist.plaintext = [
".steam"
".local/share/Steam"
];

View File

@@ -8,15 +8,15 @@
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."lappy".wg-home.ip;
# sane.packages.enableDevPkgs = true;
# sane.users.guest.enable = true;
# sane.guest.enable = true;
sane.gui.sway.enable = true;
sane.persist.enable = true;
sane.nixcache.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
sops.secrets.colin-passwd = {
sopsFile = ../../../secrets/lappy.yaml;
neededForUsers = true;

View File

@@ -37,15 +37,10 @@
# addons.sideberry.enable = false;
};
sane.persist.home.plaintext = [
sane.user.persist.plaintext = [
".config/pulse" # persist pulseaudio volume
];
# sane.packages.enableGuiPkgs = false; # XXX faster builds/imaging for debugging
sane.packages.extraUserPkgs = [
pkgs.plasma5Packages.konsole # terminal
];
sane.nixcache.enable = true;
sane.persist.enable = true;
sane.gui.phosh.enable = true;

View File

@@ -114,7 +114,7 @@ in
# - phone rotation sensor is off by 90 degrees
# - ambient light sensor causes screen brightness to be shakey
# - phosh greeter may not appear after wake from sleep
boot.kernelPackages = pkgs.cross.linuxPackagesFor pkgs.cross.linux-megous;
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux-megous;
boot.kernelPatches = [
(patchDefconfig (kernelConfig //

View File

@@ -8,12 +8,13 @@
./services
];
sane.packages.extraUserPkgs = with pkgs; [
sane.programs = {
# for administering services
freshrss
matrix-synapse
signaldctl
];
freshrss.enableFor.user.colin = true;
matrix-synapse.enableFor.user.colin = true;
signaldctl.enableFor.user.colin = true;
};
sane.persist.enable = true;
sane.services.dyn-dns.enable = true;
sane.services.wg-home.enable = true;

View File

@@ -1,3 +1,6 @@
# DOCS:
# - dovecot config: <https://doc.dovecot.org/configuration_manual/>
{ config, lib, ... }:
let
@@ -143,6 +146,25 @@ in
# inspired by https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/
services.dovecot2.enable = true;
services.dovecot2.mailboxes = {
# special-purpose mailboxes: "All" "Archive" "Drafts" "Flagged" "Junk" "Sent" "Trash"
# RFC6154 describes these special mailboxes: https://www.ietf.org/rfc/rfc6154.html
# how these boxes are treated is 100% up to the client and server to decide.
# client behavior:
# iOS
# - Drafts: ?
# - Sent: works
# - Trash: works
# aerc
# - Drafts: works
# - Sent: works
# - Trash: no; deleted messages are actually deleted
# use `:move trash` instead
# Sent mailbox: all sent messages are copied to it. unclear if this happens server-side or client-side.
Drafts = { specialUse = "Drafts"; auto = "create"; };
Sent = { specialUse = "Sent"; auto = "create"; };
Trash = { specialUse = "Trash"; auto = "create"; };
};
services.dovecot2.sslServerCert = "/var/lib/acme/imap.uninsane.org/fullchain.pem";
services.dovecot2.sslServerKey = "/var/lib/acme/imap.uninsane.org/key.pem";
services.dovecot2.enablePAM = false;

