dev.fron.io rc / 7776a02
guix: move to guix flake Tony Olagbaiye 1 year, 8 months ago
6 changed file(s) with 81 addition(s) and 257 deletion(s). Raw diff Collapse all Expand all
3737 "type": "github"
3838 }
3939 },
40 "guix": {
41 "info": {
42 "lastModified": 1589350842,
43 "narHash": "sha256-94cSMVPii8Rkts2MZaJ0URtnzlTjCSPIm5L1+bp2ra4="
44 },
45 "inputs": {
46 "nixpkgs": "nixpkgs_2"
47 },
48 "locked": {
49 "owner": "bqv",
50 "repo": "guix",
51 "rev": "96bc72dca574425b43d182705e42e772c6982de0",
52 "type": "github"
53 },
54 "original": {
55 "owner": "bqv",
56 "repo": "guix",
57 "type": "github"
58 }
59 },
4060 "home": {
4161 "info": {
4262 "lastModified": 1587442074,
4363 "narHash": "sha256-SmC1aP9TJImzHlNIWOTa+uwePeHoEcfGJEewXXWAtfc="
4464 },
4565 "inputs": {
46 "nixpkgs": "nixpkgs_2"
66 "nixpkgs": "nixpkgs_3"
4767 },
4868 "locked": {
4969 "owner": "rycee",
82102 "narHash": "sha256-j6+ZeL3vh1w9THce5sosg1eVO04eC7GAW9J4UXLkcgE="
83103 },
84104 "inputs": {
85 "nixpkgs": "nixpkgs_2"
105 "nixpkgs": "nixpkgs_3"
86106 },
87107 "locked": {
88108 "owner": "nmattia",
171191 },
172192 "nixpkgs_2": {
173193 "info": {
194 "lastModified": 1589349539,
195 "narHash": "sha256-xMUcyl9vI6c8mJzl+M+6JIZmWQknXkSbu1jrgxtoHlo="
196 },
197 "locked": {
198 "owner": "NixOS",
199 "repo": "nixpkgs",
200 "rev": "6a16787d263c96a772bbc74d527e71415811fd3a",
201 "type": "github"
202 },
203 "original": {
204 "id": "nixpkgs",
205 "type": "indirect"
206 }
207 },
208 "nixpkgs_3": {
209 "info": {
174210 "lastModified": 1587961704,
175211 "narHash": "sha256-/aqrj8zYfwz8Wd0qu7jgNvddXj7Bro3QHz2YKJOJO5M="
176212 },
187223 "type": "github"
188224 }
189225 },
190 "nixpkgs_3": {
226 "nixpkgs_4": {
191227 "info": {
192228 "lastModified": 1589225516,
193229 "narHash": "sha256-Fnz4my3H3543J6ywc57nf7FkQINJG7JkZlLONQs1Wys="
211247 "narHash": "sha256-fc2o4V2p5KyEzOLQK0Q915ZShJ1i2Gr3e2+0Ox7TTHg="
212248 },
213249 "inputs": {
214 "nixpkgs": "nixpkgs_3"
250 "nixpkgs": "nixpkgs_4"
215251 },
216252 "locked": {
217253 "owner": "nix-community",
229265 "inputs": {
230266 "dwarffs": "dwarffs",
231267 "emacs": "emacs",
268 "guix": "guix",
232269 "home": "home",
233 "large": "nixpkgs_2",
270 "large": "nixpkgs_3",
234271 "master": "nixpkgs",
235272 "mozilla": "mozilla",
236273 "naersk": "naersk",
238275 "nix": "nix",
239276 "nixexprs": "nixexprs",
240277 "nur": "nur",
241 "small": "nixpkgs_3",
278 "small": "nixpkgs_4",
242279 "snack": "snack",
243280 "staged": "staged"
244281 }
00 {
1 edition = 201909;
2
31 description = "A highly structured configuration database.";
42
53 inputs = {
2422 naersk.url = "github:nmattia/naersk";
2523 naersk.inputs.nixpkgs.follows = "large";
2624
25 guix.url = "github:bqv/guix";
2726 emacs.url = "github:nix-community/emacs-overlay";
2827
2928 mozilla = { url = "github:mozilla/nixpkgs-mozilla"; flake = false; };
