flake update: nixpkgs 2023-01-13 -> 2023-01-15

``` • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/a83ed85c14fcf242653df6f4b0974b7e1c73c6c6' (2023-01-14) → 'github:nixos/nixpkgs/2f9fd351ec37f5d479556cd48be4ca340da59b8f' (2023-01-15) • Updated input 'nixpkgs-unpatched': 'github:nixos/nixpkgs/befc83905c965adfd33e5cae49acb0351f6e0404' (2023-01-13) → 'github:nixos/nixpkgs/6dccdc458512abce8d19f74195bb20fdb067df50' (2023-01-15) ```
bootpart-tow-boot-rpi-aarch64: fix syntax error
2023-01-17 10:50:00 +00:00 · 2023-01-16 12:14:22 +00:00 · 2023-01-16 11:44:07 +00:00 · 2023-01-16 07:31:12 +00:00 · 2023-01-16 06:47:44 +00:00 · 2023-01-16 06:46:59 +00:00
9 changed files with 43 additions and 29 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -56,27 +56,26 @@
      "inputs": {
        "nixpkgs": [
          "nixpkgs-unpatched"
-        ],
-        "patches": []
+        ]
      },
      "locked": {
        "lastModified": 1,
-        "narHash": "sha256-d3XSehPFkNwvwlOYy7gch0NLxOgdXuV7j5r/Qsn7kHc=",
-        "path": "/nix/store/wq6rmmnd7yhw9w44k54w4x5v63ah1psr-source/nixpatches",
+        "narHash": "sha256-5zCxdHGOS0OOP7vbgTA1iwv9GVr5JSiths7QmgUsU84=",
+        "path": "/nix/store/9a5k9pfawxzz1sng17si26sc9af39jr1-source/nixpatches",
        "type": "path"
      },
      "original": {
-        "path": "/nix/store/wq6rmmnd7yhw9w44k54w4x5v63ah1psr-source/nixpatches",
+        "path": "/nix/store/9a5k9pfawxzz1sng17si26sc9af39jr1-source/nixpatches",
        "type": "path"
      }
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1673704454,
-        "narHash": "sha256-5Wdj1MgdOgn3+dMFIBtg+IAYZApjF8JzwLWDPieg0C4=",
+        "lastModified": 1673800717,
+        "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "a83ed85c14fcf242653df6f4b0974b7e1c73c6c6",
+        "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f",
        "type": "github"
      },
      "original": {
@@ -104,11 +103,11 @@
    },
    "nixpkgs-unpatched": {
      "locked": {
-        "lastModified": 1673631141,
-        "narHash": "sha256-AprpYQ5JvLS4wQG/ghm2UriZ9QZXvAwh1HlgA/6ZEVQ=",
+        "lastModified": 1673796341,
+        "narHash": "sha256-1kZi9OkukpNmOaPY7S5/+SlCDOuYnP3HkXHvNDyLQcc=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "befc83905c965adfd33e5cae49acb0351f6e0404",
+        "rev": "6dccdc458512abce8d19f74195bb20fdb067df50",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -26,8 +26,6 @@
    nixpkgs = {
      url = "./nixpatches";
      inputs.nixpkgs.follows = "nixpkgs-unpatched";
-      # TODO: remove this dependency injection: it's from when we used url = path:...
-      inputs.patches.follows = "";
    };
    mobile-nixos = {
      # <https://github.com/nixos/mobile-nixos>
@@ -187,9 +185,6 @@
          description = "python environment for data processing";
        };
      };
-
-      # unofficial output; used by inputs.nixpatches
-      nixpatches = import ./nixpatches/list.nix;
    };
 }

--- a/hosts/common/default.nix
+++ b/hosts/common/default.nix
@@ -30,6 +30,9 @@
    "/var/lib/machines"            # maybe not needed, but would be painful to add a VM and forget.
  ];

+  # some services which use private directories error if the parent (/var/lib/private) isn't 700.