View File

@@ -1,22 +1,972 @@
{ config, ... }:
# cross compiling
# - for edge-casey things, see in nixpkgs:
# - `git show da9a9a440415b236f22f57ba67a24ab3fb53f595`
# - e.g. `mesonEmulatorHook`, `depsBuildBuild`, `python3.pythonForBuild`
# - <doc/stdenv/cross-compilation.chapter.md>
# - e.g. `makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];`
#
# build a particular package as evaluated here with:
# - toplevel: `nix build '.#host-pkgs.moby-cross.xdg-utils'`
# - scoped: `nix build '.#host-pkgs.moby-cross.gnome.mutter'`
# - python: `nix build '.#host-pkgs.moby-cross.python310Packages.pandas'`
# - perl: `nix build '.#host-pkgs.moby-cross.perl536Packages.ModuleBuild'`
# - qt: `nix build '.#host-pkgs.moby-cross.qt5.qtbase'`
# - qt: `nix build '.#host-pkgs.moby-cross.libsForQt5.phonon'`
# most of these can be built in a nixpkgs source root like:
# - `nix build '.#pkgsCross.aarch64-multiplatform.xdg-utils'`
# - `nix build '.#pkgsCross.gnu64.xdg-utils'` # for x86_64-linux
#
# tracking issues, PRs:
# - libuv tests fail: <https://github.com/NixOS/nixpkgs/issues/190807>
# - last checked: 2023-02-07
# - opened: 2022-09-11
# - perl Module Build broken: <https://github.com/NixOS/nixpkgs/issues/66741>
# - last checked: 2023-02-07
# - opened: 2019-08
# - ModuleBuild needs access to `Scalar/Utils.pm`, which doesn't *seem* to exist in the cross builds
# - this can be fixed by adding `nativeBuildInputs = [ perl ]` to it
# - alternatively, there's some "stubbing" method mentioned in <pkgs/development/interpreters/perl/default.nix>
# - stubbing documented at bottom: <nixpkgs:doc/languages-frameworks/perl.section.md>
#
# - perl536Packages.Testutf8 fails to cross: <https://github.com/NixOS/nixpkgs/issues/198548>
# - last checked: 2023-02-07
# - opened: 2022-10
# - python310Packages.psycopg2: <https://github.com/NixOS/nixpkgs/issues/210265>
# - last checked: 2023-02-06
# - i have a potential fix:
# """
# i was able to just add `postgresql` to the `buildInputs` (so that it's in both `buildInputs` and `nativeBuildInputs`):
# it fixed the build for `pkgsCross.aarch64-multiplatform.python310Packages.psycopg2` but not for `armv7l-hf-multiplatform` that this issue description calls out.
#
# also i haven't deployed it yet to make sure this doesn't cause anything funky at runtime though.
# """
# TODO:
# - ??.llvmPackages_14.llvm: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITMultipleModuleTest.two_module_global_variables_case (43769 of 46988)"
# - nix log /nix/store/ib2yw6sajnhlmibxkrn7lj7chllbr85h-llvm-14.0.6.drv
# - wanted by clang-11-12-LLVMgold-path, compiler-rt-libc-12.0.1, clang-wrapper-12.0.1
# - ?..llvmPackages_12.llvm: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITTest.return_global (2857 of 42084)"
# - nix log /nix/store/6vydavlxh1gvs0vmrkcx9qp67g3h7kcz-llvm-12.0.1.drv
# - wanted by sequoia, rav1e, rustc-1.66.1
# - `host-pkgs.desko.stdenv` fails build:
# - #cross-compiling:nixos.org says pkgsCross.gnu64 IS KNOWN TO NOT COMPILE. let this go for now:
# - make a `<machine>` (don't specifiy local/targetSystem) and `<machine>-cross` target.
# - `desko-cross` will be broken but `desko` can work
# - see <nixpkgs:pkgs/stdenv/linux/default.nix>
# - disallowedRequisites = [ bootstrapTools.out ];
# """
# error: output '/nix/store/w2vgzyvs2jzf7yr6qqqrjbvrqxxmhwy0-stdenv-linux' is not allowed to refer to the following paths:
# /nix/store/2qbgchkjj1hqi1c8raznwml94pkm3k7q-libunistring-1.0
# /nix/store/4j425ybkjxcdj89352l5gpdl3nmxq4zn-libidn2-2.3.2
# /nix/store/c35hf8g5b9vksadym9dbjrd6p2y11m8h-glibc-2.35-224
# /nix/store/qbgfsaviwqi2p6jr7an1g2754sv3xqhn-gcc-11.3.0-lib
# """
# - rg doesn't reveal any such references in the output though...
# - nor references to bootstrapTools
# - HOWEVER, IT DOES CONTAIN A REFERENCE TO THE PREVIOUS STAGE'S BASH:
# - /nix/store/w2vgzyvs2jzf7yr6qqqrjbvrqxxmhwy0-stdenv-linux/setup
# - export SHELL=/nix/store/qqa28hmysc23yy081d178jfd9a1yk8aw-bash-5.2-p15/bin/bash
# - not clear if that matters? but maybe it reaches bootstrapTools transitively?
# - yeah: that bash specifies the above `glibc` as its loader
# - so we probably can't `inherit` the emulated bash like that.
# - try building `.#host-pkgs.desko.stdenv.shellPackage` or `.#host-pkgs.desko.stdenv.bootstrapTools`
# - `file result/bin/bash` does show that it uses the interpreter for the glibc, above
{ config, lib, pkgs, ... }:
let
mkCrossFrom = localSystem: pkgs: import pkgs.path {
inherit localSystem;
crossSystem = pkgs.stdenv.hostPlatform.system;
inherit (config.nixpkgs) config overlays;
};
# these are the overlays which we *also* pass through to the cross and emulated package sets.
# TODO: refactor to not specify same overlay in multiple places (here and flake.nix).
overlays = [
(import ./../../overlays/pkgs.nix)
(import ./../../overlays/pins.nix)
];
mkCrossFrom = localSystem: pkgs:
import pkgs.path {
inherit localSystem; # localSystem is equivalent to buildPlatform
crossSystem = pkgs.stdenv.hostPlatform.system;
inherit (config.nixpkgs) config;
inherit overlays;
};
mkEmulated = pkgs:
import pkgs.path {
# system = pkgs.stdenv.hostPlatform.system;
localSystem = pkgs.stdenv.hostPlatform.system;
inherit (config.nixpkgs) config;
inherit overlays;
};
in
{
# the configuration of which specific package set `pkgs.cross` refers to happens elsewhere;
# here we just define them all.
nixpkgs.overlays = [
(next: prev: {
# non-emulated packages build *from* local *for* target.
# for large packages like the linux kernel which are expensive to build under emulation,
# the config can explicitly pull such packages from `pkgs.cross` to do more efficient cross-compilation.
crossFrom."x86_64-linux" = mkCrossFrom "x86_64-linux" next;
crossFrom."aarch64-linux" = mkCrossFrom "aarch64-linux" next;
})
];
# options = {
# perlPackageOverrides = lib.mkOption {
# };
# };
config = {
# the configuration of which specific package set `pkgs.cross` refers to happens elsewhere;
# here we just define them all.
nixpkgs.config.perlPackageOverrides = pkgs: (with pkgs; with pkgs.perlPackages; {
# these are the upstream nixpkgs perl modules, but with `nativeBuildInputs = [ perl ]`
# to fix cross compilation errors
ModuleBuild = buildPerlPackage {
pname = "Module-Build";
version = "0.4231";
src = fetchurl {
url = "mirror://cpan/authors/id/L/LE/LEONT/Module-Build-0.4231.tar.gz";
hash = "sha256-fg9MaSwXQMGshOoU1+o9i8eYsvsmwJh3Ip4E9DCytxc=";
};
# support cross-compilation by removing unnecessary File::Temp version check
# postPatch = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''
# sed -i '/File::Temp/d' Build.PL
# '';
nativeBuildInputs = [ perl ];
meta = {
description = "Build and install Perl modules";
license = with lib.licenses; [ artistic1 gpl1Plus ];
mainProgram = "config_data";
};
};
FileBaseDir = buildPerlModule {
version = "0.08";
pname = "File-BaseDir";
src = fetchurl {
url = "mirror://cpan/authors/id/K/KI/KIMRYAN/File-BaseDir-0.08.tar.gz";
hash = "sha256-wGX80+LyKudpk3vMlxuR+AKU1QCfrBQL+6g799NTBeM=";
};
configurePhase = ''
runHook preConfigure
perl Build.PL PREFIX="$out" prefix="$out"
'';
nativeBuildInputs = [ perl ];
propagatedBuildInputs = [ IPCSystemSimple ];
buildInputs = [ FileWhich ];
meta = {
description = "Use the Freedesktop.org base directory specification";
license = with lib.licenses; [ artistic1 gpl1Plus ];
};
};
# fixes: "FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded."
Testutf8 = buildPerlPackage {
pname = "Test-utf8";
version = "1.02";
src = fetchurl {
url = "mirror://cpan/authors/id/M/MA/MARKF/Test-utf8-1.02.tar.gz";
hash = "sha256-34LwnFlAgwslpJ8cgWL6JNNx5gKIDt742aTUv9Zri9c=";
};
nativeBuildInputs = [ perl ];
meta = {
description = "Handy utf8 tests";
homepage = "https://github.com/2shortplanks/Test-utf8/tree";
license = with lib.licenses; [ artistic1 gpl1Plus ];
};
};
# inherit (pkgs.emulated.perl.pkgs)
# Testutf8
# ;
});
nixpkgs.overlays = [
(next: prev: {
# non-emulated packages build *from* local *for* target.
# for large packages like the linux kernel which are expensive to build under emulation,
# the config can explicitly pull such packages from `pkgs.cross` to do more efficient cross-compilation.
# crossFrom."x86_64-linux" = mkCrossFrom "x86_64-linux" prev;
# crossFrom."aarch64-linux" = mkCrossFrom "aarch64-linux" prev;
emulated = mkEmulated prev;
})
# (next: prev:
# let
# emulated = prev.emulated;
# in {
# # packages which don't "cross compile" from x86_64 -> x86_64
# inherit (emulated)
# # aws-crt-cpp # "/build/source/include/aws/crt/Optional.h:6:10: fatal error: utility: No such file or directory"
# # # bash # "configure: error: C compiler cannot create executables"
# # boehmgc # "gc_badalc.cc:29:10: fatal error: new: No such file or directory <new>"
# # c-ares # dns-proto.h:11:10: fatal error: memory: No such file or directory
# # db48 # "./db_cxx.h:59:10: fatal error: iostream.h: No such file or directory"
# # # kexec-tools # "configure: error: C compiler cannot create executables"
# # gmp6 # "configure: error: could not find a working compiler"
# # gtest # "/build/source/googletest/src/gtest_main.cc:30:10: fatal error: cstdio: No such file or directory"
# # icu72 # "../common/unicode/localpointer.h:45:10: fatal error: memory: No such file or directory"
# # # libidn2 # "configure: error: C compiler cannot create executables"
# # ncurses # "configure: error: C compiler cannot create executables"
# ;
# bash = prev.bash.overrideAttrs (orig: {
# # configure doesn't know how to build because it doesn't know where to find crt1.o.
# # some parts of nixpkgs specify the path to it explicitly:
# # - <nixpkgs:pkgs/development/libraries/gcc/libstdc++/5.nix>
# # - <nixpkgs:pkgs/build-support/cc-wrapper/add-flags.sh>
# # alternatively, the wrapper gcc (first item on PATH if we look at a failed bash's env-vars)
# # adds these flags automatically. so we can probably just tell `configure` to *not* use any special gcc other than the wrapper.
# # TESTING IN PROGRESS:
# # - N.B.: BUILDCC is a vlc-ism!
# # BUILDCC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc"; # has illegal requisites
# CC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc"; # XXX: tested in nixpkgs: FAILS WITH SAME SIGNATURE. env-vars doesn't show our CC though :-(
# # ^ env vars set here are making their way through, but something else (build script?) is overwriting it
# SANE_CC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc";
# # CC = "gcc" # bash configure.ac
# # CC_FOR_BUILD = "gcc" # bash configure.ac
# # BUILDCC = "gcc"; # VLC
# });
# }
# )
(nativeSelf: nativeSuper: {
pkgsi686Linux = nativeSuper.pkgsi686Linux.extend (i686Self: i686Super: {
# fixes eval-time error: "Unsupported cross architecture"
# it happens even on a x86_64 -> x86_64 build:
# - defining `config.nixpkgs.buildPlatform` to the non-default causes that setting to be inherited by pkgsi686.
# - hence, `pkgsi686` on a non-cross build is ordinarily *emulated*:
# defining a cross build causes it to also be cross (but to the right hostPlatform)
# this has no inputs other than stdenv, and fetchurl, so emulating it is fine.
tbb = nativeSuper.emulated.pkgsi686Linux.tbb;
# tbb = i686Super.tbb.overrideAttrs (orig: (with i686Self; {
# makeFlags = lib.optionals stdenv.cc.isClang [
# "compiler=clang"
# ] ++ (lib.optional (stdenv.buildPlatform != stdenv.hostPlatform)
# (if stdenv.hostPlatform.isAarch64 then "arch=arm64"
# else if stdenv.hostPlatform.isx86_64 then "arch=intel64"
# else throw "Unsupported cross architecture: ${stdenv.buildPlatform.system} -> ${stdenv.hostPlatform.system}"));
# }));
});
})
(next: prev:
let
emulated = prev.emulated;
# emulated = if prev.stdenv.buildPlatform.system == prev.stdenv.hostPlatform.system then
# prev
# else
# prev.emulated;
in {
# packages which don't cross compile
inherit (emulated)
# adwaita-qt # psqlodbc
apacheHttpd_2_4 # `configure: error: Size of "void *" is less than size of "long"`
appstream # meson.build:139:0: ERROR: Program 'gperf' not found or not executable
colord # (meson) ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH.
# duplicity # python3.10-s3transfer
flatpak # No package 'libxml-2.0' found
fwupd-efi # efi/meson.build:162:0: ERROR: Program or command 'gcc' not found or not executable
gmime3 # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
# gnome-tour
# XXX: gnustep members aren't individually overridable, because the "scope" uses `rec` such that members don't see overrides
gnustep # gnustep.base: "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings."
# grpc
gvfs # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
# hdf5 # configure: error: cannot run test program while cross compiling
# http2
ibus # configure.ac:152: error: possibly undefined macro: AM_PATH_GLIB_2_0
kitty # "FileNotFoundError: [Errno 2] No such file or directory: 'pkg-config'"
libchamplain # "failed to produce output path for output 'devdoc'"
libgccjit # "../../gcc-9.5.0/gcc/jit/jit-result.c:52:3: error: 'dlclose' was not declared in this scope"
libgweather # "Run-time dependency vapigen found: NO (tried pkgconfig)"
libjcat # data/tests/meson.build:10:0: ERROR: Program 'gnutls-certtool certtool' not found or not executable
# libsForQt5 # qtbase # make: g++: No such file or directory
libtiger # "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
notmuch # "Error: The dependencies of notmuch could not be satisfied" (xapian, gmime, glib, talloc)
# perlInterpreters # perl5.36.0-Module-Build perl5.36.0-Test-utf8 (see tracking issues ^)
phosh # libadwaita-1 not found
# qgnomeplatform
# qtbase
qt5 # qt5.qtx11extras fails, but we can't selectively emulate it
qt6 # "You need to set QT_HOST_PATH to cross compile Qt."
sequoia # "/nix/store/q8hg17w47f9xr014g36rdc2gi8fv02qc-clang-aarch64-unknown-linux-gnu-12.0.1-lib/lib/libclang.so.12: cannot open shared object file: No such file or directory"', /build/sequoia-0.27.0-vendor.tar.gz/bindgen/src/lib.rs:1975:31"
# splatmoji
squeekboard # meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file
twitter-color-emoji # /nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: pkg-config: command not found
# unar has multiple failures:
# - "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings. Please check for a more recent version or consider using --enable-nxconstantstring"
# - "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: ar: command not found"
unar
visidata # python3.10-psycopg2 python3.10-pandas python3.10-h5py
webp-pixbuf-loader # install phase: "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
# webkitgtk_4_1 # requires nativeBuildInputs = perl.pkgs.FileCopyRecursive => perl5.36.0-Test-utf8
# xdg-utils # perl5.36.0-File-BaseDir / perl5.36.0-Module-Build
;
# apacheHttpd_2_4 = prev.apacheHttpd_2_4.override {
# # fixes original error
# # new failure mode: "/nix/store/czvaa9y9ch56z53c0b0f5bsjlgh14ra6-apr-aarch64-unknown-linux-gnu-1.7.0-dev/share/build/libtool: line 1890: aarch64-unknown-linux-gnu-ar: command not found"
# inherit (emulated) stdenv;
# };
# mod_dnssd = prev.mod_dnssd.override {
# inherit (emulated) stdenv;
# };
apacheHttpdPackagesFor = apacheHttpd: self:
let
prevHttpdPkgs = prev.apacheHttpdPackagesFor apacheHttpd self;
in prevHttpdPkgs // {
# fixes "configure: error: *** Sorry, could not find apxs ***"
mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
inherit (emulated) stdenv;
};
};
# apacheHttpdPackagesFor = apacheHttpd: self:
# let
# prevHttpdPkgs = lib.fix (emulated.apacheHttpdPackagesFor apacheHttpd);
# in
# (prev.apacheHttpdPackagesFor apacheHttpd self) // {
# # inherit (prevHttpdPkgs) mod_dnssd;
# mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
# inherit (self) apacheHttpd;
# };
# };
# appstream = prev.appstream.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
# appstream = prev.appstream.overrideAttrs (orig: {
# # fixes "Program 'gperf' not found or not executable"
# # does not fix "ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH."
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gperf ];
# });
blueman = prev.blueman.overrideAttrs (orig: {
# configure: error: ifconfig or ip not found, install net-tools or iproute2
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.iproute2 ];
});
brltty = prev.brltty.override {
# configure: error: no acceptable C compiler found in $PATH
inherit (emulated) stdenv;
};
browserpass = prev.browserpass.override {
# fixes "qemu-aarch64: Could not open '/lib/ld-linux-aarch64.so.1': No such file or directory"
inherit (emulated) buildGoModule; # buildGoModule holds the stdenv
};
cantarell-fonts = prev.cantarell-fonts.override {
# fixes error where python3.10-skia-pathops dependency isn't available for the build platform
inherit (emulated) stdenv;
};
cdrtools = prev.cdrtools.override {
# "configure: error: installation or configuration problem: C compiler cc not found."
inherit (emulated) stdenv;
};
# colord = prev.colord.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
dante = prev.dante.override {
# fixes: "configure: error: error: getaddrinfo() error value count too low"
inherit (emulated) stdenv;
};
emacs = prev.emacs.override {
# fixes "configure: error: cannot run test program while cross compiling"
inherit (emulated) stdenv;
};
# flatpak = prev.flatpak.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
fuzzel = prev.fuzzel.override {
# meson.build:100:0: ERROR: Dependency lookup for wayland-scanner with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up.
inherit (emulated) stdenv;
};
# fwupd-efi = prev.fwupd-efi.override {
# # efi/meson.build:33:2: ERROR: Problem encountered: gnu-efi support requested, but headers were not found
# inherit (emulated) stdenv;
# };
fwupd = prev.fwupd.overrideAttrs (orig: {
# solves (meson) "Run-time dependency libgcab-1.0 found: NO (tried pkgconfig and cmake)", and others.
buildInputs = orig.buildInputs ++ [ next.gcab next.gnutls ];
mesonFlags = (lib.remove "-Ddocs=enabled" orig.mesonFlags) ++ [ "-Ddocs=disabled" ];
outputs = lib.remove "devdoc" orig.outputs;
});
# fwupd = prev.fwupd.override {
# # solves missing libgcab-1.0;
# # new error: "meson.build:449:4: ERROR: Command "/nix/store/n7xrj3pnrgcr8igx7lfhz8197y67bk7k-python3-aarch64-unknown-linux-gnu-3.10.9-env/bin/python3 po/test-deps" failed with status 1."
# inherit (emulated) stdenv;
# };
gcr_4 = prev.gcr_4.overrideAttrs (orig: {
# fixes (meson): "ERROR: Program 'gpg2 gpg' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gnupg next.openssh ];
});
gthumb = prev.gthumb.overrideAttrs (orig: {
# fixes (meson) "Program 'glib-mkenums mkenums' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
gmime = prev.gmime.overrideAttrs (orig: {
# "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
});
# gmime3 = prev.gmime3.overrideAttrs (orig: {
# # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
# # unsolved: "ImportError: /nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
# });
# gmime3 = prev.gmime3.override {
# # doesn't fix
# inherit (emulated) stdenv;
# };
gnome = prev.gnome.overrideScope' (self: super: {
inherit (emulated.gnome)
dconf-editor # "error: Package `dconf' not found in specified Vala API directories or GObject-Introspection GIR directories"
evolution-data-server # "The 'perl' not found, not installing csv2vcard"
gnome-shell # "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
gnome-settings-daemon # subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable
mutter # meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)
;
# dconf-editor = super.dconf-editor.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# dconf-editor = super.dconf-editor.overrideAttrs (orig: {
# # fails to fix original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.dconf ];
# });
evince = super.evince.overrideAttrs (orig: {
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
# inspired by gupnp
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = orig.mesonFlags ++ [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
# evolution-data-server = super.evolution-data-server.override {
# inherit (next) stdenv;
# };
# evolution-data-server = super.evolution-data-server.overrideAttrs (orig: {
# # fixes "The 'perl' not found, not installing csv2vcard"
# # doesn't fix "CMake Error: try_run() invoked in cross-compiling mode, please set the following cache variables appropriately"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
# });
file-roller = super.file-roller.override {
# fixes "src/meson.build:106:0: ERROR: Program 'glib-compile-resources' not found or not executable"
inherit (emulated) stdenv;
};
gnome-color-manager = super.gnome-color-manager.overrideAttrs (orig: {
# fixes: "src/meson.build:3:0: ERROR: Program 'glib-compile-resources' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
gnome-control-center = super.gnome-control-center.overrideAttrs (orig: {
# fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-control-center = super.gnome-control-center.override {
# inherit (next) stdenv;
# };
# gnome-keyring = super.gnome-keyring.override {
# # does not fix original error
# inherit (next) stdenv;
# };
gnome-keyring = super.gnome-keyring.overrideAttrs (orig: {
# fixes "configure.ac:374: error: possibly undefined macro: AM_PATH_LIBGCRYPT"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libgcrypt next.openssh next.glib ];
});
gnome-remote-desktop = super.gnome-remote-desktop.overrideAttrs (orig: {
# TODO: remove gnome-remote-desktop (wanted by gnome-control-center)
# fixes: "Program gdbus-codegen found: NO"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
# # fixes "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
# # does not fix "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory" (python import failure)
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gjs next.gobject-introspection ];
# # try to reduce gobject-introspection/shew dependencies
# mesonFlags = [
# "-Dextensions_app=false"
# "-Dextensions_tool=false"
# "-Dman=false"
# ];
# # fixes "gvc| Build-time dependency gobject-introspection-1.0 found: NO"
# # inspired by gupnp_1_6
# # outputs = [ "out" "dev" ]
# # ++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
# # mesonFlags = [
# # "-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
# # ];
# });
# gnome-shell = super.gnome-shell.override {
# inherit (next) stdenv;
# };
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
# # does not solve original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
# });
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
# # fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
# # new error: "plugins/power/meson.build:22:0: ERROR: Dependency lookup for glib-2.0 with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up."
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
# });
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
# # does not fix original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
# });
gnome-session = super.gnome-session.overrideAttrs (orig: {
# fixes: "gdbus-codegen not found or executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-terminal = super.gnome-terminal.override {
# # fixes: "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
gnome-terminal = super.gnome-terminal.overrideAttrs (orig: {
# fixes "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
buildInputs = orig.buildInputs ++ [ next.pcre2 ];
});
gnome-user-share = super.gnome-user-share.overrideAttrs (orig: {
# fixes: meson.build:111:6: ERROR: Program 'glib-compile-schemas' not found or not executable
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# mutter = super.mutter.override {
# # DOES NOT FIX: "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
# inherit (next) stdenv;
# };
# mutter = super.mutter.overrideAttrs (orig: {
# # fixes "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
# # new error: "/nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gobject-introspection next.wayland-scanner ];
# buildInputs = orig.buildInputs ++ [ next.mesa ];
# # disable docs building
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
# });
# mutter = super.mutter.overrideAttrs (orig: {
# # TODO: something seems to be propagating an *emulated* version of gobject-introspection into the build
# nativeBuildInputs =
# (lib.remove next.python3
# (lib.remove next.mesa orig.nativeBuildInputs)
# )
# ++ [
# next.gobject-introspection
# next.mesonEmulatorHook
# next.python3.pythonForBuild
# next.wayland-scanner
# ];
# buildInputs = (lib.remove next.gobject-introspection orig.buildInputs)
# ++ [ next.mesa ];
# # disable docs building
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
# });
# nautilus = super.nautilus.override {
# # fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
nautilus = super.nautilus.overrideAttrs (orig: {
# fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
buildInputs = orig.buildInputs ++ [ next.libxml2 ];
});
});
gocryptfs = prev.gocryptfs.override {
# fixes "error: hash mismatch in fixed-output derivation" (vendorSha256)
inherit (emulated) buildGoModule; # equivalent to stdenv
};
gupnp_1_6 = prev.gupnp_1_6.overrideAttrs (orig: {
# fixes "subprojects/gi-docgen/meson.build:10:0: ERROR: python3 not found"
# this patch is copied from the default gupnp.
# TODO: upstream
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
"-Dintrospection=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
gst_all_1 = prev.gst_all_1 // {
# gst-editing-services = prev.gst_all_1.gst-editing-services.override {
# # fixes "Run-time dependency gst-validate-1.0 found: NO"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgobject-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
# XXX this feels risky; it propagates a (conflicting) gst-plugins to all consumers
# gst-editing-services = emulated.gst_all_1.gst-editing-services;
gst-editing-services = prev.gst_all_1.gst-editing-services.overrideAttrs (orig: {
# fixes "Run-time dependency gst-validate-1.0 found: NO"
buildInputs = orig.buildInputs ++ [ next.gst_all_1.gst-devtools ];
mesonFlags = orig.mesonFlags ++ [
# disable "python formatters" to avoid undefined references to Py_Initialize, etc.
"-Dpython=disabled"
];
});
inherit (emulated.gst_all_1) gst-plugins-good;
# gst-plugins-good = prev.gst_all_1.gst-plugins-good.override {
# # when invoked with `qt5Support = true`, qtbase shows up in both buildInputs and nativeBuildInputs
# # if these aren't identical, then qt complains: "Error: detected mismatched Qt dependencies"
# # doesn't fix the original error.
# inherit (emulated) stdenv;
# # qt5Support = true;
# };
};
# gvfs = prev.gvfs.overrideAttrs (orig: {
# # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
# # nativeBuildInputs = orig.nativeBuildInputs ++ [ prev.libxml2 prev.mesonEmulatorHook ];
# # TODO: gvfs 1.50.2 -> 1.50.3 upgrade is upstreamed, and fixed cross compilation
# version = "1.50.3";
# src = next.fetchurl {
# url = "mirror://gnome/sources/gvfs/1.50/gvfs-1.50.3.tar.xz";
# sha256 = "aJcRnpe7FgKdJ3jhpaVKamWSYx+LLzoqHepO8rAYA/0=";
# };
# patches = [
# # Hardcode the ssh path again.
# # https://gitlab.gnome.org/GNOME/gvfs/-/issues/465
# (next.fetchpatch2 {
# url = "https://gitlab.gnome.org/GNOME/gvfs/-/commit/8327383e262e1e7f32750a8a2d3dd708195b0f53.patch";
# hash = "sha256-ReD7qkezGeiJHyo9jTqEQNBjECqGhV9nSD+dYYGZWJ8=";
# revert = true;
# })
# ];
# });
# gvfs = prev.gvfs.override {
# # solves original config-time problem
# # new failure: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/3n0n1s5gb34lkckkr8ix5b7s5hz4n48v-libxml2-2.10.3/lib/libxml2.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
hdf5 = prev.hdf5.override {
inherit (emulated) stdenv;
};
# ibus = prev.ibus.override {
# # "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# inherit (emulated) stdenv;
# };
iio-sensor-proxy = prev.iio-sensor-proxy.overrideAttrs (orig: {
# fixes "./autogen.sh: line 26: gtkdocize: not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk-doc ];
});
# kitty = prev.kitty.override {
# # does not solve original error
# inherit (emulated) stdenv;
# };
# libchamplain = prev.libchamplain.override {
# # fails: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format";
# inherit (emulated) stdenv;
# };
# libgweather = prev.libgweather.override {
# # solves original problem
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
libHX = prev.libHX.overrideAttrs (orig: {
# "Can't exec "libtoolize": No such file or directory at /nix/store/r4fvx9hazsm0rdm7s393zd5v665dsh1c-autoconf-2.71/share/autoconf/Autom4te/FileUtils.pm line 294."
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libtool ];
});
# libjcat = prev.libjcat.override {
# # fixes original error
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
librest = prev.librest.overrideAttrs (orig: {
# fixes "You must have gtk-doc >= 1.13 installed to build documentation"
# by removing the "--enable-gtk-doc" flag
configureFlags = [ "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" ];
});
librest_1_0 = prev.librest_1_0.overrideAttrs (orig: {
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
# inspired by gupnp
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = orig.mesonFlags ++ [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
libsForQt5 = prev.libsForQt5.overrideScope' (self: super: {
qgpgme = super.qgpgme.overrideAttrs (orig: {
# fix so it can find the MOC compiler
# it looks like it might not *need* to propagate qtbase, but so far unclear
nativeBuildInputs = orig.nativeBuildInputs ++ [ self.qtbase ];
propagatedBuildInputs = lib.remove self.qtbase orig.propagatedBuildInputs;
});
phonon = super.phonon.overrideAttrs (orig: {
# fixes "ECM (required version >= 5.60), Extra CMake Modules"
buildInputs = orig.buildInputs ++ [ next.extra-cmake-modules ];
});
});
# libtiger = prev.libtiger.override {
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
# inherit (emulated) stdenv;
# };
# libtiger = prev.libtiger.overrideAttrs (orig: {
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libkate next.cairo next.pango ];
# });
ncftp = prev.ncftp.override {
# fixes: "ar: No such file or directory"
inherit (emulated) stdenv;
};
networkmanager-fortisslvpn = prev.networkmanager-fortisslvpn.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# networkmanager-iodine = prev.networkmanager-iodine.overrideAttrs (orig: {
# # fails to fix "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext ];
# });
networkmanager-iodine = prev.networkmanager-iodine.override {
# fixes "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
inherit (emulated) stdenv;
};
networkmanager-l2tp = prev.networkmanager-l2tp.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
# fixes "gtk4-builder-tool: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk4 ];
});
networkmanager-openconnect = prev.networkmanager-openconnect.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-openvpn = prev.networkmanager-openvpn.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-sstp = prev.networkmanager-sstp.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-vpnc = prev.networkmanager-vpnc.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
nheko = prev.nheko.overrideAttrs (orig: {
# fixes "fatal error: lmdb++.h: No such file or directory
buildInputs = orig.buildInputs ++ [ next.lmdbxx ];
});
# notmuch = prev.notmuch.override {
# # fails to solve original error
# inherit (emulated) stdenv;
# };
obex_data_server = prev.obex_data_server.override {
# fixes "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 2: --prefix=ods_manager: command not found"
inherit (emulated) stdenv;
};
openfortivpn = prev.openfortivpn.override {
# fixes "checking for /proc/net/route... configure: error: cannot check for file existence when cross compiling"
inherit (emulated) stdenv;
};
ostree = prev.ostree.override {
# fixes "configure: error: Need GPGME_PTHREAD version 1.1.8 or later"
inherit (emulated) stdenv;
};
pam_mount = prev.pam_mount.overrideAttrs (orig: {
# fixes: "perl: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
});
phoc = prev.phoc.override {
# fixes "Program wayland-scanner found: NO"
inherit (emulated) stdenv;
};
# phosh = prev.phosh.override {
# # fixes original error.
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2bzd39fbsifidd667s7x930d0b7pm3qx-pango-1.50.12/lib/libpangocairo-1.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
phosh-mobile-settings = prev.phosh-mobile-settings.override {
# fixes "meson.build:26:0: ERROR: Dependency "phosh-plugins" not found, tried pkgconfig"
inherit (emulated) stdenv;
};
pipewire = prev.pipewire.overrideAttrs (orig: {
# fix `spa/plugins/bluez5/meson.build:41:0: ERROR: Program 'gdbus-codegen' not found or not executable`
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
psqlodbc = prev.psqlodbc.override {
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
inherit (emulated) stdenv;
};
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-next: py-prev: {
defcon = py-prev.defcon.overridePythonAttrs (orig: {
# TODO: diagnose and upstream
nativeBuildInputs = orig.nativeBuildInputs ++ orig.nativeCheckInputs;
});
executing = py-prev.executing.overridePythonAttrs (orig: {
# TODO: confirm & upstream
# test has an assertion that < 1s of CPU time elapsed => flakey
disabledTestPaths = orig.disabledTestPaths or [] ++ [
# "tests/test_main.py::TestStuff::test_many_source_for_filename_calls"
"tests/test_main.py"
];
});
# h5py = py-prev.h5py.overridePythonAttrs (orig: {
# # XXX: can't upstream until its dependency, hdf5, is fixed. that looks TRICKY.
# # - the `setup_configure.py` in h5py tries to dlopen (and call into) the hdf5 lib to query the version and detect features like MPI
# # - it could be patched with ~10 LoC in the HDF5LibWrapper class.
# #
# # expose numpy and hdf5 as available at build time
# nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs ++ orig.buildInputs;
# buildInputs = [];
# # HDF5_DIR = "${hdf5}";
# });
ipython = py-prev.ipython.overridePythonAttrs (orig: {
# fixes "FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded."
disabledTests = orig.disabledTests ++ [ "test_debug_magic_passes_through_generator" ];
});
mutatormath = py-prev.mutatormath.overridePythonAttrs (orig: {
# TODO: diagnose and upstream
nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.nativeCheckInputs;
});
pandas = py-prev.pandas.overridePythonAttrs (orig: {
# TODO: upstream
# XXX: we only actually need numpy when building in ~/nixpkgs repo: not sure why we need all the propagatedBuildInputs here.
# nativeBuildInputs = orig.nativeBuildInputs ++ [ py-next.numpy ];
nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs;
});
psycopg2 = py-prev.psycopg2.overridePythonAttrs (orig: {
# TODO: upstream (see tracking issue)
#
# psycopg2 *links* against libpg, so we need the host postgres available at build time!
# present-day nixpkgs only includes it in nativeBuildInputs
buildInputs = orig.buildInputs ++ [ next.postgresql ];
});
s3transfer = py-prev.s3transfer.overridePythonAttrs (orig: {
# tests explicitly expect host CPU == build CPU
# Bail out! ERROR:../plugins/core.c:221:qemu_plugin_vcpu_init_hook: assertion failed: (success)
# Bail out! ERROR:../accel/tcg/cpu-exec.c:954:cpu_exec: assertion failed: (cpu == current_cpu)
disabledTestPaths = orig.disabledTestPaths ++ [
# "tests/functional/test_processpool.py::TestProcessPoolDownloader::test_cleans_up_tempfile_on_failure"
"tests/functional/test_processpool.py"
# "tests/unit/test_compat.py::TestBaseManager::test_can_provide_signal_handler_initializers_to_start"
"tests/unit/test_compat.py"
];
});
# skia-pathops = ?
# it tries to call `cc` during the build, but can't find it.
})
];
# qt5 = prev.qt5.overrideScope' (self: super: {
# qtbase = super.qtbase.override {
# inherit (emulated) stdenv;
# };
# qtx11extras = super.qtx11extras.override {
# # "Project ERROR: Cannot run compiler 'g++'";
# # this fails an assert though, where the cross qt now references the emulated qt.
# inherit (emulated.qt5) qtModule;
# };
# });
# qt6 = prev.qt6.overrideScope' (self: super: {
# qtbase = super.qtbase.override {
# # fixes: "You need to set QT_HOST_PATH to cross compile Qt."
# inherit (emulated) stdenv;
# };
# });
rapidfuzz-cpp = prev.rapidfuzz-cpp.overrideAttrs (orig: {
# fixes "error: could not find git for clone of catch2-populate"
buildInputs = orig.buildInputs or [] ++ [ next.catch2_3 ];
});
re2 = (prev.re2.override {
# fixes: "FAILED: CMakeFiles/test.util"
inherit (emulated) stdenv;
}).overrideAttrs (orig: {
# exhaustive{,1,2}_test times out after 1500s.
# this is after exhaustive3_test takes 600s to pass.
doCheck = false;
});
rmlint = prev.rmlint.override {
# fixes "Checking whether the C compiler works... no"
inherit (emulated) stdenv;
};
# sequoia = prev.sequoia.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# squeekboard = prev.squeekboard.overrideAttrs (orig: {
# # fixes: "meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file"
# # new error: "meson.build:1:0: ERROR: Rust compiler rustc --target aarch64-unknown-linux-gnu -C linker=aarch64-unknown-linux-gnu-gcc can not compile programs."
# mesonFlags =
# let
# # ERROR: 'rust' compiler binary not defined in cross or native file
# crossFile = next.writeText "cross-file.conf" ''
# [binaries]
# rust = [ 'rustc', '--target', '${next.rust.toRustTargetSpec next.stdenv.hostPlatform}' ]
# '';
# in
# orig.mesonFlags or [] ++ lib.optionals (next.stdenv.hostPlatform != next.stdenv.buildPlatform) [ "--cross-file=${crossFile}" ];
# });
# squeekboard = prev.squeekboard.override {
# # new error: "gcc: error: unrecognized command line option '-m64'"
# inherit (emulated) stdenv;
# };
sysprof = prev.sysprof.overrideAttrs (orig: {
# fixes: "src/meson.build:12:2: ERROR: Program 'gdbus-codegen' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
tpm2-abrmd = prev.tpm2-abrmd.overrideAttrs (orig: {
# fixes "configure: error: *** gdbus-codegen is required to build tpm2-abrmd; No package 'gio-unix-2.0' found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
tracker-miners = prev.tracker-miners.override {
# fixes "meson.build:183:0: ERROR: Can not run test applications in this cross environment."
inherit (emulated) stdenv;
};
# twitter-color-emoji = prev.twitter-color-emoji.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# unar = (prev.unar.override {
# # fixes "ar: command not found"
# # new error: "gcc: error: unrecognized command line option '-fobjc-runtime=gnustep-2.0'"
# inherit (emulated) stdenv;
# });
unixODBCDrivers = prev.unixODBCDrivers // {
# TODO: should this package be deduped with toplevel psqlodbc in upstream nixpkgs?
psql = prev.unixODBCDrivers.psql.override {
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
inherit (emulated) stdenv;
};
# psql = prev.unixODBCDrivers.psql.overrideAttrs (orig: {
# # fixes "configure: error: odbc_config not found (required for unixODBC build)"
# # new error: "/nix/store/h3ms3h95rbj5p8yhxfhbsbnxgvpnb8w0-aarch64-unknown-linux-gnu-binutils-2.39/bin/aarch64-unknown-linux-gnu-ld: /nix/store/6h6z98qvg5k8rsqpivi42r5008zjfp2v-unixODBC-2.3.11/lib/libodbcinst.so: error adding symbols: file in wrong format"
# nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.buildInputs;
# });
};
vlc = prev.vlc.overrideAttrs (orig: {
# fixes: "configure: error: could not find the LUA byte compiler"
# fixes: "configure: error: protoc compiler needed for chromecast was not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.lua5 next.protobuf ];
# fix that it can't find the c compiler
# makeFlags = orig.makeFlags or [] ++ [ "CC=${prev.stdenv.cc.targetPrefix}cc" ];
BUILDCC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc";
});
vpnc = prev.vpnc.overrideAttrs (orig: {
# fixes "perl: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
});
xdg-desktop-portal-gtk = prev.xdg-desktop-portal-gtk.overrideAttrs (orig: {
# fixes "No package 'xdg-desktop-portal' found"
buildInputs = orig.buildInputs ++ [ next.xdg-desktop-portal ];
});
xdg-desktop-portal-gnome = prev.xdg-desktop-portal-gnome.overrideAttrs (orig: {
# fixes: "data/meson.build:33:5: ERROR: Program 'msgfmt' not found or not executable"
# fixes: "src/meson.build:25:0: ERROR: Program 'gdbus-codegen' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext next.glib ];
});
# webp-pixbuf-loader = prev.webp-pixbuf-loader.override {
# # fixes "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2syg6jxk8zi1zkpqvkxkz87x8sl27c6b-gdk-pixbuf-2.42.10/lib/libgdk_pixbuf-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
})
];
};
}