8079 inherit (inputs.staged.legacyPackages.${system}) libgccjit sof-firmware;
8180 })
8281 inputs.nix.overlay
82 inputs.guix.overlay
8383 inputs.emacs.overlay
8484 inputs.nur.overlay
8585 inputs.self.overlay
110110 modules = let
111111 inherit (inputs.home.nixosModules) home-manager;
112112 inherit (inputs.dwarffs.nixosModules) dwarffs;
113 inherit (inputs.guix.nixosModules) guix;
113114
114115 core = ./profiles/core.nix;
115116
146147
147148 flakeModules = import ./modules/list.nix;
148149
149 in flakeModules ++ [ core global local home-manager dwarffs ];
150 in flakeModules ++ [
151 core global local
152 home-manager dwarffs guix
153 ];
150154 };
151155 in usr.recImport {
152156 dir = ./hosts;
167171 in lib.filterAttrs (_: p: (p.meta.broken or null) != true) {
168172 inherit (pkgs.emacsPackages) bitwarden ivy-exwm flycheck-purescript eterm-256color;
169173 inherit (pkgs) dgit dejavu_nerdfont electronmail flarectl fsnoop;
170 inherit (pkgs.guilePackages) guile-gcrypt guile-git guile-json guile-sqlite3;
171 inherit (pkgs.guilePackages) guile-ssh guile-gnutls bytestructures;
172 inherit (pkgs) guix matrix-appservice-irc matrix-construct mx-puppet-discord;
174 inherit (pkgs) matrix-appservice-irc matrix-construct mx-puppet-discord;
173175 inherit (pkgs.pleroma) pleroma_be pleroma_fe masto_fe;
174 inherit (pkgs) pure sddm-chili shflags yacy;
176 inherit (pkgs) next pure sddm-chili shflags yacy;
175177
176178 inherit (pkgs) nheko;
177179 inherit (pkgs.weechatScripts) weechat-matrix;
178180 });
179181
180182 nixosModules = let
181 mergeAll = fold recursiveUpdate {};
183 mergeAll = lib.fold lib.recursiveUpdate {};
182184 pathsToAttrs = map (file:
183185 let
184 cleanFile = removeSuffix ".nix" (removePrefix "./" (toString file));
185 in setAttrByPath (splitString "/" cleanFile) (import file)
186 cleanFile = lib.removeSuffix ".nix" (lib.removePrefix "./" (toString file));
187 in lib.setAttrByPath (lib.splitString "/" cleanFile) (import file)
186188 );
187189
188190 # modules
55 ../../profiles/misc/disable-mitigations.nix
66 ../../profiles/misc/udev-nosettle.nix
77 ../../profiles/misc/adblocking.nix
8 ../../profiles/misc/guix.nix
98 ../../profiles/security/sudo.nix
109 ../../profiles/networking/ipfs
1110 ../../profiles/networking/bluetooth
+0
-68
pkgs/tools/package-management/guix/default.nix less more
0 { stdenv, pkgs, lib, fetchurl, pkg-config, makeWrapper, zlib, bzip2
1 , guile, guilePackages, storeDir ? null, stateDir ? null }:
2
3 stdenv.mkDerivation rec {
4 pname = "guix";
5 version = "1.1.0";
6
7 src = fetchurl {
8 url = "mirror://gnu/guix/${pname}-${version}.tar.gz";
9 sha256 = "03v48cq94678pi7bkdjfwksrq40lr6q38s38jxh7qjdcyipi0naw";
10 };
11
12 postConfigure = ''
13 sed -i '/guilemoduledir\s*=/s%=.*%=''${out}/share/guile/site%' Makefile;