+  sane.fs."/var/lib/private".dir.acl.mode = "0700";
+
  nixpkgs.config.allowUnfree = true;

  # time.timeZone = "America/Los_Angeles";
--- a/modules/home-manager/firefox.nix
+++ b/modules/home-manager/firefox.nix
@@ -59,10 +59,10 @@ let
      # `wget ...xpi`; `unar ...xpi`; `cat */manifest.json | jq '.browser_specific_settings.gecko.id'`
      (addon "ublock-origin" "uBlock0@raymondhill.net" "sha256-a/ivUmY1P6teq9x0dt4CbgHt+3kBsEMMXlOfZ5Hx7cg=")
      (addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-d2K3ufvurWnYVzqLbyR//MgejybkY9exitAf9RdLNRo=")
-      (addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-t6Q335Nq60mDILPmzem+DT5KflleAPVJL3bsaA+UL0g=")
+      (addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-JOj5P7c2JTTReHCRZXm4BscaGr3i+9Y4Ey/y621x8PI=")
      (addon "sidebery" "{3c078156-979c-498b-8990-85f7987dd929}" "sha256-YONfK/rIjlsrTgRHIt3km07Q7KnpIW89Z9r92ZSCc6w=")
      (addon "ether-metamask" "webextension@metamask.io" "sha256-G+MwJDOcsaxYSUXjahHJmkWnjLeQ0Wven8DU/lGeMzA=")
-      (addon "ublacklist" "@ublacklist" "sha256-vHe/7EYOzcKeAbTElmt0Rb4E2rX0f3JgXThJaUmaz+M=")
+      (addon "ublacklist" "@ublacklist" "sha256-RqY5iHzbL2qizth7aguyOKWPyINXmrwOlf/OsfqAS48=")
      (addon "i2p-in-private-browsing" "i2ppb@eyedeekay.github.io" "sha256-dJcJ3jxeAeAkRvhODeIVrCflvX+S4E0wT/PyYzQBQWs=")
      # (addon "browserpass-ce" "browserpass@maximbaz.com" "sha256-sXgUBbRvMnRpeIW1MTkmTcoqtW/8RDXAkxAq1evFkpc=")
      (localAddon pkgs.browserpass-extension)
--- a/nixpatches/flake.nix
+++ b/nixpatches/flake.nix
@@ -1,16 +1,14 @@
 {
  inputs = {
    nixpkgs = {};
-    patches = {};
  };
-  outputs = { self, nixpkgs, patches }@inputs:
+  outputs = { self, nixpkgs }@inputs:
    let
      patchedPkgsFor = system: nixpkgs.legacyPackages.${system}.applyPatches {
        name = "nixpkgs-patched-uninsane";
        src = nixpkgs;
-        patches = inputs.patches.nixpatches {
-          inherit (nixpkgs.legacyPackages.${system}) fetchpatch;
-          inherit (nixpkgs.lib) fakeHash;
+        patches = import ./list.nix {
+          inherit (nixpkgs.legacyPackages.${system}) fetchpatch fetchurl;
        };
      };
      patchedFlakeFor = system: import "${patchedPkgsFor system}/flake.nix";
--- a/nixpatches/list.nix
+++ b/nixpatches/list.nix
@@ -1,4 +1,4 @@
-{ fakeHash, fetchpatch }: [
+{ fetchpatch, fetchurl }: [
  # librewolf: build with `MOZ_REQUIRE_SIGNING=false`
  (fetchpatch {
    url = "https://github.com/NixOS/nixpkgs/pull/199134.diff";
@@ -20,6 +20,12 @@
    sha256 = "sha256-L9Ie80loaP6yl5ZFnJ1b5WMDpvO1QFE8tbrW5HBauko=";
  })

+  # nixos/mx-puppet-discord: move to matrix category
+  (fetchurl {
+    url = "https://git.uninsane.org/colin/nixpkgs/commit/87c877fff84717478a96d1b0c65bd2febd350dea.diff";
+    sha256 = "sha256-E5TonCj3f8j7kxApBq/suNT5mB7z8uD00NzI34Qh2SE=";
+  })
+
  ./2022-12-19-i2p-aarch64.patch

  # # kaiteki: init at 2022-09-03
--- a/overlays/pins.nix
+++ b/overlays/pins.nix
@@ -1,3 +1,9 @@
+# when a `nixos-rebuild` fails after a nixpkgs update:
+# - take the failed package
+# - search it here: <https://hydra.nixos.org/search?query=pkgname>
+# - if it's broken by that upstream builder, then pin it: somebody will come along and fix the package.
+# - otherwise, search github issues/PRs for knowledge of it before pinning.
