Skip to content

Commit

Permalink
47 papercuts
Browse files Browse the repository at this point in the history
  • Loading branch information
@Enzime
Enzime committed Oct 16, 2024
1 parent 31ea04c commit 6ee9d11
Show file tree
Hide file tree
Showing 5 changed files with 124 additions and 89 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
- Added `<hostname>-vm` packages for running a VM with a different `hostPlatform`
- Fixed `sshfs` on macOS
- Use `nix-index-database` for prebuilt `nix-index` databases on all platforms
- Fixed `darwin-rebuild switch` outputting `Dock` PID
Expand Down
6 changes: 4 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,14 @@ Due to subflakes being broken in Nix, before you can use this repo you'll need t
$ nix-shell --pure -I nixpkgs=flake:nixpkgs -p '(import ./shell.nix { }).packages.${builtins.currentSystem}.add-subflakes-to-store' --command add-subflakes-to-store
```

You can then run a NixOS VM like so:
You can then run a NixOS VM on Linux with:

```
$ nix run .#nixosConfigurations.phi-nixos.config.system.build.vm
$ nix run .#phi-nixos-vm
```

All the possible hostnames are `aether`, `eris`, `hermes-nixos`, `phi-nixos` and `sigma`

## See also

- [Frequently Asked Questions about Nix](https://github.com/hlissner/dotfiles/tree/55194e703d1fe82e7e0ffd06e460f1897b6fc404?tab=readme-ov-file#frequently-asked-questions)
196 changes: 113 additions & 83 deletions flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,98 +340,128 @@
(flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ git-hooks.flakeModule ];
systems = import inputs.systems;
perSystem = { config, self', pkgs, system, ... }: {
_module.args.pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
(import ./overlays/identify.nix)
(inputs.nix-overlay.outputs.overlay)
];
};
perSystem = { config, self', pkgs, lib, system, ... }:
lib.mkMerge [
{
_module.args.pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
(import ./overlays/identify.nix)
(inputs.nix-overlay.outputs.overlay)
];
};

pre-commit.settings = {
src = ./.;
hooks.nixfmt.enable = true;
hooks.nil.enable = true;
hooks.shellcheck.enable = true;

hooks.no-todo = {
enable = true;
name = "no TODOs";
entry = "${./files/no-todos}";
language = "system";
pass_filenames = false;
};
};
pre-commit.settings = {
src = ./.;
hooks.nixfmt.enable = true;
hooks.nil.enable = true;
hooks.shellcheck.enable = true;

hooks.no-todo = {
enable = true;
name = "no TODOs";
entry = "${./files/no-todos}";
language = "system";
pass_filenames = false;
};
};

devShells.default = pkgs.mkShell {
buildInputs = (builtins.attrValues {
inherit (home-manager.packages.${system}) home-manager;
inherit (agenix.packages.${system}) agenix;
inherit (self'.packages) terraform;
}) ++ config.pre-commit.settings.enabledPackages;

shellHook = ''
POST_CHECKOUT_HOOK=$(git rev-parse --git-common-dir)/hooks/post-checkout
TMPFILE=$(mktemp)
if curl -o $TMPFILE --fail https://raw.githubusercontent.com/Enzime/dotfiles-nix/HEAD/files/post-checkout; then
if [[ -e $POST_CHECKOUT_HOOK ]]; then
echo "Removing existing $POST_CHECKOUT_HOOK"
rm $POST_CHECKOUT_HOOK
fi
echo "Replacing $POST_CHECKOUT_HOOK with $TMPFILE"
cp $TMPFILE $POST_CHECKOUT_HOOK
chmod a+x $POST_CHECKOUT_HOOK
fi
if [[ -e $POST_CHECKOUT_HOOK ]]; then
$POST_CHECKOUT_HOOK
fi
${config.pre-commit.devShell.shellHook}
'';
};
devShells.default = pkgs.mkShell {
buildInputs = (builtins.attrValues {
inherit (home-manager.packages.${system}) home-manager;
inherit (agenix.packages.${system}) agenix;
inherit (self'.packages) terraform;
}) ++ config.pre-commit.settings.enabledPackages;

shellHook = ''
POST_CHECKOUT_HOOK=$(git rev-parse --git-common-dir)/hooks/post-checkout
TMPFILE=$(mktemp)
if curl -o $TMPFILE --fail https://raw.githubusercontent.com/Enzime/dotfiles-nix/HEAD/files/post-checkout; then
if [[ -e $POST_CHECKOUT_HOOK ]]; then
echo "Removing existing $POST_CHECKOUT_HOOK"
rm $POST_CHECKOUT_HOOK
fi
echo "Replacing $POST_CHECKOUT_HOOK with $TMPFILE"
cp $TMPFILE $POST_CHECKOUT_HOOK
chmod a+x $POST_CHECKOUT_HOOK
fi
if [[ -e $POST_CHECKOUT_HOOK ]]; then