14 sed -i '/guileobjectdir\s*=/s%=.*%=''${out}/share/guile/ccache%' Makefile;
15 '';
16
17 modules = with guilePackages; lib.forEach [
18 guile-gcrypt guile-git guile-json guile-sqlite3 guile-ssh guile-gnutls bytestructures
19 ] (m: (m.override { inherit guile; }).out);
20
21 nativeBuildInputs = [ pkg-config makeWrapper ];
22 buildInputs = [ zlib bzip2 ] ++ modules;
23 propagatedBuildInputs = [ guile ];
24
25 GUILE_LOAD_PATH = let
26 guilePath = [
27 "\${out}/share/guile/site"
28 "${guilePackages.guile-gnutls.out}/lib/guile/extensions"
29 ] ++ (lib.concatMap (module: [
30 "${module}/share/guile/site"
31 ]) modules);
32 in "${lib.concatStringsSep ":" guilePath}";
33 GUILE_LOAD_COMPILED_PATH = let
34 guilePath = [
35 "\${out}/share/guile/ccache"
36 "${guilePackages.guile-gnutls.out}/lib/guile/extensions"
37 ] ++ (lib.concatMap (module: [
38 "${module}/share/guile/ccache"
39 ]) modules);
40 in "${lib.concatStringsSep ":" guilePath}";
41
42 configureFlags = []
43 ++ lib.optional (storeDir != null) "--with-store-dir=${storeDir}"
44 ++ lib.optional (stateDir != null) "--localstatedir=${stateDir}";
45
46 postInstall = ''
47 wrapProgram $out/bin/guix \
48 --prefix GUILE_LOAD_PATH : "${GUILE_LOAD_PATH}" \
49 --prefix GUILE_LOAD_COMPILED_PATH : "${GUILE_LOAD_COMPILED_PATH}"
50
51 wrapProgram $out/bin/guix-daemon \
52 --prefix GUILE_LOAD_PATH : "${GUILE_LOAD_PATH}" \
53 --prefix GUILE_LOAD_COMPILED_PATH : "${GUILE_LOAD_COMPILED_PATH}"
54 '';
55
56 passthru = {
57 inherit guile;
58 };
59
60 meta = with lib; {
61 description = "A transactional package manager for an advanced distribution of the GNU system";
62 homepage = "https://guix.gnu.org/";
63 license = licenses.gpl3;
64 maintainers = with maintainers; [ bqv ];
65 platforms = platforms.linux;
66 };
67 }
+0
-171
profiles/misc/guix.nix less more
0 { config, pkgs, lib, ...}:
1
2 let
3 cfg = config.services.guix;
4
5 guixBuildUser = id: {
6 name = "${cfg.userPrefix}${toString id}";
7 createHome = false;
8 description = "Guix build user ${toString id}";
9 extraGroups = [ cfg.group ];
10 isSystemUser = true;
11 };
12
13 guixBuildUsers = numberOfUsers:
14 builtins.listToAttrs
15 (map (user: {
16 name = user.name;
17 value = user;
18 }) (builtins.genList guixBuildUser numberOfUsers));
19
20 guixEnv = {
21 GUIX_STATE_DIRECTORY = "/gnu/var";
22 GUIX_LOG_DIRECTORY = "/gnu/var/log";
23 GUIX_DATABASE_DIRECTORY = "/gnu/var/db";
24 NIX_STORE_DIR = "/gnu/store";
25 };
26
27 guixWrapped = pkgs.writeShellScriptBin "guix" ''
28 ${lib.concatStringsSep "\n"
29 (lib.mapAttrsToList (k: v: "export ${k}=${v}") guixEnv)}
30 exec ${cfg.package}/bin/guix $@
31 '';
32 in {
33 options.services.guix = with lib; {
34 enable = mkEnableOption "the guix daemon and init /gnu/store";
35
36 group = mkOption {
37 type = types.str;
38 default = "guixbuild";
39 example = "guixbuild";
40 description = ''