+# - if nobody's said anything about it yet, probably want to root cause it or hold off on updating.
 (next: prev: {
  inherit (next.stable)
    # TODO(unpin): broken on 2023/01/14 via mtxclient dep, aarch64-only:
@@ -20,5 +26,12 @@
    #   error: 1 dependencies of derivation '/nix/store/5qjxzhsw1jvh2d7jypbcam9409ivb472-user-environment.drv' failed to build
    #   error: 1 dependencies of derivation '/nix/store/hrb3qpdbisqh0lzlyz1g9g4164khmqwn-etc.drv' failed to build
    #   error: 1 dependencies of derivation '/nix/store/ny21xyicbgim5wy7ksg2hibd9gn7i01b-nixos-system-moby-23.05pre-git.drv' failed to build
-    nheko;
+    nheko
+
+    # TODO(unpin): broken build on 2023/01/16, all platforms: <https://github.com/NixOS/nixpkgs/pull/208251>
+    # fix in PR: <https://github.com/NixOS/nixpkgs/pull/211135>
+    kitty
+    # TODO(unpin): broken build on 2023/01/16. <https://hydra.nixos.org/build/205551450>
+    handbrake
+  ;
 })
--- a/pkgs/bootpart-tow-boot-rpi-aarch64/default.nix
+++ b/pkgs/bootpart-tow-boot-rpi-aarch64/default.nix
@@ -4,11 +4,10 @@ stdenv.mkDerivation rec {
  pname = "bootpart-tow-boot-rpi-aarch64";
  version = "1";

-  buildInputs = with [ 
+  buildInputs = [
    tow-boot-rpi4  # for Tow-Boot.*.bin
    raspberrypifw  # for bootcode.bin, *.dat, *.elf, *.dtb
    raspberrypi-armstubs  # for armstub*
-
  ];

  src = ./config.txt;
--- a/pkgs/sublime-music-mobile/default.nix
+++ b/pkgs/sublime-music-mobile/default.nix
@@ -127,10 +127,10 @@ python3Packages.buildPythonApplication rec {
    dataclasses-json
    deepdiff
    fuzzywuzzy
+    levenshtein
    mpv
    peewee
    pygobject3
-    python-Levenshtein
    python-dateutil
    requests
    semver
@@ -144,7 +144,8 @@ python3Packages.buildPythonApplication rec {
    sed -i "/--cov/d" setup.cfg
    sed -i "/--no-cov-on-fail/d" setup.cfg
    substituteInPlace pyproject.toml \
-      --replace 'deepdiff = "^5.8.1"' 'deepdiff = ">=5.8.1"'
+      --replace 'deepdiff = "^5.8.1"' 'deepdiff = ">=5.8.1"' \
+      --replace 'python-Levenshtein = "^0.12.0"' 'levenshtein = ">=0.12.0"'
  '';

  # hook for gobject-introspection doesn't like strictDeps
Author	SHA1	Message	Date
colin	bc190f90bd	flake update: nixpkgs 2023-01-13 -> 2023-01-15 ``` • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/a83ed85c14fcf242653df6f4b0974b7e1c73c6c6' (2023-01-14) → 'github:nixos/nixpkgs/2f9fd351ec37f5d479556cd48be4ca340da59b8f' (2023-01-15) • Updated input 'nixpkgs-unpatched': 'github:nixos/nixpkgs/befc83905c965adfd33e5cae49acb0351f6e0404' (2023-01-13) → 'github:nixos/nixpkgs/6dccdc458512abce8d19f74195bb20fdb067df50' (2023-01-15) ```	2023-01-17 10:50:00 +00:00
colin	7aac965e32	bootpart-tow-boot-rpi-aarch64: fix syntax error	2023-01-16 12:14:22 +00:00
colin	18c98feb34	fs: fix /var/lib/private to have expected mode (0700)	2023-01-16 11:44:07 +00:00
colin	ddb184b5ff	(nixos) mx-puppet-discord: move to matrix category	2023-01-16 07:31:12 +00:00
colin	194a6b6cf4	nixpatches: remove unused fakeHash input (just omit the hash when you need to)	2023-01-16 06:47:44 +00:00
colin	016384aa2b	nixpatches: move the list to the nixpatches flake instead of injecting it	2023-01-16 06:46:59 +00:00