Merge branch 'main' into teutat3s

This commit is contained in:
teutat3s 2022-08-14 17:21:34 +02:00
commit b263ca4c45
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
23 changed files with 704 additions and 259 deletions

View file

@ -106,7 +106,6 @@ steps:
- nix $$NIX_FLAGS flake check
- nix $$NIX_FLAGS build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
- nix $$NIX_FLAGS develop --command echo OK
- nix $$NIX_FLAGS develop --command bud --help
---
kind: pipeline
@ -122,8 +121,8 @@ steps:
commands:
- |
nix --print-build-logs --verbose \
develop --command \
bud build bootstrap bootstrapIso
build \
'.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
- name: "Publish ISO"
@ -158,6 +157,6 @@ volumes:
---
kind: signature
hmac: bdbefb07b97dc8efc44d8eb36ee4d1bb89eec3b7255b49929e126e86a4b4a788
hmac: da951ba8ede88996728acfb47846e01880eb0e3b91f66e47848d6c1cc727c5d9
...

View file

@ -1,18 +1,13 @@
# Pull Requests
## TL;DR;
# TL;DR;
- **Target Branch**: `main`
- **Merge Policy**: [`bors`][bors] is always right (→ `bors try`)
- **Merge Policy**: green check: merge away. yellow circle: have patience. red x: try again.
- **Docs**: every change set is expected to contain doc updates
- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages
should cover the motivation and use case in an easily understandable manner
even when read after a few months.
- **Test Driven Development**: please default to test driven development where possible.
- **Test Driven Development**: please default to test driven development you can
make use of the `./examples` & `./e2e` and wire test up in the devshell.
### Within the Devshell (`nix develop`)
- **Hooks**: please `git commit` within the devshell
- **Fail Early**: please run from within the devshell on your local machine:
- `nix flake check`
[bors]: https://bors.tech
- **Fail Early**: please run `check-all` from within the devshell on your local machine

View file

@ -3,8 +3,6 @@
- [Introduction](../README.md)
- [Quick Start](./start/index.md)
- [ISO](./start/iso.md)
- [Bootstrapping](./start/bootstrapping.md)
- [From NixOS](./start/from-nixos.md)
- [Key Concepts](./concepts/index.md)
- [Hosts](./concepts/hosts.md)
- [Overrides](./concepts/overrides.md)
@ -18,11 +16,16 @@
- [Concerns]()
- [Secrets](./secrets.md)
- [Tests](./tests.md)
- [Helper Script `bud`](./bud/index.md)
- [get](./bud/get.md)
- [Integrations](./integrations/index.md)
- [Cachix](./integrations/cachix.md)
- [Deploy RS](./integrations/deploy.md)
- [NvFetcher](./integrations/nvfetcher.md)
- [Hercules CI](./integrations/hercules.md)
- [API Reference](./api-reference.md)
- [Channels](./api-reference-channels.md)
- [Home](./api-reference-home.md)
- [Devshell](./api-reference-devshell.md)
- [NixOS](./api-reference-nixos.md)
- [Library Reference]()
- [Contributing](./CONTRIBUTING.md)

91
doc/api-reference-channels.md Executable file
View file

@ -0,0 +1,91 @@
# Channels API Container
Configure your channels that you can use throughout your configurations.
> #### ⚠ Gotcha ⚠
> Devshell & (non-host-specific) Home-Manager `pkgs` instances are rendered off the
> `nixos.hostDefaults.channelName` (default) channel.
## channels
nixpkgs channels to create
*_Type_*:
attribute set of submodules or path convertible to it
*_Default_*
```
{}
```
## channels.\<name\>.config
nixpkgs config for this channel
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## channels.\<name\>.input
nixpkgs flake input to use for this channel
*_Type_*:
nix flake
*_Default_*
```
"self.inputs.<name>"
```
## channels.\<name\>.overlays
overlays to apply to this channel
these will get exported under the 'overlays' flake output
as \<channel\>/\<name\> and any overlay pulled from \<inputs\>
will be filtered out
*_Type_*:
list of valid Nixpkgs overlay or path convertible to its or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## channels.\<name\>.patches
patches to apply to this channel
*_Type_*:
list of paths
*_Default_*
```
[]
```