41 The group of the guix build users.
42 '';
43 };
44
45 userPrefix = mkOption {
46 type = types.str;
47 default = "guixbuilder";
48 example = "guixbuilder";
49 description = ''
50 The common prefix of the guix build users.
51 '';
52 };
53
54 extraArgs = mkOption {
55 type = with types; listOf str;
56 default = [];
57 example = [ "--max-jobs=4" "--debug" ];
58 description = ''
59 Extra flags to pass to the guix daemon.
60 '';
61 };
62
63 package = mkOption {
64 type = types.package;
65 default = pkgs.guix;
66 defaultText = "pkgs.guix";
67 description = ''
68 Guix package to use.
69 '';
70 };
71
72 publish = {
73 enable = mkEnableOption "publishing the guix store";
74
75 port = mkOption {
76 type = types.int;
77 default = 8181;
78 description = ''
79 Port to publish the guix store on.
80 '';
81 };
82
83 user = mkOption {
84 type = types.str;
85 default = "nobody";
86 description = ''
87 User to publish the guix store with.
88 '';
89 };
90 };
91 };
92
93 config = lib.mkIf cfg.enable {
94 environment.systemPackages = [
95 guixWrapped (lib.lowPrio guixWrapped)
96 ];
97
98 users.users = guixBuildUsers 10;
99 users.groups = { "${cfg.group}" = {}; };
100
101 systemd.services.guix-daemon = {
102 description = "Build daemon for GNU Guix";
103 script = ''
104 export GUIX_CONFIGURATION_DIRECTORY=$RUNTIME_DIRECTORY
105 ${guixWrapped}/bin/guix archive --authorize < \
106 ${cfg.package}/share/guix/ci.guix.gnu.org.pub
107
108 ${lib.concatStringsSep "\n"
109 (lib.mapAttrsToList (k: v: "export ${k}=${v}") guixEnv)}
110 ROOT_PROFILE=$GUIX_STATE_DIRECTORY"/profiles/per-user/root/current-guix"
111
112 DAEMON=$ROOT_PROFILE"/bin/guix-daemon"
113 export GUIX_LOCPATH=$ROOT_PROFILE"/lib/locale";
114 if [ ! -x "$DAEMON" ]; then
115 DAEMON="${cfg.package}/bin/guix-daemon"
116 export GUIX_LOCPATH="${pkgs.glibcLocales}/lib/locale"
117 fi
118
119 exec $DAEMON --build-users-group=${cfg.group} ${lib.concatStringsSep " " cfg.extraArgs}
120 '';
121 serviceConfig = {
122 ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /gnu/store";
123 RuntimeDirectory = "guix";
124 RemainAfterExit = "yes";
125 StandardOutput = "syslog";
126 StandardError = "syslog";
127 TasksMax = 8192; # See <https://lists.gnu.org/archive/html/guix-devel/2016-04/msg00608.html>.
128 };
129 wantedBy = [ "multi-user.target" ];
130 };
131
132 systemd.services.guix-publish = lib.mkIf cfg.publish.enable {
133 description = "Publish the GNU Guix store";
134 script = ''
135 export GUIX_CONFIGURATION_DIRECTORY=$RUNTIME_DIRECTORY
136 ${guixWrapped}/bin/guix archive --authorize < \
137 ${cfg.package}/share/guix/ci.guix.gnu.org.pub
138
139 ${lib.concatStringsSep "\n"
140 (lib.mapAttrsToList (k: v: "export ${k}=${v}") guixEnv)}
141 ROOT_PROFILE=$GUIX_STATE_DIRECTORY"/profiles/per-user/root/current-guix"
142
143 DAEMON=$ROOT_PROFILE"/bin/guix"
144 export GUIX_LOCPATH=$ROOT_PROFILE"/lib/locale";
145 if [ ! -x "$DAEMON" ]; then
146 DAEMON="${cfg.package}/bin/guix"
147 export GUIX_LOCPATH="${pkgs.glibcLocales}/lib/locale"
148 fi
149
150 exec $DAEMON publish --user=${cfg.publish.user} --port=${cfg.publish.port}
151 '';
152 serviceConfig = {
153 ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /gnu/store";