View File

@@ -10,6 +10,8 @@
./ids.nix
./machine-id.nix
./net.nix
./persist.nix
./programs.nix
./secrets.nix
./ssh.nix
./users.nix
@@ -17,17 +19,8 @@
];
sane.nixcache.enable-trusted-keys = true;
sane.packages.enableConsolePkgs = true;
sane.packages.enableSystemPkgs = true;
sane.persist.sys.plaintext = [
"/var/log"
"/var/backup" # for e.g. postgres dumps
# TODO: move elsewhere
"/var/lib/alsa" # preserve output levels, default devices
"/var/lib/colord" # preserve color calibrations (?)
"/var/lib/machines" # maybe not needed, but would be painful to add a VM and forget.
];
sane.programs.sysadminUtils.enableFor.system = true;
sane.programs.consoleUtils.enableFor.user.colin = true;
# some services which use private directories error if the parent (/var/lib/private) isn't 700.
sane.fs."/var/lib/private".dir.acl.mode = "0700";

View File

@@ -7,5 +7,5 @@
sopsFile = ../../../secrets/universal/aerc_accounts.conf;
format = "binary";
};
sane.fs."/home/colin/.config/aerc/accounts.conf" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.aerc_accounts.path;
sane.user.fs.".config/aerc/accounts.conf" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.aerc_accounts.path;
}

View File

@@ -125,11 +125,11 @@ in
# `wget ...xpi`; `unar ...xpi`; `cat */manifest.json | jq '.browser_specific_settings.gecko.id'`
# browserpass-ce.package = addon "browserpass-ce" "browserpass@maximbaz.com" "sha256-sXgUBbRvMnRpeIW1MTkmTcoqtW/8RDXAkxAq1evFkpc=";
browserpass-extension.package = localAddon pkgs.browserpass-extension;
bypass-paywalls-clean.package = addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-JOj5P7c2JTTReHCRZXm4BscaGr3i+9Y4Ey/y621x8PI=";
bypass-paywalls-clean.package = addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-oUwdqdAwV3DezaTtOMx7A/s4lzIws+t2f08mwk+325k=";
ether-metamask.package = addon "ether-metamask" "webextension@metamask.io" "sha256-G+MwJDOcsaxYSUXjahHJmkWnjLeQ0Wven8DU/lGeMzA=";
i2p-in-private-browsing.package = addon "i2p-in-private-browsing" "i2ppb@eyedeekay.github.io" "sha256-dJcJ3jxeAeAkRvhODeIVrCflvX+S4E0wT/PyYzQBQWs=";
sidebery.package = addon "sidebery" "{3c078156-979c-498b-8990-85f7987dd929}" "sha256-YONfK/rIjlsrTgRHIt3km07Q7KnpIW89Z9r92ZSCc6w=";
sponsorblock.package = addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-d2K3ufvurWnYVzqLbyR//MgejybkY9exitAf9RdLNRo=";
sponsorblock.package = addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-hRsvLaAsVm3dALsTrJqHTNgRFAQcU7XSaGhr5G6+mFs=";
ublacklist.package = addon "ublacklist" "@ublacklist" "sha256-RqY5iHzbL2qizth7aguyOKWPyINXmrwOlf/OsfqAS48=";
ublock-origin.package = addon "ublock-origin" "uBlock0@raymondhill.net" "sha256-a/ivUmY1P6teq9x0dt4CbgHt+3kBsEMMXlOfZ5Hx7cg=";
@@ -146,6 +146,11 @@ in
};
config = {
sane.programs.web-browser = {
inherit package;
# TODO: define the persistence & fs config here
};
sane.programs.guiApps.suggestedPrograms = [ "web-browser" ];
# uBlock filter list configuration.
# specifically, enable the GDPR cookie prompt blocker.
@@ -155,7 +160,7 @@ in
# the specific attribute path is found via scraping ublock code here:
# - <https://github.com/gorhill/uBlock/blob/master/src/js/storage.js>
# - <https://github.com/gorhill/uBlock/blob/master/assets/assets.json>
sane.fs."/home/colin/${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
sane.user.fs."${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
{
"name": "uBlock0@raymondhill.net",
"description": "ignored",
@@ -165,26 +170,24 @@ in
}
}
'';
sane.fs."/home/colin/${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
sane.user.fs."${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
// if we can't query the revocation status of a SSL cert because the issuer is offline,
// treat it as unrevoked.
// see: <https://librewolf.net/docs/faq/#im-getting-sec_error_ocsp_server_error-what-can-i-do>
defaultPref("security.OCSP.require", false);
'';
sane.packages.extraGuiPkgs = [ package ];
# flush the cache to disk to avoid it taking up too much tmp
sane.persist.home.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) {
sane.user.persist.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) {
store = cfg.persistCache;
};
sane.persist.home.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) {
sane.user.persist.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) {
store = cfg.persistData;
};
sane.fs."/home/colin/${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir;
sane.user.fs."${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir;
# instruct Firefox to put the profile in a predictable directory (so we can do things like persist just it).
# XXX: the directory *must* exist, even if empty; Firefox will not create the directory itself.
sane.fs."/home/colin/${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText ''
sane.user.fs."${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText ''
[Profile0]
Name=default
IsRelative=1

View File

@@ -6,7 +6,7 @@ let
all-feeds = config.sane.feeds;
wanted-feeds = feeds.filterByFormat ["text" "image"] all-feeds;
in {
sane.fs."/home/colin/.config/org.gabmus.gfeeds.json" = sane-lib.fs.wantedText (
sane.user.fs.".config/org.gabmus.gfeeds.json" = sane-lib.fs.wantedText (
builtins.toJSON {
# feed format is a map from URL to a dict,
# with dict["tags"] a list of string tags.

