From 47f8d03ecb9efe39045630a1ebdcbc1c5a8f424e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 21 Mar 2023 15:46:26 +0100 Subject: funky NIX_PATH --- system-profiles/core.nix | 116 --------------------------------------- system-profiles/core/default.nix | 115 ++++++++++++++++++++++++++++++++++++++ system-profiles/core/nixpkgs.nix | 6 ++ 3 files changed, 121 insertions(+), 116 deletions(-) delete mode 100644 system-profiles/core.nix create mode 100644 system-profiles/core/default.nix create mode 100644 system-profiles/core/nixpkgs.nix (limited to 'system-profiles') diff --git a/system-profiles/core.nix b/system-profiles/core.nix deleted file mode 100644 index f6d5a21e..00000000 --- a/system-profiles/core.nix +++ /dev/null @@ -1,116 +0,0 @@ -{ flake, flakeInputs, path, hostName, config, lib, pkgs, customUtils, ... }: -let - profileSet = customUtils.types.attrNameSet flake.nixosModules.systemProfiles; - userProfileSet = customUtils.types.attrNameSet (lib.zipAttrs (lib.attrValues flake.nixosModules.userProfiles)); - hasSops = config.sops.secrets != {}; -in { - imports = with flakeInputs; - [ sops-nix.nixosModules.sops - home-manager.nixosModules.home-manager - ]; - - options = { - # See mkSystemProfile in ../flake.nix - system.profiles = lib.mkOption { - type = profileSet; - default = []; - description = '' - Set (list without duplicates) of ‘systemProfiles’ enabled for this host - ''; - }; - - users.users = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule { - options.profiles = lib.mkOption { - type = userProfileSet; - default = []; - description = '' - Set (list without duplicates) of ‘userProfiles’ enabled for this user - ''; - }; - }); - }; - }; - - config = { - networking.hostName = hostName; - system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; - - nixpkgs.pkgs = flake.legacyPackages.${config.nixpkgs.system}.override { - inherit (config.nixpkgs) config; - localSystem = config.nixpkgs.system; - }; - - nix = { - package = pkgs.nixUnstable; - settings = { - sandbox = true; - allowed-users = [ "*" ]; - trusted-users = [ "root" "@wheel" ]; - - flake-registry = "${flakeInputs.flake-registry}/flake-registry.json"; - }; - extraOptions = '' - experimental-features = nix-command flakes - ''; - nixPath = [ - "nixpkgs=/run/nixpkgs" - # "nixpkgs-overlays=/run/nixpkgs-overlays.nix" - ]; - registry = - let override = { self = "nixos"; }; - in lib.mapAttrs' (inpName: inpFlake: lib.nameValuePair - (override.${inpName} or inpName) - { flake = inpFlake; } ) flakeInputs; - }; - - systemd.tmpfiles.rules = [ - "L+ /run/nixpkgs - - - - ${flakeInputs.nixpkgs.outPath}" - "L+ /run/nixpkgs-overlays.nix - - - - ${pkgs.writeText "overlays.nix" '' - with builtins; - - attrValues (import - ( - let lock = fromJSON (readFile ${flake + "/flake.lock"}); in - fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/''${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; - } - ) - { src = ${flake}; } - ).defaultNix.overlays - ''}" - ]; - - users.mutableUsers = false; - - # documentation.nixos.includeAllModules = true; # incompatible with home-manager (build fails) - - home-manager = { - useGlobalPkgs = true; # Otherwise home-manager would only work impurely - useUserPackages = false; - }; - - sops = lib.mkIf hasSops { - age = { - keyFile = "/var/lib/sops-nix/key.txt"; - generateKey = false; - sshKeyPaths = []; - }; - gnupg = { - home = null; - sshKeyPaths = []; - }; - }; - - environment.systemPackages = [ pkgs.git ] ++ lib.optional hasSops pkgs.gnupg; - - system.activationScripts.symlink-flake = '' - if test -L /etc/nixos; then - ln -nsf ${flake} /etc/nixos - elif test -d /etc/nixos && rmdir --ignore-fail-on-non-empty /etc/nixos; then - ln -s ${flake} /etc/nixos - fi - ''; - }; -} diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix new file mode 100644 index 00000000..1368b54f --- /dev/null +++ b/system-profiles/core/default.nix @@ -0,0 +1,115 @@ +{ flake, flakeInputs, path, hostName, config, lib, pkgs, customUtils, ... }: +let + profileSet = customUtils.types.attrNameSet flake.nixosModules.systemProfiles; + userProfileSet = customUtils.types.attrNameSet (lib.zipAttrs (lib.attrValues flake.nixosModules.userProfiles)); + hasSops = config.sops.secrets != {}; +in { + imports = with flakeInputs; + [ sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + ]; + + options = { + # See mkSystemProfile in ../flake.nix + system.profiles = lib.mkOption { + type = profileSet; + default = []; + description = '' + Set (list without duplicates) of ‘systemProfiles’ enabled for this host + ''; + }; + + users.users = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule { + options.profiles = lib.mkOption { + type = userProfileSet; + default = []; + description = '' + Set (list without duplicates) of ‘userProfiles’ enabled for this user + ''; + }; + }); + }; + }; + + config = { + networking.hostName = hostName; + system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; + + nixpkgs.pkgs = flake.legacyPackages.${config.nixpkgs.system}.override { + inherit (config.nixpkgs) config; + localSystem = config.nixpkgs.system; + }; + + nix = { + package = pkgs.nixUnstable; + settings = { + sandbox = true; + allowed-users = [ "*" ]; + trusted-users = [ "root" "@wheel" ]; + + flake-registry = "${flakeInputs.flake-registry}/flake-registry.json"; + }; + extraOptions = '' + experimental-features = nix-command flakes + ''; + nixPath = [ + "nixpkgs=${./nixpkgs.nix}" + ]; + registry = + let override = { self = "nixos"; }; + in lib.mapAttrs' (inpName: inpFlake: lib.nameValuePair + (override.${inpName} or inpName) + { flake = inpFlake; } ) flakeInputs; + }; + + systemd.tmpfiles.rules = [ + "L+ /run/nixpkgs - - - - ${flakeInputs.nixpkgs.outPath}" + "L+ /run/nixpkgs-overlays.nix - - - - ${pkgs.writeText "overlays.nix" '' + with builtins; + + attrValues (import + ( + let lock = fromJSON (readFile ${flake + "/flake.lock"}); in + fetchTarball { + url = "https://github.com/edolstra/flake-compat/archive/''${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; + } + ) + { src = ${flake}; } + ).defaultNix.overlays + ''}" + ]; + + users.mutableUsers = false; + + # documentation.nixos.includeAllModules = true; # incompatible with home-manager (build fails) + + home-manager = { + useGlobalPkgs = true; # Otherwise home-manager would only work impurely + useUserPackages = false; + }; + + sops = lib.mkIf hasSops { + age = { + keyFile = "/var/lib/sops-nix/key.txt"; + generateKey = false; + sshKeyPaths = []; + }; + gnupg = { + home = null; + sshKeyPaths = []; + }; + }; + + environment.systemPackages = [ pkgs.git ] ++ lib.optional hasSops pkgs.gnupg; + + system.activationScripts.symlink-flake = '' + if test -L /etc/nixos; then + ln -nsf ${flake} /etc/nixos + elif test -d /etc/nixos && rmdir --ignore-fail-on-non-empty /etc/nixos; then + ln -s ${flake} /etc/nixos + fi + ''; + }; +} diff --git a/system-profiles/core/nixpkgs.nix b/system-profiles/core/nixpkgs.nix new file mode 100644 index 00000000..43bdae4d --- /dev/null +++ b/system-profiles/core/nixpkgs.nix @@ -0,0 +1,6 @@ +args@{ + overlays ? import /run/nixpkgs-overlays.nix, + ... +}: + +import /run/nixpkgs (args // { inherit overlays; }) -- cgit v1.2.3