$POST_CHECKOUT_HOOK
fi
${config.pre-commit.devShell.shellHook}
'';
};

packages.add-subflakes-to-store = pkgs.writeShellApplication {
name = "add-subflakes-to-store";
runtimeInputs =
builtins.attrValues { inherit (pkgs) nix git findutils gnused; };
text = ''
set -x
packages.add-subflakes-to-store = pkgs.writeShellApplication {
name = "add-subflakes-to-store";
runtimeInputs = builtins.attrValues {
inherit (pkgs) nix git findutils gnused;
};
text = ''
set -x
# This gets set when nix-shell --pure is used
if [[ "''${NIX_SSL_CERT_FILE:-}" == "/no-cert-file.crt" ]]; then
export NIX_SSL_CERT_FILE=
fi
# This gets set when nix-shell --pure is used
if [[ "''${NIX_SSL_CERT_FILE:-}" == "/no-cert-file.crt" ]]; then
export NIX_SSL_CERT_FILE=
fi
cp flake.lock flake.lock.old
cp flake.lock flake.lock.old
# shellcheck disable=SC2046
nix flake update systems $(find overlays -mindepth 1 -type d -exec basename {} \; | sed -E 's/^(.*)$/&-overlay/' | paste -sd ' ' -)
# shellcheck disable=SC2046
nix flake update systems $(find overlays -mindepth 1 -type d -exec basename {} \; | sed -E 's/^(.*)$/&-overlay/' | paste -sd ' ' -)
mv flake.lock.old flake.lock
'';
};
mv flake.lock.old flake.lock
'';
};

packages.check = pkgs.writeShellApplication {
name = "nix-flake-check-without-ifd";
runtimeInputs = builtins.attrValues { inherit (pkgs) patch nix jq; };
text = ''
set -x
patch < ${./files/no-ifd.diff}
PATCHED=$(nix flake metadata "''${1:-$PWD}" --json | jq -r '.path')
patch -R < ${./files/no-ifd.diff}
nix flake check --print-build-logs "$PATCHED"
'';
};
packages.check = pkgs.writeShellApplication {
name = "nix-flake-check-without-ifd";
runtimeInputs =
builtins.attrValues { inherit (pkgs) patch nix jq; };
text = ''
set -x
patch < ${./files/no-ifd.diff}
PATCHED=$(nix flake metadata "''${1:-$PWD}" --json | jq -r '.path')
patch -R < ${./files/no-ifd.diff}
nix flake check --print-build-logs "$PATCHED"
'';
};

packages.terraform = pkgs.terraform.withPlugins (p:
builtins.attrValues {
inherit (p) external hcloud local null onepassword tailscale;
});
};
packages.terraform = pkgs.terraform.withPlugins (p:
builtins.attrValues {
inherit (p) external hcloud local null onepassword tailscale;
});
}
{
packages = let
vmWithNewHostPlatform = name:
pkgs.writeShellApplication {
name = "run-${name}-vm-on-${system}";
runtimeInputs = builtins.attrValues { inherit (pkgs) jq; };
text = ''
set -x
drv="$(nix eval --raw ${self}#nixosConfigurations.${name} \
--apply 'original:
let configuration = original.extendModules { modules = [ ({ lib, ... }: {
_file = "<nixos-rebuild build-vm override>";
nixpkgs.hostPlatform = lib.mkForce "${system}";
}) ]; };
in configuration.config.system.build.vm.drvPath' )"
vm=$(nix build --no-link "$drv^*" --json | jq -r '.[0].outputs.out')
# shellcheck disable=SC2211
"$vm"/bin/run-*-vm
'';
};
in lib.mapAttrs' (hostname: configuration:
lib.nameValuePair "${hostname}-vm"
(vmWithNewHostPlatform hostname)) self.nixosConfigurations;
}
];
flake = { keys = import ./keys.nix; };
});
}
5 changes: 3 additions & 2 deletions hosts/phi/configuration.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ config, user, keys, pkgs, ... }:
{ config, user, keys, pkgs, lib, ... }:

{
imports = [ ./hardware-configuration.nix ];
Expand All @@ -7,7 +7,8 @@
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.netbootxyz.enable = true;

hardware.cpu.amd.updateMicrocode = true;
hardware.cpu.amd.updateMicrocode =
lib.mkIf pkgs.stdenv.hostPlatform.isx86_64 true;

networking.nameservers = [ "1.1.1.1" ];
networking.dhcpcd.extraConfig = ''
Expand Down
5 changes: 3 additions & 2 deletions hosts/sigma/configuration.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ user, ... }:
{ user, pkgs, lib, ... }:

{
imports = [ ./hardware-configuration.nix ];
Expand All @@ -12,7 +12,8 @@

networking.hostId = "215212b4";

hardware.cpu.intel.updateMicrocode = true;
hardware.cpu.intel.updateMicrocode =
lib.mkIf pkgs.stdenv.hostPlatform.isx86_64 true;

nix.registry.ln.to = {
type = "git";
Expand Down

0 comments on commit 6ee9d11

Please sign in to comment.