View File

@@ -4,7 +4,7 @@ let
mkCfg = lib.generators.toINI { };
in
{
sane.fs."/home/colin/.config/git/config" = sane-lib.fs.wantedText (mkCfg {
sane.user.fs.".config/git/config" = sane-lib.fs.wantedText (mkCfg {
user.name = "Colin";
user.email = "colin@uninsane.org";
alias.co = "checkout";

View File

@@ -6,7 +6,7 @@ let
all-feeds = config.sane.feeds;
wanted-feeds = feeds.filterByFormat ["podcast"] all-feeds;
in {
sane.fs."/home/colin/.config/gpodderFeeds.opml" = sane-lib.fs.wantedText (
sane.user.fs.".config/gpodderFeeds.opml" = sane-lib.fs.wantedText (
feeds.feedsToOpml wanted-feeds
);
}

View File

@@ -1,10 +1,11 @@
{ config, sane-lib, ... }:
{
sane.persist.home.private = [ ".local/share/keyrings" ];
sane.user.persist.private = [ ".local/share/keyrings" ];
sane.fs."/home/colin/private/.local/share/keyrings/default" = {
sane.user.fs."private/.local/share/keyrings/default" = {
generated.script.script = builtins.readFile ../../../scripts/init-keyring;
# TODO: is this `wantedBy` needed? can we inherit it?
wantedBy = [ config.sane.fs."/home/colin/private".unit ];
};
}

View File

@@ -1,7 +1,7 @@
{ pkgs, sane-lib, ... }:
{
sane.fs."/home/colin/.config/kitty/kitty.conf" = sane-lib.fs.wantedText ''
sane.user.fs.".config/kitty/kitty.conf" = sane-lib.fs.wantedText ''
# docs: https://sw.kovidgoyal.net/kitty/conf/
# disable terminal bell (when e.g. you backspace too many times)
enable_audio_bell no

View File

@@ -2,7 +2,7 @@
{
# libreoffice: disable first-run stuff
sane.fs."/home/colin/.config/libreoffice/4/user/registrymodifications.xcu" = sane-lib.fs.wantedText ''
sane.user.fs.".config/libreoffice/4/user/registrymodifications.xcu" = sane-lib.fs.wantedText ''
<?xml version="1.0" encoding="UTF-8"?>
<oor:items xmlns:oor="http://openoffice.org/2001/registry" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<item oor:path="/org.openoffice.Office.Common/Misc"><prop oor:name="FirstRun" oor:op="fuse"><value>false</value></prop></item>

View File

@@ -2,7 +2,7 @@
{
# format is <key>=%<length>%<value>
sane.fs."/home/colin/.config/mpv/mpv.conf" = sane-lib.fs.wantedText ''
sane.user.fs.".config/mpv/mpv.conf" = sane-lib.fs.wantedText ''
save-position-on-quit=%3%yes
keep-open=%3%yes
'';

View File

@@ -72,7 +72,7 @@ let
in
{
# private because there could be sensitive things in the swap
sane.persist.home.private = [ ".cache/vim-swap" ];
sane.user.persist.private = [ ".cache/vim-swap" ];
programs.neovim = {
# neovim: https://github.com/neovim/neovim

View File

@@ -6,7 +6,7 @@ let
all-feeds = config.sane.feeds;
wanted-feeds = feeds.filterByFormat ["text" "image"] all-feeds;
in {
sane.fs."/home/colin/.config/newsflashFeeds.opml" = sane-lib.fs.wantedText (
sane.user.fs.".config/newsflashFeeds.opml" = sane-lib.fs.wantedText (
feeds.feedsToOpml wanted-feeds
);
}

View File

@@ -4,9 +4,9 @@
{ pkgs, sane-lib, ... }:
{
sane.persist.home.plaintext = [ ".local/state/splatmoji" ];
sane.fs."/home/colin/.config/splatmoji/splatmoji.config" = sane-lib.fs.wantedText ''
history_file=/home/colin/.local/state/splatmoji/history
sane.user.persist.plaintext = [ ".local/state/splatmoji" ];
sane.user.fs.".config/splatmoji/splatmoji.config" = sane-lib.fs.wantedText ''
history_file=~/.local/state/splatmoji/history
history_length=5
# TODO: wayland equiv
paste_command=xdotool key ctrl+v

View File

@@ -12,9 +12,9 @@ let
in
{
# ssh key is stored in private storage
sane.persist.home.private = [ ".ssh/id_ed25519" ];
sane.fs."/home/colin/.ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
sane.fs."/home/colin/.ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;
sane.user.persist.private = [ ".ssh/id_ed25519" ];
sane.user.fs.".ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
sane.user.fs.".ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;
users.users.colin.openssh.authorizedKeys.keys =
let

View File

@@ -7,5 +7,5 @@
sopsFile = ../../../secrets/universal/sublime_music_config.json.bin;
format = "binary";
};
sane.fs."/home/colin/.config/sublime-music/config.json" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.sublime_music_config.path;
sane.user.fs.".config/sublime-music/config.json" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.sublime_music_config.path;
}

View File

@@ -9,7 +9,7 @@ let
);
in
{
sane.fs."/home/colin/.config/vlc/vlcrc" = sane-lib.fs.wantedText ''
sane.user.fs.".config/vlc/vlcrc" = sane-lib.fs.wantedText ''
[podcast]
podcast-urls=${podcast-urls}
[core]

View File

@@ -3,7 +3,7 @@
{
# XDG defines things like ~/Desktop, ~/Downloads, etc.
# these clutter the home, so i mostly don't use them.
sane.fs."/home/colin/.config/user-dirs.dirs" = sane-lib.fs.wantedText ''
sane.user.fs.".config/user-dirs.dirs" = sane-lib.fs.wantedText ''
XDG_DESKTOP_DIR="$HOME/.xdg/Desktop"
XDG_DOCUMENTS_DIR="$HOME/dev"
XDG_DOWNLOAD_DIR="$HOME/tmp"
@@ -16,5 +16,5 @@
# prevent `xdg-user-dirs-update` from overriding/updating our config
# see <https://manpages.ubuntu.com/manpages/bionic/man5/user-dirs.conf.5.html>
sane.fs."/home/colin/.config/user-dirs.conf" = sane-lib.fs.wantedText "enabled=False";
sane.user.fs.".config/user-dirs.conf" = sane-lib.fs.wantedText "enabled=False";
}

View File

@@ -26,7 +26,7 @@ let
'';
in
{
sane.persist.home.plaintext = [
sane.user.persist.plaintext = [
# we don't need to full zsh dir -- just the history file --
# but zsh will sometimes backup the history file and we get fewer errors if we do proper mounts instead of symlinks.
# TODO: should be private?
@@ -36,7 +36,7 @@ in
];
# zsh/prezto complains if zshrc doesn't exist; but it does allow an "empty" file.
sane.fs."/home/colin/.config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
sane.user.fs.".config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
# enable zsh completions
environment.pathsToLink = [ "/share/zsh" ];
@@ -107,7 +107,7 @@ in
# prezto = oh-my-zsh fork; controls prompt, auto-completion, etc.
# see: https://github.com/sorin-ionescu/prezto
# i believe this file is auto-sourced by the prezto init.zsh script.
sane.fs."/home/colin/.config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
sane.user.fs.".config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
zstyle ':prezto:*:*' color 'yes'
# modules (they ship with prezto):

18
hosts/common/persist.nix Normal file
View File

@@ -0,0 +1,18 @@
{ ... }:
{
sane.persist.stores.private.origin = "/home/colin/private";
# store /home/colin/a/b in /home/private/a/b instead of /home/private/home/colin/a/b
sane.persist.stores.private.prefix = "/home/colin";
sane.persist.sys.plaintext = [
"/var/log"
"/var/backup" # for e.g. postgres dumps
# TODO: move elsewhere
"/var/lib/alsa" # preserve output levels, default devices
"/var/lib/colord" # preserve color calibrations (?)
"/var/lib/machines" # maybe not needed, but would be painful to add a VM and forget.
"/var/lib/systemd/backlight" # backlight brightness
"/var/lib/systemd/coredump"
];
}

340
hosts/common/programs.nix Normal file
View File

@@ -0,0 +1,340 @@
{ lib, pkgs, ... }:
let
inherit (builtins) attrNames concatLists;
inherit (lib) mapAttrs mapAttrsToList mkDefault mkMerge optional;
flattenedPkgs = pkgs // (with pkgs; {
# XXX can't `inherit` a nested attr, so we move them to the toplevel
"cacert.unbundled" = pkgs.cacert.unbundled;
"gnome.cheese" = gnome.cheese;
"gnome.dconf-editor" = gnome.dconf-editor;
"gnome.file-roller" = gnome.file-roller;
"gnome.gnome-disk-utility" = gnome.gnome-disk-utility;
"gnome.gnome-maps" = gnome.gnome-maps;
"gnome.nautilus" = gnome.nautilus;
"gnome.gnome-system-monitor" = gnome.gnome-system-monitor;
"gnome.gnome-terminal" = gnome.gnome-terminal;
"gnome.gnome-weather" = gnome.gnome-weather;
"libsForQt5.plasmatube" = libsForQt5.plasmatube;
});
sysadminPkgs = {
inherit (flattenedPkgs)
btrfs-progs
"cacert.unbundled" # some services require unbundled /etc/ssl/certs
cryptsetup
dig
efibootmgr
fatresize
fd
file
gawk
git
gptfdisk
hdparm
htop
iftop
inetutils # for telnet
iotop
iptables
jq
killall
lsof
nano
netcat
nethogs
nmap
openssl
parted
pciutils
powertop
pstree
ripgrep
screen
smartmontools
socat
strace
tcpdump
tree
usbutils
wget
;
};
# TODO: split these into smaller groups.
# - iphone utils (libimobiledevice, ifuse) only wanted on desko, maybe lappy
# - transcoders (ffmpeg, imagemagick) only wanted on desko/lappy
consolePkgs = {
inherit (pkgs)
aerc # email client
# backblaze-b2 # TODO: put into the same package set as duplicity
cdrtools
dmidecode
# duplicity # TODO: enable as part of some smaller package set
efivar
flashrom
fwupd
ghostscript # TODO: imagemagick wrapper should add gs to PATH
gnupg
gocryptfs
gopass
gopass-jsonapi
ifuse
imagemagick
ipfs
kitty # TODO: move to GUI, but `ssh servo` from kitty sets `TERM=xterm-kitty` in the remove and breaks things
libimobiledevice
libsecret # for managing user keyrings
lm_sensors # for sensors-detect
lshw
ffmpeg
memtester
networkmanager
nixpkgs-review
# nixos-generators
# nettools
nmon
oathToolkit # for oathtool
# ponymix
pulsemixer
python3
rsync
# python3Packages.eyeD3 # music tagging
sane-scripts
sequoia
snapper
sops
sox
speedtest-cli
sqlite # to debug sqlite3 databases
ssh-to-age
sudo
# tageditor # music tagging
unar
visidata
w3m
wireguard-tools
xdg-utils # for xdg-open
# youtube-dl
yt-dlp
;
};
guiPkgs = {
inherit (flattenedPkgs)
celluloid # mpv frontend
clinfo
emote
evince # works on phosh
# { pkg = fluffychat-moby; dir = [ ".local/share/chat.fluffy.fluffychat" ]; } # TODO: ship normal fluffychat on non-moby?
# foliate # e-book reader
# XXX by default fractal stores its state in ~/.local/share/<UUID>.
# after logging in, manually change ~/.local/share/keyrings/... to point it to some predictable subdir.
# then reboot (so that libsecret daemon re-loads the keyring...?)
# { pkg = fractal-latest; private = [ ".local/share/fractal" ]; }
# { pkg = fractal-next; private = [ ".local/share/fractal" ]; }
# "gnome.cheese"
"gnome.dconf-editor"
gnome-feeds # RSS reader (with claimed mobile support)
"gnome.file-roller"
# "gnome.gnome-maps" # works on phosh
"gnome.nautilus"
# gnome-podcasts
"gnome.gnome-system-monitor"
"gnome.gnome-terminal" # works on phosh
"gnome.gnome-weather"
gpodder-configured
gthumb
# lollypop
mpv
networkmanagerapplet
# newsflash
nheko
pavucontrol
# picard # music tagging
playerctl
# "libsForQt5.plasmatube" # Youtube player
soundconverter
# sublime music persists any downloaded albums here.
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
# possible to pass config as a CLI arg (sublime-music -c config.json)
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
sublime-music-mobile
# tdesktop # broken on phosh
# tokodon
vlc
# pleroma client (Electron). input is broken on phosh. TODO(2023/02/02): fix electron19 input (insecure)
# whalebird
xterm # broken on phosh
;
};
desktopGuiPkgs = {
inherit (flattenedPkgs)
audacity
chromium
dino
electrum
element-desktop
font-manager
gajim # XMPP client
gimp # broken on phosh
"gnome.gnome-disk-utility"
inkscape
kdenlive
kid3 # audio tagging
krita
libreoffice-fresh # XXX colin: maybe don't want this on mobile
obsidian
;
};
x86GuiPkgs = {
inherit (pkgs)
discord
# kaiteki # Pleroma client
# gnome.zenity # for kaiteki (it will use qarma, kdialog, or zenity)
# gpt2tc # XXX: unreliable mirror
# TODO(unpin): handbrake is broken on aarch64-linux 2023/01/29
handbrake
logseq
losslesscut-bin
makemkv
monero-gui
signal-desktop
spotify
tor-browser-bundle-bin
zecwallet-lite
;
};
# define -- but don't enable -- the packages in some attrset.
# use `mkDefault` for the package here so we can customize some of them further down this file
declarePkgs = pkgsAsAttrs: mapAttrs (_n: p: {
package = mkDefault p;
}) pkgsAsAttrs;
in
{
config = {
sane.programs = mkMerge [
(declarePkgs sysadminPkgs)
(declarePkgs consolePkgs)
(declarePkgs guiPkgs)
(declarePkgs desktopGuiPkgs)
(declarePkgs x86GuiPkgs)
{
# link the various package sets into their own meta packages
sysadminUtils = {
package = null;
suggestedPrograms = attrNames sysadminPkgs;
};
consoleUtils = {
package = null;
suggestedPrograms = attrNames consolePkgs;
};
guiApps = {
package = null;
suggestedPrograms = (attrNames guiPkgs)
++ optional (pkgs.system == "x86_64-linux") "x86GuiApps";
};
desktopGuiApps = {
package = null;
suggestedPrograms = attrNames desktopGuiPkgs;
};
x86GuiApps = {
package = null;
suggestedPrograms = attrNames x86GuiPkgs;
};
}
{
# nontrivial package definitions
imagemagick.package = pkgs.imagemagick.override {
ghostscriptSupport = true;
};
dino.private = [ ".local/share/dino" ];
# creds, but also 200 MB of node modules, etc
discord = {
package = pkgs.discord.override {
# XXX 2022-07-31: fix to allow links to open in default web-browser:
# https://github.com/NixOS/nixpkgs/issues/78961
nss = pkgs.nss_latest;
};
private = [ ".config/discord" ];
};
# creds/session keys, etc
element-desktop.private = [ ".config/Element" ];
# `emote` will show a first-run dialog based on what's in this directory.
# mostly, it just keeps a LRU of previously-used emotes to optimize display order.
# TODO: package [smile](https://github.com/mijorus/smile) for probably a better mobile experience.
emote.dir = [ ".local/share/Emote" ];
# XXX: we preserve the whole thing because if we only preserve gPodder/Downloads
# then startup is SLOW during feed import, and we might end up with zombie eps in the dl dir.
gpodder-configured.dir = [ "gPodder" ];
# actual monero blockchain (not wallet/etc; safe to delete, just slow to regenerate)
# XXX: is it really safe to persist this? it doesn't have info that could de-anonymize if captured?
monero-gui.dir = [ ".bitmonero" ];
mpv.dir = [ ".config/mpv/watch_later" ];
# not strictly necessary, but allows caching articles; offline use, etc.
newsflash.dir = [ ".local/share/news-flash" ];
nheko.private = [
".config/nheko" # config file (including client token)
".cache/nheko" # media cache
".local/share/nheko" # per-account state database
];
# settings (electron app)
obsidian.dir = [ ".config/obsidian" ];
# creds, media
signal-desktop.private = [ ".config/Signal" ];
# creds, widevine .so download. TODO: could easily manage these statically.
spotify.dir = [ ".config/spotify" ];
# sublime music persists any downloaded albums here.
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
# possible to pass config as a CLI arg (sublime-music -c config.json)
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
sublime-music-mobile.dir = [ ".local/share/sublime-music" ];
tdesktop.private = [ ".local/share/TelegramDesktop" ];
tokodon.private = [ ".cache/KDE/tokodon" ];
# hardenedMalloc solves a crash at startup
# TODO 2023/02/02: is this safe to remove yet?
tor-browser-bundle-bin.package = pkgs.tor-browser-bundle-bin.override {
useHardenedMalloc = false;
};
# vlc remembers play position in ~/.config/vlc/vlc-qt-interface.conf
vlc.dir = [ ".config/vlc" ];
whalebird.private = [ ".config/Whalebird" ];
# zcash coins. safe to delete, just slow to regenerate (10-60 minutes)
zecwallet-lite.private = [ ".zcash" ];
}
];
# XXX: this might not be necessary. try removing this and cacert.unbundled (servo)?
environment.etc."ssl/certs".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/*";
};
}