154 RuntimeDirectory = "guix";
155 RemainAfterExit = "yes";
156 StandardOutput = "syslog";
157 StandardError = "syslog";
158 TasksMax = 1024; # See <https://lists.gnu.org/archive/html/guix-devel/2016-04/msg00608.html>.
159 };
160 wantedBy = [ "multi-user.target" ];
161 };
162
163 environment.shellInit = ''
164 export GUIX_PROFILE="$HOME/.config/guix/current"
165 [ -f "$GUIX_PROFILE/etc/profile" ] && source $GUIX_PROFILE/etc/profile
166 export GUIX_LOCPATH="${pkgs.glibcLocales}/lib/locale"
167 export INFOPATH="$GUIX_PROFILE/share/info:$INFOPATH"
168 '';
169 };
170 }
6363 DEFINE_string 'host' "" 'Host to build' 'H'
6464 DEFINE_boolean 'showtrace' false 'Show verbose traces' 't'
6565 DEFINE_boolean 'verbose' false 'Show verbose logs' 'v'
66 DEFINE_boolean 'noisy' false 'Show noisy logs' 'V'
6667 ''}
6768 ${rebuild "test"}
6869
8182 DEFINE_string 'host' "" 'Host to build' 'H'
8283 DEFINE_boolean 'showtrace' false 'Show verbose traces' 't'
8384 DEFINE_boolean 'verbose' false 'Show verbose logs' 'v'
85 DEFINE_boolean 'noisy' false 'Show noisy logs' 'V'
8486 ''}
8587 ${rebuild "boot"}
8688 '';
98100 DEFINE_string 'host' "" 'Host to build' 'H'
99101 DEFINE_boolean 'showtrace' false 'Show verbose traces' 't'
100102 DEFINE_boolean 'verbose' false 'Show verbose logs' 'v'
103 DEFINE_boolean 'noisy' false 'Show noisy logs' 'V'
101104 ''}
102105 ${rebuild "dry-build"}
106 '';
107 check = pkgs.writeShellScriptBin "check" ''
108 ${shFlagsRules ''
109 DEFINE_boolean 'showtrace' false 'Show verbose traces' 't'
110 DEFINE_boolean 'verbose' false 'Show verbose logs' 'v'
111 DEFINE_boolean 'noisy' false 'Show noisy logs' 'V'
112 ''}
113
114 if [ $FLAGS_showtrace -eq $FLAGS_TRUE ]; then
115 ARGS="$ARGS --show-trace"
116 fi
117
118 if [ $FLAGS_verbose -eq $FLAGS_TRUE ]; then
119 ARGS="$ARGS -vv"
120 fi
121
122 if [ $FLAGS_noisy -eq $FLAGS_TRUE ]; then
123 ARGS="$ARGS -vvvvv"
124 fi
125
126 echo '> nix flake check' $ARGS
127 nix flake check $ARGS
103128 '';
104129 flake-shell = pkgs.writeShellScriptBin "nixFlakes-shell" ''
105130 nix-shell -E 'with import "${pkgs.path}/nixos" { configuration.nix.package = (import <nixpkgs> {}).nixFlakes; }; pkgs.mkShell { buildInputs = with config.system.build; with pkgs; [ nixos-rebuild ]; }' $@
113138 };
114139 patches = [ worktreePatch ];
115140 });
116 in [ git git-crypt git-secrets nixfmt flake-shell
141 in [ git git-crypt git-secrets nixfmt flake-shell check
117142 activate dry-boot tag-current boot dry-activate dry-build ];
118143
119144 shellHook = ''