From b630349c6809aff827177e4acbaa206d1eff02b0 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Tue, 20 Aug 2024 13:55:38 +0100 Subject: [PATCH 1/3] git: automatically --set-upstream for new branches --- home/git.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/git.nix b/home/git.nix index cc13d4a..c73f24e 100644 --- a/home/git.nix +++ b/home/git.nix @@ -9,6 +9,9 @@ init = { defaultBranch = "main"; }; + push = { + autoSetupRemote = true; + }; }; }; } From 60a9f5981684f2c2b72aac0e48e306bdf0e5e829 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Thu, 22 Aug 2024 00:55:30 +0100 Subject: [PATCH 2/3] vscode: downgrade nix-vscode-extensions It turns out a typical cadence for breaking changes to the VS Code plugin API is every two or three months. What the fuck. Obviously this means it's not practical to pair nixos stable releases with the rolling-release model of nix-vscode-extensions. So, I'm downgrading nix-vscode-extensions to the commit that was live as of 24.05's freeze from nixpkgs master, and will just update it once every six months, unless something else breaks. --- npins/sources.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/npins/sources.json b/npins/sources.json index 340f30e..27d6de1 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -46,9 +46,9 @@ "repo": "nix-vscode-extensions" }, "branch": "master", - "revision": "5ea2b85a16c2d4b3c847854e7c8c188f3e0c6db8", - "url": "https://github.com/nix-community/nix-vscode-extensions/archive/5ea2b85a16c2d4b3c847854e7c8c188f3e0c6db8.tar.gz", - "hash": "0192xjwzh1x9gmj6kwigd1zdpngx5qrnd2qbrc8xh5x0294qakgb" + "revision": "27ce569a199d2da1a8483fe3d69dd41664da3a63", + "url": "https://github.com/nix-community/nix-vscode-extensions/archive/27ce569a199d2da1a8483fe3d69dd41664da3a63.tar.gz", + "hash": "1dpykmk4xmpvx9i8awd93h0g1q8ir2pwsisjzc7vc5f43lm7h86b" }, "nixpkgs": { "type": "Channel", From 02430a46ea4b9a4c9205fa3ba1ad652b0987e62b Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sun, 18 Aug 2024 16:46:59 +0100 Subject: [PATCH 3/3] move to flake entrypoint --- flake.lock | 126 +++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 102 ++++++++++++++++++++++++++++++++++++ hive.nix | 76 --------------------------- npins/sources.json | 29 ----------- pinning.nix | 10 ---- 5 files changed, 228 insertions(+), 115 deletions(-) create mode 100644 flake.lock create mode 100644 flake.nix delete mode 100644 hive.nix delete mode 100644 pinning.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..5f61b87 --- /dev/null +++ b/flake.lock @@ -0,0 +1,126 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": [], + "home-manager": "home-manager", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", + "owner": "ryantm", + "repo": "agenix", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "birdsong": { + "locked": { + "lastModified": 1722971137, + "narHash": "sha256-1x0vaUy/uFCfoDn0a4K55+MNseAqLQmv1GPP6GQFFIA=", + "ref": "main", + "rev": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3", + "revCount": 7, + "type": "git", + "url": "https://git.qenya.tel/qenya/birdsong" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://git.qenya.tel/qenya/birdsong" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1723688146, + "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "agenix": "agenix", + "birdsong": "birdsong", + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..248ae45 --- /dev/null +++ b/flake.nix @@ -0,0 +1,102 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + + home-manager = { + url = "github:nix-community/home-manager/release-24.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + agenix = { + url = "github:ryantm/agenix?tag=0.15.0"; + inputs = { + nixpkgs.follows = "nixpkgs"; + darwin.follows = ""; + }; + }; + + birdsong.url = "git+https://git.qenya.tel/qenya/birdsong?ref=main"; + }; + + outputs = inputs@{ self, nixpkgs, home-manager, agenix, birdsong, ... }: { + colmena = { + meta.nixpkgs = import nixpkgs { system = "x86_64-linux"; }; + nodeNixpkgs.kalessin = import nixpkgs { system = "aarch64-linux"; }; # TODO: this should be generated from the host config somehow + + defaults = { name, nodes, config, lib, pkgs, ... }: { + deployment.replaceUnknownProfiles = lib.mkDefault false; + networking.hostName = name; + + nix.settings.experimental-features = "nix-command flakes"; + + nixpkgs.config = { + allowUnfree = true; + packageOverrides = pkgs: + let sources = import ./npins; + in { + agenix = (import sources.agenix { inherit pkgs; }).agenix; + nur = (import sources.nur { inherit pkgs; }); + vscode-extensions = (import sources.nix-vscode-extensions).extensions.x86_64-linux; # TODO: This should check the host architecture + }; + }; + + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + }; + + imports = [ + home-manager.nixosModules.home-manager + agenix.nixosModules.default + birdsong.nixosModules.default + ./common + ./services + ]; + }; + + tohru = { name, nodes, ... }: { + networking.hostId = "31da19c1"; + time.timeZone = "Europe/London"; + + imports = [ + ./deployment/local.nix + ./hosts/tohru/configuration.nix + ]; + }; + + yevaud = { name, nodes, ... }: { + networking.hostId = "09673d65"; + time.timeZone = "Etc/UTC"; + + imports = [ + ./deployment/remote.nix + ./hosts/yevaud/configuration.nix + ]; + }; + + orm = { name, nodes, ... }: { + networking.hostId = "00000000"; + time.timeZone = "Etc/UTC"; + + imports = [ + ./deployment/remote.nix + ./hosts/orm/configuration.nix + ]; + }; + + kalessin = { name, nodes, ... }: { + networking.hostId = "534b538e"; + time.timeZone = "Etc/UTC"; + deployment = { + buildOnTarget = true; + replaceUnknownProfiles = true; + }; + + imports = [ + ./deployment/remote.nix + ./hosts/kalessin/configuration.nix + ]; + }; + }; + }; +} diff --git a/hive.nix b/hive.nix deleted file mode 100644 index f6791d3..0000000 --- a/hive.nix +++ /dev/null @@ -1,76 +0,0 @@ -let sources = import ./npins; -in { - meta.nixpkgs = sources.nixpkgs; - - defaults = { name, nodes, config, lib, pkgs, ... }: { - deployment.replaceUnknownProfiles = lib.mkDefault false; - networking.hostName = name; - - nixpkgs.config = { - allowUnfree = true; - packageOverrides = pkgs: { - agenix = (import sources.agenix { inherit pkgs; }).agenix; - nur = (import sources.nur { inherit pkgs; }); - vscode-extensions = (import sources.nix-vscode-extensions).extensions.x86_64-linux; # TODO: This should check the host architecture - }; - }; - - home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - }; - - imports = [ - (import "${sources.home-manager}/nixos") - (import "${sources.agenix}/modules/age.nix") - (import "${sources.birdsong}/module.nix") - ./pinning.nix - ./common - ./services - ]; - }; - - tohru = { name, nodes, ... }: { - networking.hostId = "31da19c1"; - time.timeZone = "Europe/London"; - - imports = [ - ./deployment/local.nix - ./hosts/tohru/configuration.nix - ]; - }; - - yevaud = { name, nodes, ... }: { - networking.hostId = "09673d65"; - time.timeZone = "Etc/UTC"; - - imports = [ - ./deployment/remote.nix - ./hosts/yevaud/configuration.nix - ]; - }; - - orm = { name, nodes, ... }: { - networking.hostId = "00000000"; - time.timeZone = "Etc/UTC"; - - imports = [ - ./deployment/remote.nix - ./hosts/orm/configuration.nix - ]; - }; - - kalessin = { name, nodes, ... }: { - networking.hostId = "534b538e"; - time.timeZone = "Etc/UTC"; - deployment = { - buildOnTarget = true; - replaceUnknownProfiles = true; - }; - - imports = [ - ./deployment/remote.nix - ./hosts/kalessin/configuration.nix - ]; - }; -} diff --git a/npins/sources.json b/npins/sources.json index 27d6de1..fc17a6d 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -15,29 +15,6 @@ "url": "https://api.github.com/repos/ryantm/agenix/tarball/0.15.0", "hash": "01dhrghwa7zw93cybvx4gnrskqk97b004nfxgsys0736823956la" }, - "birdsong": { - "type": "Git", - "repository": { - "type": "Git", - "url": "https://git.qenya.tel/qenya/birdsong.git" - }, - "branch": "main", - "revision": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3", - "url": null, - "hash": "100l0mjfikv3sjphjb9aw2qhvqz7p616px1rl2gm1f5z9iljy7fp" - }, - "home-manager": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "nix-community", - "repo": "home-manager" - }, - "branch": "release-24.05", - "revision": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", - "url": "https://github.com/nix-community/home-manager/archive/e1391fb22e18a36f57e6999c7a9f966dc80ac073.tar.gz", - "hash": "0c83di08nhkzq0cwc3v7aax3x8y5m7qahyzxppinzwxi3r8fnjq3" - }, "nix-vscode-extensions": { "type": "Git", "repository": { @@ -50,12 +27,6 @@ "url": "https://github.com/nix-community/nix-vscode-extensions/archive/27ce569a199d2da1a8483fe3d69dd41664da3a63.tar.gz", "hash": "1dpykmk4xmpvx9i8awd93h0g1q8ir2pwsisjzc7vc5f43lm7h86b" }, - "nixpkgs": { - "type": "Channel", - "name": "nixos-24.05", - "url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.3914.c3d4ac725177/nixexprs.tar.xz", - "hash": "1bs4sl01pbxp47sr3hny9mipfibazw1ch2b9cd6vygi501ickx9w" - }, "nur": { "type": "Git", "repository": { diff --git a/pinning.nix b/pinning.nix deleted file mode 100644 index 9ac8584..0000000 --- a/pinning.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: - -let sources = import ./npins; -in { - # Make point systemwide to the pinned nixpkgs - # https://jade.fyi/blog/pinning-nixos-with-npins/ - nix.settings.experimental-features = "nix-command flakes"; - nixpkgs.flake.source = sources.nixpkgs; - nix.nixPath = [ "nixpkgs=flake:nixpkgs" ]; -}