View File

@@ -3,12 +3,12 @@
# installer docs: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix
with lib;
let
cfg = config.sane.users;
cfg = config.sane.guest;
fs = sane-lib.fs;
in
{
options = {
sane.users.guest.enable = mkOption {
sane.guest.enable = mkOption {
default = false;
type = types.bool;
};
@@ -49,8 +49,6 @@ in
shell = pkgs.zsh;
packages = builtins.map (p: p.pkg) config.sane.packages.enabledUserPkgs;
# mount encrypted stuff at login
# some other nix pam users:
# - <https://github.com/g00pix/nixconf/blob/32c04f6fa843fed97639dd3f09e157668d3eea1f/profiles/sshfs.nix>
@@ -68,6 +66,7 @@ in
security.pam.mount.enable = true;
sane.users.colin.default = true;
# ensure ~ perms are known to sane.fs module.
# TODO: this is generic enough to be lifted up into sane.fs itself.
sane.fs."/home/colin".dir.acl = {
@@ -76,7 +75,7 @@ in
mode = config.users.users.colin.homeMode;
};
sane.persist.home.plaintext = [
sane.user.persist.plaintext = [
"archive"
"dev"
# TODO: records should be private
@@ -90,25 +89,26 @@ in
".cache/nix"
".cache/nix-index"
".cargo"
".rustup"
# ".cargo"
# ".rustup"
];
# convenience
sane.fs."/home/colin/knowledge" = fs.wantedSymlinkTo "/home/colin/private/knowledge";
sane.fs."/home/colin/nixos" = fs.wantedSymlinkTo "/home/colin/dev/nixos";
sane.fs."/home/colin/Videos/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Videos";
sane.fs."/home/colin/Videos/servo-incomplete" = fs.wantedSymlinkTo "/mnt/servo-media/incomplete";
sane.fs."/home/colin/Music/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Music";
sane.user.fs."knowledge" = fs.wantedSymlinkTo "private/knowledge";
sane.user.fs."nixos" = fs.wantedSymlinkTo "dev/nixos";
sane.user.fs."Videos/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Videos";
sane.user.fs."Videos/servo-incomplete" = fs.wantedSymlinkTo "/mnt/servo-media/incomplete";
sane.user.fs."Music/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Music";
# used by password managers, e.g. unix `pass`
sane.fs."/home/colin/.password-store" = fs.wantedSymlinkTo "/home/colin/knowledge/secrets/accounts";
sane.user.fs.".password-store" = fs.wantedSymlinkTo "knowledge/secrets/accounts";
sane.persist.sys.plaintext = mkIf cfg.guest.enable [
sane.persist.sys.plaintext = mkIf cfg.enable [
# intentionally allow other users to write to the guest folder
{ directory = "/home/guest"; user = "guest"; group = "users"; mode = "0775"; }
];
users.users.guest = mkIf cfg.guest.enable {
users.users.guest = mkIf cfg.enable {
isNormalUser = true;
home = "/home/guest";
subUidRanges = [

View File

@@ -15,13 +15,13 @@
networking.hostName = hostName;
nixpkgs.overlays = [
(next: prev: {
# for local != target we by default just emulate the target while building.
# provide a `pkgs.cross.<pkg>` alias that consumers can use instead of `pkgs.<foo>`
# to explicitly opt into non-emulated cross compilation for any specific package.
# this is most beneficial for large packages with few pre-requisites -- like Linux.
cross = next.crossFrom."${localSystem}";
})
];
# nixpkgs.overlays = [
# (next: prev: {
# # for local != target we by default just emulate the target while building.
# # provide a `pkgs.cross.<pkg>` alias that consumers can use instead of `pkgs.<foo>`
# # to explicitly opt into non-emulated cross compilation for any specific package.
# # this is most beneficial for large packages with few pre-requisites -- like Linux.
# cross = prev.crossFrom."${localSystem}";
# })
# ];
}

View File

@@ -7,7 +7,9 @@
./hardware
./hostnames.nix
./hosts.nix
./nixcache.nix
./roles
./services
./wg-home.nix
];
}

View File

@@ -12,24 +12,4 @@ in
./plasma-mobile.nix
./sway.nix
];
options = {
sane.gui.enable = mkOption {
default = false;
type = types.bool;
description = ''
enables config used by any GUI, like display management or select packages.
the user should prefer to interact with specific GUIs like `sane.gui.sway`
and let those modules auto-set this flag when necessary.
'';
};
};
config = mkIf cfg.enable {
sane.packages.enableGuiPkgs = mkDefault true;
# preserve backlight brightness across power cycles
# see `man systemd-backlight`
sane.persist.sys.plaintext = [ "/var/lib/systemd/backlight" ];
};
}

View File

@@ -13,7 +13,7 @@ in
};
config = mkIf cfg.enable {
sane.gui.enable = true;
sane.programs.guiApps.enableFor.user.colin = true;
# start gnome/gdm on boot
services.xserver.enable = true;

View File

@@ -20,9 +20,34 @@ in
};
};
config = mkIf cfg.enable (mkMerge [
config = mkMerge [
{
sane.gui.enable = true;
sane.programs.phoshApps = {
package = null;
suggestedPrograms = [
"guiApps"
# TODO: see about removing gnome-bluetooth if the in-built gnome-settings bluetooth manager can work
"gnome.gnome-bluetooth"
"phosh-mobile-settings"
# "plasma5Packages.konsole" # more reliable terminal
];
};
}
{
sane.programs = {
inherit (pkgs // {
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
"plasma5Packages.konsole" = pkgs.plasma5Packages.konsole;
})
phosh-mobile-settings
"plasma5Packages.konsole"
# "gnome.gnome-bluetooth"
;
};
}
(mkIf cfg.enable {
sane.programs.phoshApps.enableFor.user.colin = true;
# docs: https://github.com/NixOS/nixpkgs/blob/nixos-22.05/nixos/modules/services/x11/desktop-managers/phosh.nix
services.xserver.desktopManager.phosh = {
@@ -38,6 +63,28 @@ in
};
};
# phosh enables `services.gnome.{core-os-services, core-shell}`
# and this in turn enables some default apps we don't really care about.
# see <nixos/modules/services/x11/desktop-managers/gnome.nix>
environment.gnome.excludePackages = with pkgs; [
# gnome.gnome-menus # unused outside gnome classic, but probably harmless
gnome-tour
];
services.dleyna-renderer.enable = false;
services.dleyna-server.enable = false;
services.gnome.gnome-browser-connector.enable = false;
services.gnome.gnome-initial-setup.enable = false;
services.gnome.gnome-online-accounts.enable = false;
services.gnome.gnome-remote-desktop.enable = false;
services.gnome.gnome-user-share.enable = false;
services.gnome.rygel.enable = false;
# gnome doesn't use mkDefault for these -- unclear why not
services.gnome.evolution-data-server.enable = mkForce false;
services.gnome.gnome-online-miners.enable = mkForce false;
# TODO: re-enable this once we can cross-compile gvfs
services.gvfs.enable = mkForce false;
# XXX: phosh enables networkmanager by default; can probably disable these lines
networking.useDHCP = false;
networking.networkmanager.enable = true;
@@ -60,6 +107,7 @@ in
};
programs.dconf.packages = [
# org.kde.konsole.desktop
(pkgs.writeTextFile {
name = "dconf-phosh-settings";
destination = "/etc/dconf/db/site.d/00_phosh_settings";
@@ -72,19 +120,13 @@ in
sleep-inactive-battery-timeout=5400
[sm/puri/phosh]
favorites=['gpodder.desktop', 'nheko.desktop', 'sublime-music.desktop', 'firefox.desktop', 'org.kde.konsole.desktop']
favorites=['gpodder.desktop', 'nheko.desktop', 'sublime-music.desktop', 'firefox.desktop', 'org.gnome.Terminal.desktop']
'';
})
];
})
sane.packages.extraUserPkgs = with pkgs; [
phosh-mobile-settings
# TODO: see about removing this if the in-built gnome-settings bluetooth manager can work
gnome.gnome-bluetooth
];
}
(mkIf cfg.useGreeter {
(mkIf (cfg.enable && cfg.useGreeter) {
services.xserver.enable = true;
# NB: setting defaultSession has the critical side-effect that it lets org.freedesktop.AccountsService
# know that our user exists. this ensures lightdm succeeds when calling /org/freedesktop/AccountsServices ListCachedUsers
@@ -110,5 +152,5 @@ in
systemd.services.phosh.wantedBy = lib.mkForce []; # disable auto-start
})
]);
];
}

View File

@@ -13,7 +13,8 @@ in
};
config = mkIf cfg.enable {
sane.gui.enable = true;
sane.programs.guiApps.enableFor.user.colin = true;
# start plasma-mobile on boot
services.xserver.enable = true;
services.xserver.desktopManager.plasma5.mobile.enable = true;

View File

@@ -13,7 +13,7 @@ in
};
config = mkIf cfg.enable {
sane.gui.enable = true;
sane.programs.guiApps.enableFor.user.colin = true;
# start plasma on boot
services.xserver.enable = true;

View File

@@ -120,523 +120,543 @@ in
type = types.bool;
};
};
config = mkIf cfg.enable {
sane.gui.enable = true;
# swap in these lines to use SDDM instead of `services.greetd`.
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.enable = true;
services.greetd = {
# greetd source/docs:
# - <https://git.sr.ht/~kennylevinsen/greetd>
enable = true;
settings = {
default_session = if cfg.useGreeter then greeter-session else greeterless-session;
config = mkMerge [
{
sane.programs.swayApps = {
package = null;
suggestedPrograms = [
"guiApps"
"swaylock"
"swayidle"
"wl-clipboard"
"mako" # notification daemon
# # "pavucontrol"
"gnome.gnome-bluetooth"
"gnome.gnome-control-center"
];
};
};
# we need the greeter's command to be on our PATH
users.users.colin.packages = [ sway-launcher ];
}
{
sane.programs = {
inherit (pkgs // {
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
"gnome.gnome-control-center" = pkgs.gnome.gnome-control-center;
})
swaylock
swayidle
wl-clipboard
mako
"gnome.gnome-bluetooth"
"gnome.gnome-control-center"
;
};
}
# some programs (e.g. fractal) **require** a "Secret Service Provider"
services.gnome.gnome-keyring.enable = true;
(mkIf cfg.enable {
sane.programs.swayApps.enableFor.user.colin = true;
# unlike other DEs, sway configures no audio stack
# administer with pw-cli, pw-mon, pw-top commands
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true; # ??
pulse.enable = true;
};
# swap in these lines to use SDDM instead of `services.greetd`.
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.enable = true;
services.greetd = {
# greetd source/docs:
# - <https://git.sr.ht/~kennylevinsen/greetd>
enable = true;
settings = {
default_session = if cfg.useGreeter then greeter-session else greeterless-session;
};
};
# we need the greeter's command to be on our PATH
users.users.colin.packages = [ sway-launcher ];
networking.useDHCP = false;
networking.networkmanager.enable = true;
networking.wireless.enable = lib.mkForce false;
# some programs (e.g. fractal) **require** a "Secret Service Provider"
services.gnome.gnome-keyring.enable = true;
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# gsd provides Rfkill, which is required for the bluetooth pane in gnome-control-center to work
services.gnome.gnome-settings-daemon.enable = true;
# start the components of gsd we need at login
systemd.user.targets."org.gnome.SettingsDaemon.Rfkill".wantedBy = [ "graphical-session.target" ];
# go ahead and `systemctl --user cat gnome-session-initialized.target`. i dare you.
# the only way i can figure out how to get Rfkill to actually load is to just disable all the shit it depends on.
# it doesn't actually seem to need ANY of them in the first place T_T
systemd.user.targets."gnome-session-initialized".enable = false;
# bluez can't connect to audio devices unless pipewire is running.
# a system service can't depend on a user service, so just launch it at graphical-session
systemd.user.services."pipewire".wantedBy = [ "graphical-session.target" ];
# unlike other DEs, sway configures no audio stack
# administer with pw-cli, pw-mon, pw-top commands
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true; # ??
pulse.enable = true;
};
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
};
sane.fs."/home/colin/.config/sway/config" =
let
fuzzel = "${pkgs.fuzzel}/bin/fuzzel";
sed = "${pkgs.gnused}/bin/sed";
wtype = "${pkgs.wtype}/bin/wtype";
kitty = "${pkgs.kitty}/bin/kitty";
launcher-cmd = fuzzel;
terminal-cmd = kitty;
lock-cmd = "${pkgs.swaylock}/bin/swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
vol-up-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume +5";
vol-down-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume -5";
mute-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --toggle-mute";
brightness-up-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set +2%";
brightness-down-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set 2%-";
screenshot-cmd = "${pkgs.sway-contrib.grimshot}/bin/grimshot copy area";
# "bookmarking"/snippets inspired by Luke Smith:
# - <https://www.youtube.com/watch?v=d_11QaTlf1I>
snip-file = ./snippets.txt;
# TODO: querying sops here breaks encapsulation
list-snips = "cat ${snip-file} ${config.sops.secrets.snippets.path}";
strip-comments = "${sed} 's/ #.*$//'";
snip-cmd = "${wtype} $(${list-snips} | ${fuzzel} -d -i -w 60 | ${strip-comments})";
# TODO: next splatmoji release should allow `-s none` to disable skin tones
emoji-cmd = "${pkgs.splatmoji}/bin/splatmoji -s medium-light type";
in sane-lib.fs.wantedText ''
### default font
font pango:monospace 8
networking.useDHCP = false;
networking.networkmanager.enable = true;
networking.wireless.enable = lib.mkForce false;
### pixel boundary between windows
default_border pixel 3
default_floating_border pixel 2
hide_edge_borders smart
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# gsd provides Rfkill, which is required for the bluetooth pane in gnome-control-center to work
services.gnome.gnome-settings-daemon.enable = true;
# start the components of gsd we need at login
systemd.user.targets."org.gnome.SettingsDaemon.Rfkill".wantedBy = [ "graphical-session.target" ];
# go ahead and `systemctl --user cat gnome-session-initialized.target`. i dare you.
# the only way i can figure out how to get Rfkill to actually load is to just disable all the shit it depends on.
# it doesn't actually seem to need ANY of them in the first place T_T
systemd.user.targets."gnome-session-initialized".enable = false;
# bluez can't connect to audio devices unless pipewire is running.
# a system service can't depend on a user service, so just launch it at graphical-session
systemd.user.services."pipewire".wantedBy = [ "graphical-session.target" ];
### defaults
focus_wrapping no
focus_follows_mouse yes
focus_on_window_activation smart
mouse_warping output
workspace_layout default
workspace_auto_back_and_forth no
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
};
sane.user.fs.".config/sway/config" =
let
fuzzel = "${pkgs.fuzzel}/bin/fuzzel";
sed = "${pkgs.gnused}/bin/sed";
wtype = "${pkgs.wtype}/bin/wtype";
kitty = "${pkgs.kitty}/bin/kitty";
launcher-cmd = fuzzel;
terminal-cmd = kitty;
lock-cmd = "${pkgs.swaylock}/bin/swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
vol-up-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume +5";
vol-down-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume -5";
mute-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --toggle-mute";
brightness-up-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set +2%";
brightness-down-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set 2%-";
screenshot-cmd = "${pkgs.sway-contrib.grimshot}/bin/grimshot copy area";
# "bookmarking"/snippets inspired by Luke Smith:
# - <https://www.youtube.com/watch?v=d_11QaTlf1I>
snip-file = ./snippets.txt;
# TODO: querying sops here breaks encapsulation
list-snips = "cat ${snip-file} ${config.sops.secrets.snippets.path}";
strip-comments = "${sed} 's/ #.*$//'";
snip-cmd = "${wtype} $(${list-snips} | ${fuzzel} -d -i -w 60 | ${strip-comments})";
# TODO: next splatmoji release should allow `-s none` to disable skin tones
emoji-cmd = "${pkgs.splatmoji}/bin/splatmoji -s medium-light type";
in sane-lib.fs.wantedText ''
### default font
font pango:monospace 8
### default colors (#border #background #text #indicator #childBorder)
client.focused #4c7899 #285577 #ffffff #2e9ef4 #285577
client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a
client.unfocused #333333 #222222 #888888 #292d2e #222222
client.urgent #2f343a #900000 #ffffff #900000 #900000
client.placeholder #000000 #0c0c0c #ffffff #000000 #0c0c0c
client.background #ffffff
### pixel boundary between windows
default_border pixel 3
default_floating_border pixel 2
hide_edge_borders smart
### key bindings
floating_modifier Mod1
## media keys
bindsym XF86AudioRaiseVolume exec ${vol-up-cmd}
bindsym XF86AudioLowerVolume exec ${vol-down-cmd}
bindsym Mod1+Page_Up exec ${vol-up-cmd}
bindsym Mod1+Page_Down exec ${vol-down-cmd}
bindsym XF86AudioMute exec ${mute-cmd}
bindsym XF86MonBrightnessUp exec ${brightness-up-cmd}
bindsym XF86MonBrightnessDown exec ${brightness-down-cmd}
## special functions
bindsym Mod1+Print exec ${screenshot-cmd}
bindsym Mod1+l exec ${lock-cmd}
bindsym Mod1+s exec ${snip-cmd}
bindsym Mod1+slash exec ${emoji-cmd}
bindsym Mod1+d exec ${launcher-cmd}
bindsym Mod1+Return exec ${terminal-cmd}
bindsym Mod1+Shift+q kill
bindsym Mod1+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'
bindsym Mod1+Shift+c reload
## layout
bindsym Mod1+b splith
bindsym Mod1+v splitv
bindsym Mod1+f fullscreen toggle
bindsym Mod1+a focus parent
bindsym Mod1+w layout tabbed
bindsym Mod1+e layout toggle split
bindsym Mod1+Shift+space floating toggle
bindsym Mod1+space focus mode_toggle
bindsym Mod1+r mode resize
## movement
bindsym Mod1+Up focus up
bindsym Mod1+Down focus down
bindsym Mod1+Left focus left
bindsym Mod1+Right focus right
bindsym Mod1+Shift+Up move up
bindsym Mod1+Shift+Down move down
bindsym Mod1+Shift+Left move left
bindsym Mod1+Shift+Right move right
## workspaces
bindsym Mod1+1 workspace number 1
bindsym Mod1+2 workspace number 2
bindsym Mod1+3 workspace number 3
bindsym Mod1+4 workspace number 4
bindsym Mod1+5 workspace number 5
bindsym Mod1+6 workspace number 6
bindsym Mod1+7 workspace number 7
bindsym Mod1+8 workspace number 8
bindsym Mod1+9 workspace number 9
bindsym Mod1+Shift+1 move container to workspace number 1
bindsym Mod1+Shift+2 move container to workspace number 2
bindsym Mod1+Shift+3 move container to workspace number 3
bindsym Mod1+Shift+4 move container to workspace number 4
bindsym Mod1+Shift+5 move container to workspace number 5
bindsym Mod1+Shift+6 move container to workspace number 6
bindsym Mod1+Shift+7 move container to workspace number 7
bindsym Mod1+Shift+8 move container to workspace number 8
bindsym Mod1+Shift+9 move container to workspace number 9
## "scratchpad" = ??
bindsym Mod1+Shift+minus move scratchpad
bindsym Mod1+minus scratchpad show
### defaults
focus_wrapping no
focus_follows_mouse yes
focus_on_window_activation smart
mouse_warping output
workspace_layout default
workspace_auto_back_and_forth no
### defaults
mode "resize" {
bindsym Down resize grow height 10 px
bindsym Escape mode default
bindsym Left resize shrink width 10 px
bindsym Return mode default
bindsym Right resize grow width 10 px
bindsym Up resize shrink height 10 px
bindsym h resize shrink width 10 px
bindsym j resize grow height 10 px
bindsym k resize shrink height 10 px
bindsym l resize grow width 10 px
### default colors (#border #background #text #indicator #childBorder)
client.focused #4c7899 #285577 #ffffff #2e9ef4 #285577
client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a
client.unfocused #333333 #222222 #888888 #292d2e #222222
client.urgent #2f343a #900000 #ffffff #900000 #900000
client.placeholder #000000 #0c0c0c #ffffff #000000 #0c0c0c
client.background #ffffff
### key bindings
floating_modifier Mod1
## media keys
bindsym XF86AudioRaiseVolume exec ${vol-up-cmd}
bindsym XF86AudioLowerVolume exec ${vol-down-cmd}
bindsym Mod1+Page_Up exec ${vol-up-cmd}
bindsym Mod1+Page_Down exec ${vol-down-cmd}
bindsym XF86AudioMute exec ${mute-cmd}
bindsym XF86MonBrightnessUp exec ${brightness-up-cmd}
bindsym XF86MonBrightnessDown exec ${brightness-down-cmd}
## special functions
bindsym Mod1+Print exec ${screenshot-cmd}
bindsym Mod1+l exec ${lock-cmd}
bindsym Mod1+s exec ${snip-cmd}
bindsym Mod1+slash exec ${emoji-cmd}
bindsym Mod1+d exec ${launcher-cmd}
bindsym Mod1+Return exec ${terminal-cmd}
bindsym Mod1+Shift+q kill
bindsym Mod1+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'
bindsym Mod1+Shift+c reload
## layout
bindsym Mod1+b splith
bindsym Mod1+v splitv
bindsym Mod1+f fullscreen toggle
bindsym Mod1+a focus parent
bindsym Mod1+w layout tabbed
bindsym Mod1+e layout toggle split
bindsym Mod1+Shift+space floating toggle
bindsym Mod1+space focus mode_toggle
bindsym Mod1+r mode resize
## movement
bindsym Mod1+Up focus up
bindsym Mod1+Down focus down
bindsym Mod1+Left focus left
bindsym Mod1+Right focus right
bindsym Mod1+Shift+Up move up
bindsym Mod1+Shift+Down move down
bindsym Mod1+Shift+Left move left
bindsym Mod1+Shift+Right move right
## workspaces
bindsym Mod1+1 workspace number 1
bindsym Mod1+2 workspace number 2
bindsym Mod1+3 workspace number 3
bindsym Mod1+4 workspace number 4
bindsym Mod1+5 workspace number 5
bindsym Mod1+6 workspace number 6
bindsym Mod1+7 workspace number 7
bindsym Mod1+8 workspace number 8
bindsym Mod1+9 workspace number 9
bindsym Mod1+Shift+1 move container to workspace number 1
bindsym Mod1+Shift+2 move container to workspace number 2
bindsym Mod1+Shift+3 move container to workspace number 3
bindsym Mod1+Shift+4 move container to workspace number 4
bindsym Mod1+Shift+5 move container to workspace number 5
bindsym Mod1+Shift+6 move container to workspace number 6
bindsym Mod1+Shift+7 move container to workspace number 7
bindsym Mod1+Shift+8 move container to workspace number 8
bindsym Mod1+Shift+9 move container to workspace number 9
## "scratchpad" = ??
bindsym Mod1+Shift+minus move scratchpad
bindsym Mod1+minus scratchpad show
### defaults
mode "resize" {
bindsym Down resize grow height 10 px
bindsym Escape mode default
bindsym Left resize shrink width 10 px
bindsym Return mode default
bindsym Right resize grow width 10 px
bindsym Up resize shrink height 10 px
bindsym h resize shrink width 10 px
bindsym j resize grow height 10 px
bindsym k resize shrink height 10 px
bindsym l resize grow width 10 px
}
### lightly modified bars
bar {
# TODO: fonts was:
# config.fonts.fontconfig.defaultFonts; (monospace ++ emoji)
font pango:Hack, Font Awesome 6 Free, Twitter Color Emoji 24.000000
mode dock
hidden_state hide
position top
status_command ${pkgs.i3status}/bin/i3status
swaybar_command ${pkgs.waybar}/bin/waybar
workspace_buttons yes
strip_workspace_numbers no
tray_output primary
colors {
background #000000
statusline #ffffff
separator #666666
# #border #background #text
focused_workspace #4c7899 #285577 #ffffff
active_workspace #333333 #5f676a #ffffff
inactive_workspace #333333 #222222 #888888
urgent_workspace #2f343a #900000 #ffffff
binding_mode #2f343a #900000 #ffffff
}
}
### displays
## DESKTOP
output "Samsung Electric Company S22C300 0x00007F35" {
pos 0,0
res 1920x1080
}
output "Goldstar Company Ltd LG ULTRAWIDE 0x00004E94" {
pos 1920,0
res 3440x1440
}
## LAPTOP
# sh/en TV
output "Pioneer Electronic Corporation VSX-524 0x00000101" {
pos 0,0
res 1920x1080
}
# internal display
output "Unknown 0x0637 0x00000000" {
pos 1920,0
res 1920x1080
}
'';
sane.user.fs.".config/waybar/config" = sane-lib.fs.wantedSymlinkTo waybar-config-text;
# style docs: https://github.com/Alexays/Waybar/wiki/Styling
sane.user.fs.".config/waybar/style.css" = sane-lib.fs.wantedText ''
* {
font-family: monospace;
}
### lightly modified bars
bar {
# TODO: fonts was:
# config.fonts.fontconfig.defaultFonts; (monospace ++ emoji)
font pango:Hack, Font Awesome 6 Free, Twitter Color Emoji 24.000000
mode dock
hidden_state hide
position top
status_command ${pkgs.i3status}/bin/i3status
swaybar_command ${pkgs.waybar}/bin/waybar
workspace_buttons yes
strip_workspace_numbers no
tray_output primary
colors {
background #000000
statusline #ffffff
separator #666666
# #border #background #text
focused_workspace #4c7899 #285577 #ffffff
active_workspace #333333 #5f676a #ffffff
inactive_workspace #333333 #222222 #888888
urgent_workspace #2f343a #900000 #ffffff
binding_mode #2f343a #900000 #ffffff
}
/* defaults below: https://github.com/Alexays/Waybar/blob/master/resources/style.css */
window#waybar {
background-color: rgba(43, 48, 59, 0.5);
border-bottom: 3px solid rgba(100, 114, 125, 0.5);
color: #ffffff;
transition-property: background-color;
transition-duration: .5s;
}
### displays
## DESKTOP
output "Samsung Electric Company S22C300 0x00007F35" {
pos 0,0
res 1920x1080
}
output "Goldstar Company Ltd LG ULTRAWIDE 0x00004E94" {
pos 1920,0
res 3440x1440
window#waybar.hidden {
opacity: 0.2;
}
## LAPTOP
# sh/en TV
output "Pioneer Electronic Corporation VSX-524 0x00000101" {
pos 0,0
res 1920x1080
/*
window#waybar.empty {
background-color: transparent;
}
# internal display
output "Unknown 0x0637 0x00000000" {
pos 1920,0
res 1920x1080
window#waybar.solo {
background-color: #FFFFFF;
}
'';
*/
sane.fs."/home/colin/.config/waybar/config" = sane-lib.fs.wantedSymlinkTo waybar-config-text;
window#waybar.termite {
background-color: #3F3F3F;
}
# style docs: https://github.com/Alexays/Waybar/wiki/Styling
sane.fs."/home/colin/.config/waybar/style.css" = sane-lib.fs.wantedText ''
* {
font-family: monospace;
}
window#waybar.chromium {
background-color: #000000;
border: none;
}
/* defaults below: https://github.com/Alexays/Waybar/blob/master/resources/style.css */
window#waybar {
background-color: rgba(43, 48, 59, 0.5);
border-bottom: 3px solid rgba(100, 114, 125, 0.5);
color: #ffffff;
transition-property: background-color;
transition-duration: .5s;
}
#workspaces button {
padding: 0 5px;
background-color: transparent;
color: #ffffff;
/* Use box-shadow instead of border so the text isn't offset */
box-shadow: inset 0 -3px transparent;
/* Avoid rounded borders under each workspace name */
border: none;
border-radius: 0;
}
window#waybar.hidden {
opacity: 0.2;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
#workspaces button:hover {
background: rgba(0, 0, 0, 0.2);
box-shadow: inset 0 -3px #ffffff;
}
/*
window#waybar.empty {
background-color: transparent;
}
window#waybar.solo {
background-color: #FFFFFF;
}
*/
#workspaces button.focused {
background-color: #64727D;
box-shadow: inset 0 -3px #ffffff;
}
window#waybar.termite {
background-color: #3F3F3F;
}
#workspaces button.urgent {
background-color: #eb4d4b;
}
window#waybar.chromium {
background-color: #000000;
border: none;
}
#mode {
background-color: #64727D;
border-bottom: 3px solid #ffffff;
}
#workspaces button {
padding: 0 5px;
background-color: transparent;
color: #ffffff;
/* Use box-shadow instead of border so the text isn't offset */
box-shadow: inset 0 -3px transparent;
/* Avoid rounded borders under each workspace name */
border: none;
border-radius: 0;
}
#clock,
#battery,
#cpu,
#memory,
#disk,
#temperature,
#backlight,
#network,
#pulseaudio,
#custom-media,
#tray,
#mode,
#idle_inhibitor,
#mpd {
padding: 0 10px;
color: #ffffff;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
#workspaces button:hover {
background: rgba(0, 0, 0, 0.2);
box-shadow: inset 0 -3px #ffffff;
}
#window,
#workspaces {
margin: 0 4px;
}
#workspaces button.focused {
background-color: #64727D;
box-shadow: inset 0 -3px #ffffff;
}
/* If workspaces is the leftmost module, omit left margin */
.modules-left > widget:first-child > #workspaces {
margin-left: 0;
}
#workspaces button.urgent {
background-color: #eb4d4b;
}
/* If workspaces is the rightmost module, omit right margin */
.modules-right > widget:last-child > #workspaces {
margin-right: 0;
}
#mode {
background-color: #64727D;
border-bottom: 3px solid #ffffff;
}
#clock {
background-color: #64727D;
}
#clock,
#battery,
#cpu,
#memory,
#disk,
#temperature,
#backlight,
#network,
#pulseaudio,
#custom-media,
#tray,
#mode,
#idle_inhibitor,
#mpd {
padding: 0 10px;
color: #ffffff;
}
#window,
#workspaces {
margin: 0 4px;
}
/* If workspaces is the leftmost module, omit left margin */
.modules-left > widget:first-child > #workspaces {
margin-left: 0;
}
/* If workspaces is the rightmost module, omit right margin */
.modules-right > widget:last-child > #workspaces {
margin-right: 0;
}
#clock {
background-color: #64727D;
}
#battery {
background-color: #ffffff;
color: #000000;
}
#battery.charging, #battery.plugged {
color: #ffffff;
background-color: #26A65B;
}
@keyframes blink {
to {
#battery {
background-color: #ffffff;
color: #000000;
}
}
#battery.critical:not(.charging) {
background-color: #f53c3c;
color: #ffffff;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#battery.charging, #battery.plugged {
color: #ffffff;
background-color: #26A65B;
}
label:focus {
background-color: #000000;
}
@keyframes blink {
to {
background-color: #ffffff;
color: #000000;
}
}
#cpu {
background-color: #2ecc71;
color: #000000;
}
#battery.critical:not(.charging) {
background-color: #f53c3c;
color: #ffffff;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: linear;
animation-iteration-count: infinite;
animation-direction: alternate;
}
#memory {
background-color: #9b59b6;
}
label:focus {
background-color: #000000;
}
#disk {
background-color: #964B00;
}
#cpu {
background-color: #2ecc71;
color: #000000;
}
#backlight {
background-color: #90b1b1;
}
#memory {
background-color: #9b59b6;
}
#network {
background-color: #2980b9;
}
#disk {
background-color: #964B00;
}
#network.disconnected {
background-color: #f53c3c;
}
#backlight {
background-color: #90b1b1;
}
#pulseaudio {
background-color: #f1c40f;
color: #000000;
}
#network {
background-color: #2980b9;
}
#pulseaudio.muted {
background-color: #90b1b1;
color: #2a5c45;
}
#network.disconnected {
background-color: #f53c3c;
}
#custom-media {
background-color: #66cc99;
color: #2a5c45;
min-width: 100px;
}
#pulseaudio {
background-color: #f1c40f;
color: #000000;
}
#custom-media.custom-spotify {
background-color: #66cc99;
}
#pulseaudio.muted {
background-color: #90b1b1;
color: #2a5c45;
}
#custom-media.custom-vlc {
background-color: #ffa000;
}
#custom-media {
background-color: #66cc99;
color: #2a5c45;
min-width: 100px;
}
#temperature {
background-color: #f0932b;
}
#custom-media.custom-spotify {
background-color: #66cc99;
}
#temperature.critical {
background-color: #eb4d4b;
}
#custom-media.custom-vlc {
background-color: #ffa000;
}
#tray {
background-color: #2980b9;
}
#temperature {
background-color: #f0932b;
}
#tray > .passive {
-gtk-icon-effect: dim;
}
#temperature.critical {
background-color: #eb4d4b;
}
#tray > .needs-attention {
-gtk-icon-effect: highlight;
background-color: #eb4d4b;
}
#tray {
background-color: #2980b9;
}
#idle_inhibitor {
background-color: #2d3436;
}
#tray > .passive {
-gtk-icon-effect: dim;
}
#idle_inhibitor.activated {
background-color: #ecf0f1;
color: #2d3436;
}
#tray > .needs-attention {
-gtk-icon-effect: highlight;
background-color: #eb4d4b;
}
#mpd {
background-color: #66cc99;
color: #2a5c45;
}
#idle_inhibitor {
background-color: #2d3436;
}
#mpd.disconnected {
background-color: #f53c3c;
}
#idle_inhibitor.activated {
background-color: #ecf0f1;
color: #2d3436;
}
#mpd.stopped {
background-color: #90b1b1;
}
#mpd {
background-color: #66cc99;
color: #2a5c45;
}
#mpd.paused {
background-color: #51a37a;
}
#mpd.disconnected {
background-color: #f53c3c;
}
#language {
background: #00b093;
color: #740864;
padding: 0 5px;
margin: 0 5px;
min-width: 16px;
}
#mpd.stopped {
background-color: #90b1b1;
}
#keyboard-state {
background: #97e1ad;
color: #000000;
padding: 0 0px;
margin: 0 5px;
min-width: 16px;
}
#mpd.paused {
background-color: #51a37a;
}
#keyboard-state > label {
padding: 0 5px;
}
#language {
background: #00b093;
color: #740864;
padding: 0 5px;
margin: 0 5px;
min-width: 16px;
}
#keyboard-state > label.locked {
background: rgba(0, 0, 0, 0.2);
}
'';
# style = ''
# * {
# border: none;
# border-radius: 0;
# font-family: Source Code Pro;
# }
# window#waybar {
# background: #16191C;
# color: #AAB2BF;
# }
# #workspaces button {
# padding: 0 5px;
# }
# .custom-spotify {
# padding: 0 10px;
# margin: 0 4px;
# background-color: #1DB954;
# color: black;
# }
# '';
#keyboard-state {
background: #97e1ad;
color: #000000;
padding: 0 0px;
margin: 0 5px;
min-width: 16px;
}
sane.packages.extraUserPkgs = with pkgs; [
swaylock
swayidle # (unused)
wl-clipboard
mako # notification daemon
xdg-utils # for xdg-open
# user stuff
# pavucontrol
sway-contrib.grimshot
gnome.gnome-bluetooth
gnome.gnome-control-center
];
};
#keyboard-state > label {
padding: 0 5px;
}
#keyboard-state > label.locked {
background: rgba(0, 0, 0, 0.2);
}
'';
# style = ''
# * {
# border: none;
# border-radius: 0;
# font-family: Source Code Pro;
# }
# window#waybar {
# background: #16191C;
# color: #AAB2BF;
# }
# #workspaces button {
# padding: 0 5px;
# }
# .custom-spotify {
# padding: 0 10px;
# margin: 0 4px;
# background-color: #1DB954;
# color: black;
# }
# '';
})
];
}

View File

@@ -0,0 +1,6 @@
{ ... }:
{
imports = [
./duplicity.nix
];
}

View File

@@ -5,13 +5,13 @@
./feeds.nix
./fs
./ids.nix
./packages.nix
./programs.nix
./image.nix
./nixcache.nix
./persist
./services
./sops.nix
./ssh.nix
./users.nix
];
_module.args = {

View File

@@ -20,9 +20,13 @@ sane-lib = rec {
isPrefixOfList = p: l: (lib.sublist 0 (lib.length p) l) == p;
# merges N attrsets
# Type: flattenAttrsList :: [AttrSet] -> AttrSet
# Type: joinAttrsets :: [AttrSet] -> AttrSet
joinAttrsets = l: lib.foldl' lib.attrsets.unionOfDisjoint {} l;
# merges N attrsets, recursively
# Type: joinAttrsetsRecursive :: [AttrSet] -> AttrSet
joinAttrsetsRecursive = l: lib.foldl' (lib.attrsets.recursiveUpdateUntil (path: lhs: rhs: false)) {} l;
# evaluate a `{ name, value }` pair in the same way that `listToAttrs` does.
# Type: nameValueToAttrs :: { name :: String, value :: Any } -> Any
nameValueToAttrs = { name, value }: {

View File

@@ -17,7 +17,7 @@ rec {
merged = builtins.map (p: lib.setAttrByPath p (mergeAtPath p discharged)) pathsToMerge;
in
assert builtins.all (assertNoExtraPaths pathsToMerge) discharged;
sane-lib.joinAttrsets merged;
sane-lib.joinAttrsetsRecursive merged;
# `take` is as in mkTypedMerge. this function queries which items `take` is interested in.
# for example:

View File

@@ -1,330 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
with pkgs;
let
cfg = config.sane.packages;
imagemagick = pkgs.imagemagick.override {
ghostscriptSupport = true;
};
consolePkgs = [
backblaze-b2
cdrtools
dmidecode
duplicity
efivar
flashrom
fwupd
ghostscript # TODO: imagemagick wrapper should add gs to PATH
gnupg
gocryptfs
gopass
gopass-jsonapi
ifuse
imagemagick
ipfs
libimobiledevice
libsecret # for managing user keyrings
lm_sensors # for sensors-detect
lshw
ffmpeg
memtester
networkmanager
nixpkgs-review
# nixos-generators
# nettools
nmon
oathToolkit # for oathtool
# ponymix
pulsemixer
python3
rsync
# python3Packages.eyeD3 # music tagging
sane-scripts
sequoia
snapper
sops
speedtest-cli
sqlite # to debug sqlite3 databases
ssh-to-age
sudo
# tageditor # music tagging
unar
visidata
w3m
wireguard-tools
# youtube-dl
yt-dlp
];
guiPkgs = [
# GUI only
aerc # email client
audacity
celluloid # mpv frontend
chromium
clinfo
{ pkg = dino; private = [ ".local/share/dino" ]; }
electrum
# creds/session keys, etc
{ pkg = element-desktop; private = [ ".config/Element" ]; }
# `emote` will show a first-run dialog based on what's in this directory.
# mostly, it just keeps a LRU of previously-used emotes to optimize display order.
# TODO: package [smile](https://github.com/mijorus/smile) for probably a better mobile experience.
{ pkg = emote; dir = [ ".local/share/Emote" ]; }
evince # works on phosh
# { pkg = fluffychat-moby; dir = [ ".local/share/chat.fluffy.fluffychat" ]; } # TODO: ship normal fluffychat on non-moby?
foliate
font-manager
# XXX by default fractal stores its state in ~/.local/share/<UUID>.
# after logging in, manually change ~/.local/share/keyrings/... to point it to some predictable subdir.
# then reboot (so that libsecret daemon re-loads the keyring...?)
# { pkg = fractal-latest; private = [ ".local/share/fractal" ]; }
# { pkg = fractal-next; private = [ ".local/share/fractal" ]; }
gajim # XMPP client
gimp # broken on phosh
gnome.cheese
gnome.dconf-editor
gnome-feeds # RSS reader (with claimed mobile support)
gnome.file-roller
gnome.gnome-disk-utility
gnome.gnome-maps # works on phosh
gnome.nautilus
# gnome-podcasts
gnome.gnome-system-monitor
gnome.gnome-terminal # works on phosh
gnome.gnome-weather
# XXX: we preserve the whole thing because if we only preserve gPodder/Downloads
# then startup is SLOW during feed import, and we might end up with zombie eps in the dl dir.
{ pkg = gpodder-configured; dir = [ "gPodder" ]; }
gthumb
inkscape
kdenlive
kid3 # audio tagging
kitty
krita
libreoffice-fresh # XXX colin: maybe don't want this on mobile
lollypop
{ pkg = mpv; dir = [ ".config/mpv/watch_later" ]; }
networkmanagerapplet
# not strictly necessary, but allows caching articles; offline use, etc.
{ pkg = newsflash; dir = [ ".local/share/news-flash" ]; }
{ pkg = nheko; private = [
".config/nheko" # config file (including client token)
".cache/nheko" # media cache
".local/share/nheko" # per-account state database
]; }
# settings (electron app)
{ pkg = obsidian; dir = [ ".config/obsidian" ]; }
pavucontrol
# picard # music tagging
playerctl
libsForQt5.plasmatube # Youtube player
soundconverter
# sublime music persists any downloaded albums here.
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
# possible to pass config as a CLI arg (sublime-music -c config.json)
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
{ pkg = sublime-music-mobile; dir = [ ".local/share/sublime-music" ]; }
{ pkg = tdesktop; private = [ ".local/share/TelegramDesktop" ]; } # broken on phosh
{ pkg = tokodon; private = [ ".cache/KDE/tokodon" ]; }
# vlc remembers play position in ~/.config/vlc/vlc-qt-interface.conf
{ pkg = vlc; dir = [ ".config/vlc" ]; }
# pleroma client (Electron). input is broken on phosh.
{ pkg = whalebird; private = [ ".config/Whalebird" ]; }
xdg-utils # for xdg-open
xterm # broken on phosh
]
++ (if pkgs.system == "x86_64-linux" then
[
# x86_64 only
# creds, but also 200 MB of node modules, etc
(let discord = (pkgs.discord.override {
# XXX 2022-07-31: fix to allow links to open in default web-browser:
# https://github.com/NixOS/nixpkgs/issues/78961
nss = pkgs.nss_latest;
}); in { pkg = discord; private = [ ".config/discord" ]; })
# kaiteki # Pleroma client
# gnome.zenity # for kaiteki (it will use qarma, kdialog, or zenity)
# gpt2tc # XXX: unreliable mirror
# TODO(unpin): handbrake is broken on aarch64-linux 2023/01/29
handbrake
logseq
losslesscut-bin
makemkv
# actual monero blockchain (not wallet/etc; safe to delete, just slow to regenerate)
{ pkg = monero-gui; dir = [ ".bitmonero" ]; }
# creds, media
{ pkg = signal-desktop; private = [ ".config/Signal" ]; }
# creds, widevine .so download. TODO: could easily manage these statically.
{ pkg = spotify; dir = [ ".config/spotify" ]; }
# hardenedMalloc solves a crash at startup
(tor-browser-bundle-bin.override { useHardenedMalloc = false; })
# zcash coins. safe to delete, just slow to regenerate (10-60 minutes)
{ pkg = zecwallet-lite; private = [ ".zcash" ]; }
] else []);
# general-purpose utilities that we want any user to be able to access
# (specifically: root, in case of rescue)
systemPkgs = [
btrfs-progs
cacert.unbundled # some services require unbundled /etc/ssl/certs
cryptsetup
dig
efibootmgr
fatresize
fd
file
gawk
git
gptfdisk
hdparm
htop
iftop
inetutils # for telnet
iotop
iptables
jq
killall
lsof
nano
netcat
nethogs
nmap
openssl
parted
pciutils
powertop
pstree
ripgrep
screen
smartmontools
socat
strace
tcpdump
tree
usbutils
wget
];
# useful devtools:
devPkgs = [
bison
dtc
flex
gcc
gdb
# gcc-arm-embedded
# gcc_multi
gnumake
mercurial
mix2nix
rustup
swig
];
pkgSpec = types.submodule {
options = {
pkg = mkOption {
type = types.package;
};
dir = mkOption {
type = types.listOf types.str;
default = [];
description = "list of home-relative paths to persist for this package";
};
private = mkOption {
type = types.listOf types.str;
default = [];
description = "list of home-relative paths to persist (in encrypted format) for this package";
};
};
};
toPkgSpec = types.coercedTo types.package (p: { pkg = p; }) pkgSpec;
in
{
options = {
# packages to deploy to the user's home
sane.packages.extraUserPkgs = mkOption {
default = [ ];
type = types.listOf toPkgSpec;
};
sane.packages.extraGuiPkgs = mkOption {
default = [ ];
type = types.listOf toPkgSpec;
description = "packages to only ship if gui's enabled";
};
sane.packages.enableConsolePkgs = mkOption {
default = false;
type = types.bool;
};
sane.packages.enableGuiPkgs = mkOption {
default = false;
type = types.bool;
};
sane.packages.enableDevPkgs = mkOption {
description = ''
enable packages that are useful for building other software by hand.
you should prefer to keep this disabled except when prototyping, e.g. packaging new software.
'';
default = false;
type = types.bool;
};
sane.packages.enableSystemPkgs = mkOption {
default = false;
type = types.bool;
description = "enable system-wide packages";
};
sane.packages.enabledUserPkgs = mkOption {
default = cfg.extraUserPkgs
++ (if cfg.enableConsolePkgs then consolePkgs else [])
++ (if cfg.enableGuiPkgs then guiPkgs ++ cfg.extraGuiPkgs else [])
++ (if cfg.enableDevPkgs then devPkgs else [])
;
type = types.listOf toPkgSpec;
description = "generated from other config options";
};
};
config = {
environment.systemPackages = mkIf cfg.enableSystemPkgs systemPkgs;
sane.persist.home.plaintext = concatLists (map (p: p.dir) cfg.enabledUserPkgs);
sane.persist.home.private = concatLists (map (p: p.private) cfg.enabledUserPkgs);
# XXX: this might not be necessary. try removing this and cacert.unbundled?
environment.etc."ssl/certs".source = mkIf cfg.enableSystemPkgs "${pkgs.cacert.unbundled}/etc/ssl/certs/*";
};
}

View File

@@ -1,18 +0,0 @@
{ config, lib, sane-lib, ... }:
let
path = sane-lib.path;
cfg = config.sane.persist;
withPrefix = relativeTo: entries: lib.mapAttrs' (fspath: value: {
name = path.concat [ relativeTo fspath ];
inherit value;
}) entries;
in
{
# merge the `byPath` mappings from both `home` and `sys` into one namespace
sane.persist.byPath = lib.mkMerge [
(withPrefix "/home/colin" cfg.home.byPath)
(withPrefix "/" cfg.sys.byPath)
];
}

View File

@@ -179,23 +179,11 @@ in
type = types.bool;
description = "define / fs root to be a tmpfs. make sure to mount some other device to /nix";
};
sane.persist.home = mkOption {
description = "directories to persist to disk, relative to a user's home ~";
default = {};
type = dirsSubModule;
};
sane.persist.sys = mkOption {
description = "directories to persist to disk, relative to the fs root /";
default = {};
type = dirsSubModule;
};
sane.persist.byPath = mkOption {
type = types.attrsOf (convertInlineAcl entryAtPath);
description = ''
map of <path> => <path config> for all paths to be persisted.
this is computed from the other options, but users can also set it explicitly (useful for overriding)
'';
};
sane.persist.stores = mkOption {
type = types.attrsOf storeType;
default = {};
@@ -206,7 +194,6 @@ in
};
imports = [
./computed.nix
./root-on-tmpfs.nix
./stores
];
@@ -247,7 +234,7 @@ in
);
}
];
configs = lib.mapAttrsToList cfgFor cfg.byPath;
configs = lib.mapAttrsToList cfgFor cfg.sys.byPath;
take = f: { sane.fs = f.sane.fs; };
in mkIf cfg.enable (
take (sane-lib.mkTypedMerge take configs)

View File

@@ -1,14 +1,10 @@
{ config, lib, pkgs, utils, ... }:
{ config, lib, pkgs, sane-lib, utils, ... }:
let
store = rec {
device = "/mnt/persist/crypt/clearedonboot";
underlying = {
path = "/nix/persist/crypt/clearedonboot";
# TODO: consider moving this to /tmp, but that requires tmp be mounted first?
key = "/mnt/persist/crypt/clearedonboot.key";
};
};
persist-base = config.sane.persist.stores."plaintext".origin;
device = config.sane.persist.stores."cryptClearOnBoot".origin;
key = "${device}.key";
underlying = sane-lib.path.concat [ persist-base "crypt/clearedonboot" ];
in
lib.mkIf config.sane.persist.enable
{
@@ -17,35 +13,35 @@ lib.mkIf config.sane.persist.enable
stored to disk, but encrypted to an in-memory key and cleared on every boot
so that it's unreadable after power-off
'';
origin = store.device;
origin = lib.mkDefault "/mnt/persist/crypt/clearedonboot";
};
fileSystems."${store.device}" = {
device = store.underlying.path;
fileSystems."${device}" = {
device = underlying;
fsType = "fuse.gocryptfs";
options = [
"nodev"
"nosuid"
"allow_other"
"passfile=${store.underlying.key}"
"passfile=${key}"
"defaults"
];
noCheck = true;
};
# let sane.fs know about our fileSystem and automatically add the appropriate dependencies
sane.fs."${store.device}".mount = {
sane.fs."${device}".mount = {
# technically the dependency on the keyfile is extraneous because that *happens* to
# be needed to init the store.
depends = let
cryptfile = config.sane.fs."${store.underlying.path}/gocryptfs.conf";
keyfile = config.sane.fs."${store.underlying.key}";
cryptfile = config.sane.fs."${underlying}/gocryptfs.conf";
keyfile = config.sane.fs."${key}";
in [ keyfile.unit cryptfile.unit ];
};
# let sane.fs know how to initialize the gocryptfs store,
# and that it MUST do so
sane.fs."${store.underlying.path}/gocryptfs.conf".generated = {
sane.fs."${underlying}/gocryptfs.conf".generated = {
script.script = ''
backing="$1"
passfile="$2"
@@ -54,17 +50,17 @@ lib.mkIf config.sane.persist.enable
rm -rf "''${backing:?}"/*
${pkgs.gocryptfs}/bin/gocryptfs -quiet -passfile "$passfile" -init "$backing"
'';
script.scriptArgs = [ store.underlying.path store.underlying.key ];
script.scriptArgs = [ underlying key ];
# we need the key in order to initialize the store
depends = [ config.sane.fs."${store.underlying.key}".unit ];
depends = [ config.sane.fs."${key}".unit ];
};
# let sane.fs know how to generate the key for gocryptfs
sane.fs."${store.underlying.key}".generated = {
sane.fs."${key}".generated = {
script.script = ''
dd if=/dev/random bs=128 count=1 | base64 --wrap=0 > "$1"
'';
script.scriptArgs = [ store.underlying.key ];
script.scriptArgs = [ key ];
# no need for anyone else to be able to read the key
acl.mode = "0400";
};

View File

@@ -3,7 +3,7 @@
let
cfg = config.sane.persist;
in lib.mkIf cfg.enable {
sane.persist.stores."plaintext" = {
sane.persist.stores."plaintext" = lib.mkDefault {
origin = "/nix/persist";
};
# TODO: needed?

View File

@@ -1,21 +1,23 @@
{ config, lib, pkgs, utils, ... }:
{ config, lib, pkgs, sane-lib, utils, ... }:
let
persist-base = config.sane.persist.stores."plaintext".origin;
private-dir = config.sane.persist.stores."private".origin;
private-backing-dir = sane-lib.path.concat [ persist-base private-dir ];
in
lib.mkIf config.sane.persist.enable
{
sane.persist.stores."private" = {
storeDescription = ''
encrypted to the user's password and auto-unlocked at login
encrypted store which persists across boots.
typical use case is for the user to encrypt this store using their login password so that it
can be auto-unlocked at login.
'';
origin = "/home/colin/private";
# files stored under here *must* have the /home/colin prefix.
# internally, this prefix is removed so that e.g.
# /home/colin/foo/bar when stored in `private` is visible at
# /home/colin/private/foo/bar
prefix = "/home/colin";
origin = lib.mkDefault "/mnt/private";
defaultOrdering = let
private-unit = config.sane.fs."/home/colin/private".unit;
private-unit = config.sane.fs."${private-dir}".unit;
in {
# auto create only after ~/private is mounted
# auto create only after the store is mounted
wantedBy = [ private-unit ];
# we can't create things in private before local-fs.target
wantedBeforeBy = [ ];
@@ -23,13 +25,13 @@ lib.mkIf config.sane.persist.enable
defaultMethod = "symlink";
};
fileSystems."/home/colin/private" = {
device = "/nix/persist/home/colin/private";
fileSystems."${private-dir}" = {
device = private-backing-dir;
fsType = "fuse.gocryptfs";
options = [
"noauto" # don't try to mount, until the user logs in!
"nofail"
"allow_other" # root ends up being the user that mounts this, so need to make it visible to `colin`.
"allow_other" # root ends up being the user that mounts this, so need to make it visible to other users.
"nodev"
"nosuid"
"quiet"
@@ -39,9 +41,9 @@ lib.mkIf config.sane.persist.enable
};
# let sane.fs know about the mount
sane.fs."/home/colin/private".mount = {};
sane.fs."${private-dir}".mount = {};
# it also needs to know that the underlying device is an ordinary folder
sane.fs."/nix/persist/home/colin/private".dir = {};
sane.fs."${private-backing-dir}".dir = {};
# TODO: could add this *specifically* to the .mount file for the encrypted fs?
system.fsPackages = [ pkgs.gocryptfs ]; # fuse needs to find gocryptfs

133
modules/programs.nix Normal file
View File

@@ -0,0 +1,133 @@
{ config, lib, pkgs, sane-lib, ... }:
let
inherit (builtins) any elem map;
inherit (lib)
filterAttrs
hasAttrByPath
getAttrFromPath
mapAttrs
mapAttrsToList
mkDefault
mkIf
mkMerge
mkOption
optional
optionalAttrs
splitString
types
;
inherit (sane-lib) joinAttrsets;
cfg = config.sane.programs;
pkgSpec = types.submodule ({ name, ... }: {
options = {
package = mkOption {
type = types.nullOr types.package;
description = ''
package, or `null` if the program is some sort of meta set (in which case it much EXPLICITLY be set null).
'';
default =
let
pkgPath = splitString "." name;
in
# package can be inferred by the attr name, allowing shorthand like
# `sane.programs.nano.enable = true;`
# this indexing will throw if the package doesn't exist and the user forgets to specify
# a valid source explicitly.
getAttrFromPath pkgPath pkgs;
};
enableFor.system = mkOption {
type = types.bool;
default = any (en: en) (
mapAttrsToList
(otherName: otherPkg:
otherName != name && elem name otherPkg.suggestedPrograms && otherPkg.enableSuggested && otherPkg.enableFor.system
)
cfg
);
description = ''
place this program on the system PATH
'';
};
enableFor.user = mkOption {
type = types.attrsOf types.bool;
default = joinAttrsets (mapAttrsToList (otherName: otherPkg:
optionalAttrs
(otherName != name && elem name otherPkg.suggestedPrograms && otherPkg.enableSuggested)
(filterAttrs (user: en: en) otherPkg.enableFor.user)
) cfg);
description = ''
place this program on the PATH for some specified user(s).
'';
};
suggestedPrograms = mkOption {
type = types.listOf types.str;
default = [];
description = ''
list of other programs a user may want to enable alongside this one.
for example, the gnome desktop environment would suggest things like its settings app.
'';
};
enableSuggested = mkOption {
type = types.bool;
default = true;
};
dir = mkOption {
type = types.listOf types.str;
default = [];
description = "list of home-relative paths to persist for this package";
};
private = mkOption {
type = types.listOf types.str;
default = [];
description = "list of home-relative paths to persist (in encrypted format) for this package";
};
};
});
toPkgSpec = types.coercedTo types.package (p: { package = p; }) pkgSpec;
configs = mapAttrsToList (name: p: {
assertions = map (sug: {
assertion = cfg ? "${sug}";
message = ''program "${sug}" referenced by "${name}", but not defined'';
}) p.suggestedPrograms;
# conditionally add to system PATH
environment.systemPackages = optional
(p.package != null && p.enableFor.system)
p.package;
# conditionally add to user(s) PATH
users.users = mapAttrs (user: en: {
packages = optional (p.package != null && en) p.package;
}) p.enableFor.user;
# conditionally persist relevant user dirs
sane.users = mapAttrs (user: en: optionalAttrs en {
persist.plaintext = p.dir;
persist.private = p.private;
}) p.enableFor.user;
}) cfg;
in
{
options = {
sane.programs = mkOption {
type = types.attrsOf toPkgSpec;
default = {};
};
};
config =
let
take = f: {
assertions = f.assertions;
environment.systemPackages = f.environment.systemPackages;
users.users = f.users.users;
sane.users = f.sane.users;
};
in mkMerge [
(take (sane-lib.mkTypedMerge take configs))
{
# expose the pkgs -- as available to the system -- as a build target.
system.build.pkgs = pkgs;
}
];
}

View File

@@ -1,7 +1,6 @@
{ ... }:
{
imports = [
./duplicity.nix
./dyn-dns.nix
./kiwix-serve.nix
./mautrix-signal.nix

110
modules/users.nix Normal file
View File

@@ -0,0 +1,110 @@
{ config, lib, options, sane-lib, ... }:
let
inherit (builtins) attrValues;
inherit (lib) count mapAttrs' mapAttrsToList mkIf mkMerge mkOption types;
sane-user-cfg = config.sane.user;
cfg = config.sane.users;
path-lib = sane-lib.path;
userOptions = {
options = {
fs = mkOption {
type = types.attrs;
default = {};
description = ''
entries to pass onto `sane.fs` after prepending the user's home-dir to the path.
e.g. `sane.users.colin.fs."/.config/aerc" = X`
=> `sane.fs."/home/colin/.config/aerc" = X;
'';
};
persist = mkOption {
type = options.sane.persist.sys.type;
default = {};
description = ''
entries to pass onto `sane.persist.sys` after prepending the user's home-dir to the path.
'';
};
};
};
userModule = types.submodule ({ name, config, ... }: {
options = userOptions.options // {
default = mkOption {
type = types.bool;
default = false;
description = ''
only one default user may exist.
this option determines what the `sane.user` shorthand evaluates to.
'';
};
home = mkOption {
type = types.str;
# XXX: we'd prefer to set this to `config.users.users.home`, but that causes infinite recursion...
# TODO: maybe assert that this matches the actual home?
default = "/home/${name}";
};
};
# if we're the default user, inherit whatever settings were routed to the default user
config = mkIf config.default sane-user-cfg;
});
processUser = user: defn:
let
prefixWithHome = mapAttrs' (path: value: {
name = path-lib.concat [ defn.home path ];
inherit value;
});
in
{
sane.fs = prefixWithHome defn.fs;
# `byPath` is the actual output here, computed from the other keys.
sane.persist.sys.byPath = prefixWithHome defn.persist.byPath;
};
in
{
options = {
sane.users = mkOption {
type = types.attrsOf userModule;
default = {};
description = ''
options to apply to the given user.
the user is expected to be created externally.
configs applied at this level are simply transformed and then merged
into the toplevel `sane` options. it's merely a shorthand.
'';
};
sane.user = mkOption {
type = types.nullOr (types.submodule userOptions);
default = null;
description = ''
options to pass down to the default user
'';
};
};
config =
let
configs = mapAttrsToList processUser cfg;
num-default-users = count (u: u.default) (attrValues cfg);
take = f: {
sane.fs = f.sane.fs;
sane.persist.sys.byPath = f.sane.persist.sys.byPath;
};
in mkMerge [
(take (sane-lib.mkTypedMerge take configs))
{
assertions = [
{
assertion = sane-user-cfg == null || num-default-users != 0;
message = "cannot set `sane.user` without first setting `sane.users.<user>.default = true` for some user";
}
{
assertion = num-default-users <= 1;
message = "cannot set more than one default user";
}
];
}
];
}

View File

@@ -0,0 +1,22 @@
diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix
index 56fa74e5c0c..3573bb0af49 100644
--- a/pkgs/development/libraries/mesa/default.nix
+++ b/pkgs/development/libraries/mesa/default.nix
@@ -88,7 +88,7 @@
let
# Release calendar: https://www.mesa3d.org/release-calendar.html
# Release frequency: https://www.mesa3d.org/releasing.html#schedule
- version = "22.3.4";
+ version = "22.3.2";
branch = lib.versions.major version;
withLibdrm = lib.meta.availableOn stdenv.hostPlatform libdrm;
@@ -120,7 +120,7 @@ self = stdenv.mkDerivation {
"ftp://ftp.freedesktop.org/pub/mesa/${version}/mesa-${version}.tar.xz"
"ftp://ftp.freedesktop.org/pub/mesa/older-versions/${branch}.x/${version}/mesa-${version}.tar.xz"
];
- sha256 = "37a1ddaf03f41919ee3c89c97cff41e87de96e00e9d3247959cc8279d8294593";
+ sha256 = "c15df758a8795f53e57f2a228eb4593c22b16dffd9b38f83901f76cd9533140b";
};
# TODO:

7
nixpatches/flake.lock generated
View File

@@ -2,16 +2,15 @@
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1673163619,
"narHash": "sha256-B33PFBL64ZgTWgMnhFL3jgheAN/DjHPsZ1Ih3z0VE5I=",
"lastModified": 1675123384,
"narHash": "sha256-RpU+kboEWlIYwbRMGIPBIcztH63CvmqWN1B8GpJogd4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8c54d842d9544361aac5f5b212ba04e4089e8efe",
"rev": "e0fa1ece2f3929726c9b98c539ad14b63ae8e4fd",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},

View File

@@ -13,27 +13,32 @@
hash = "sha256-IvsIcd2wPdz4b/7FMrDrcVlIZjFecCQ9uiL0Umprbx0=";
})
# fix libreoffice build by: Revert "mdds: 2.0.3 -> 2.1.0"
# merged 2023/01/25
(fetchpatch {
url = "https://github.com/NixOS/nixpkgs/pull/212583.diff";
hash = "sha256-nkXgwQUtxYkJT2OzG6Jc72snizW5wHvR1nmh2KDnaPc=";
})
# fix handbrake build by: handbrake: 1.5.1 -> 1.6.1
# PR opened 2023/01/23
(fetchpatch {
# see alternate fix: <https://github.com/NixOS/nixpkgs/pull/211834>
url = "https://github.com/NixOS/nixpkgs/pull/212306.diff";
hash = "sha256-iQX2NaZaCzZVRlCM0pgXt0gecNwhXGeh3kXEiY38ZIM=";
hash = "sha256-PnPzvJymafa+zjkauQW0LzFsJC7S+7D9JRszTE3in+w=";
})
# (fetchpatch {
# # stdenv: fix cc for pseudo-crosscompilation
# # closed because it breaks pkgsStatic (as of 2023/02/12)
# url = "https://github.com/NixOS/nixpkgs/pull/196497.diff";
# hash = "sha256-eTwEbVULYjmOW7zUFcTUqvBZqUFjHTKFhvmU2m3XQeo=";
# })
./2022-12-19-i2p-aarch64.patch
# fix for <https://gitlab.com/signald/signald/-/issues/345>
# allows to actually run signald
./2023-01-25-signald-update.patch
# fix for CMA memory leak in mesa: <https://gitlab.freedesktop.org/mesa/mesa/-/issues/8198>
# only necessary on aarch64.
# it's a revert of nixpkgs commit dcf630c172df2a9ecaa47c77f868211e61ae8e52
./2023-01-30-mesa-cma-leak.patch
# # kaiteki: init at 2022-09-03
# vendorHash changes too frequently (might not be reproducible).
# using local package defn until stabilized

View File

@@ -4,31 +4,65 @@
# - if it's broken by that upstream builder, then pin it: somebody will come along and fix the package.
# - otherwise, search github issues/PRs for knowledge of it before pinning.
# - if nobody's said anything about it yet, probably want to root cause it or hold off on updating.
#
# note that these pins apply to *all* platforms:
# - natively compiled packages
# - cross compiled packages
# - qemu-emulated packages
(next: prev: {
# XXX: when invoked outside our flake (e.g. via NIX_PATH) there is no `next.stable`,
# so just forward the unstable packages.
inherit (next.stable or prev)
# broken on 2023/01/14 via mtxclient dep, aarch64-only:
# fixed on 2023/01/24?
# error: builder for '/nix/store/gwidl0c9ksxjgx0dgwnjssix4ikq73v5-mtxclient-0.9.0.drv' failed with exit code 2;
# last 10 log lines:
# > make[2]: *** [CMakeFiles/matrix_client.dir/build.make:370: CMakeFiles/matrix_client.dir/lib/structs/events/encrypted.cpp.o] Error 1
# > In file included from /build/source/include/mtxclient/crypto/client.hpp:17,
# > from /build/source/lib/crypto/utils.cpp:17:
# > /build/source/include/mtx/identifiers.hpp:12:10: fatal error: compare: No such file or directory
# > 12 | #include <compare>
# > | ^~~~~~~~~
# > compilation terminated.
# > make[2]: *** [CMakeFiles/matrix_client.dir/build.make:132: CMakeFiles/matrix_client.dir/lib/crypto/utils.cpp.o] Error 1
# > make[1]: *** [CMakeFiles/Makefile2:83: CMakeFiles/matrix_client.dir/all] Error 2
# > make: *** [Makefile:136: all] Error 2
# For full logs, run 'nix log /nix/store/gwidl0c9ksxjgx0dgwnjssix4ikq73v5-mtxclient-0.9.0.drv'.
# error: 1 dependencies of derivation '/nix/store/4i2d1qdh4x6n23h1jbcbhm8q9q2hch9a-nheko-0.11.0.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/k4f7k7cvjp8rb7clhlfq3yxgs6lbfmk7-home-manager-path.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/67d9k554188lh4ddl4ar6j74mpc3r4sv-home-manager-generation.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/5qjxzhsw1jvh2d7jypbcam9409ivb472-user-environment.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/hrb3qpdbisqh0lzlyz1g9g4164khmqwn-etc.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/ny21xyicbgim5wy7ksg2hibd9gn7i01b-nixos-system-moby-23.05pre-git.drv' failed to build
# nheko
;
ell = prev.ell.overrideAttrs (_upstream: {
# 2023/02/11
# fixes "TEST FAILED in get_random_return_callback at unit/test-dbus-message-fds.c:278: !l_dbus_message_get_error(message, ((void *)0), ((void *)0))"
# unclear *why* this test fails.
doCheck = false;
});
gjs = prev.gjs.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
gssdp = prev.gssdp.overrideAttrs (orig: {
# 2023/02/11
# fixes "ERROR:../tests/test-regression.c:429:test_ggo_7: assertion failed (error == NULL): Failed to set multicast interfaceProtocol not available (gssdp-error, 1)"
doCheck = false;
});
json-glib = prev.json-glib.overrideAttrs (orig: {
# 2023/02/11
# fixes: "15/15 json-glib:docs / doc-check TIMEOUT 30.52s killed by signal 15 SIGTERM"
doCheck = false;
});
lapack-reference = prev.lapack-reference.overrideAttrs (_upstream: {
# 2023/02/11: test timeouts
# > The following tests FAILED:
# > 93 - LAPACK-xlintstz_ztest_in (Timeout)
# > 98 - LAPACK-xeigtstz_svd_in (Timeout)
# > 99 - LAPACK-xeigtstz_zec_in (Timeout)
doCheck = false;
});
libadwaita = prev.libadwaita.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
libsecret = prev.libsecret.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
libuv = prev.libuv.overrideAttrs (orig: {
# 2023/02/11
# 2 tests fail:
# - not ok 261 - tcp_bind6_error_addrinuse
# - not ok 267 - tcp_bind_error_addrinuse_listen
doCheck = false;
});
strp = prev.srtp.overrideAttrs (orig: {
# 2023/02/11
# roc_driver test times out after 30s
doCheck = false;
});
})

View File

@@ -13,7 +13,7 @@ in
(symlinkJoin {
name = "gpodder-configured";
paths = [ gpodder remove-extra ];
buildInputs = [ makeWrapper ];
nativeBuildInputs = [ makeWrapper ];
# gpodder keeps all its feeds in a sqlite3 database.
# we can configure the feeds externally by wrapping gpodder and just instructing it to import