72
doc/api-reference-devshell.md Executable file
View file

@ -0,0 +1,72 @@
# Devshell API Container
Configure your devshell module collections of your environment.
## devshell
Modules to include in your DevOS shell. the `modules` argument
will be exported under the `devshellModules` output
*_Type_*:
submodule or path convertible to it
*_Default_*
```
{}
```
## devshell.exportedModules
modules to include in all hosts and export to devshellModules output
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## devshell.externalModules
The `externalModules` option has been removed.
Any modules that should be exported should be defined with the `exportedModules`
option and all other modules should just go into the `modules` option.
*_Type_*:
list of valid modules or anything convertible to it
*_Default_*
```
[]
```
## devshell.modules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```

119
doc/api-reference-home.md Executable file
View file

@ -0,0 +1,119 @@
# Home-Manager API Container
Configure your home manager modules, profiles & suites.
## home
hosts, modules, suites, and profiles for home-manager
*_Type_*:
submodule or path convertible to it
*_Default_*
```
{}
```
## home.exportedModules
modules to include in all hosts and export to homeModules output
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## home.externalModules
The `externalModules` option has been removed.
Any modules that should be exported should be defined with the `exportedModules`
option and all other modules should just go into the `modules` option.
*_Type_*:
list of valid modules or anything convertible to it
*_Default_*
```
[]
```
## home.importables
Packages of paths to be passed to modules as `specialArgs`.
*_Type_*:
attribute set
*_Default_*
```
{}
```
## home.importables.suites
collections of profiles
*_Type_*:
null or attribute set of list of paths or anything convertible to its or path convertible to it
*_Default_*
```
null
```
## home.modules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## home.users
HM users that can be deployed portably without a host.
*_Type_*:
attribute set of HM user configs
*_Default_*
```
{}
```

234
doc/api-reference-nixos.md Executable file
View file

@ -0,0 +1,234 @@
# NixOS API Container
Configure your nixos modules, profiles & suites.
## nixos
hosts, modules, suites, and profiles for NixOS
*_Type_*:
submodule or path convertible to it
*_Default_*
```
{}
```
## nixos.hostDefaults
Defaults for all hosts.
the modules passed under hostDefaults will be exported
to the 'nixosModules' flake output.
They will also be added to all hosts.
*_Type_*:
submodule
*_Default_*
```
{}
```
## nixos.hostDefaults.channelName
Channel this host should follow
*_Type_*:
channel defined in `channels`
## nixos.hostDefaults.exportedModules
modules to include in all hosts and export to nixosModules output
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.externalModules
The `externalModules` option has been removed.
Any modules that should be exported should be defined with the `exportedModules`
option and all other modules should just go into the `modules` option.
*_Type_*:
list of valid modules or anything convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.modules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.system
system for this host
*_Type_*:
null or system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.hosts
configurations to include in the nixosConfigurations output
*_Type_*:
attribute set of submodules
*_Default_*
```
{}
```
## nixos.hosts.\<name\>.channelName
Channel this host should follow
*_Type_*:
null or channel defined in `channels`
*_Default_*
```
null
```
## nixos.hosts.\<name\>.modules
modules to include
*_Type_*:
list of valid modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## nixos.hosts.\<name\>.system
system for this host
*_Type_*:
null or system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.hosts.\<name\>.tests
tests to run
*_Type_*:
list of valid NixOS test or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
*_Example_*
```
{"_type":"literalExpression","text":"[\n {\n name = \"testname1\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n }\n ({ corutils, writers, ... }: {\n name = \"testname2\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n })\n ./path/to/test.nix\n];\n"}
```
## nixos.importables
Packages of paths to be passed to modules as `specialArgs`.
*_Type_*:
attribute set
*_Default_*
```
{}
```
## nixos.importables.suites
collections of profiles
*_Type_*:
null or attribute set of list of paths or anything convertible to its or path convertible to it
*_Default_*
```
null
```

80
doc/api-reference.md Executable file
View file

@ -0,0 +1,80 @@
# Top Level API
`digga`'s top level API. API Containers are documented in their respective sub-chapter:
- [Channels](./api-reference-channels.md)
- [Home](./api-reference-home.md)
- [Devshell](./api-reference-devshell.md)
- [NixOS](./api-reference-nixos.md)
- [Darwin](./api-reference-darwin.md)
## channelsConfig
nixpkgs config for all channels
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## inputs
The flake's inputs
*_Type_*:
attribute set of nix flakes
## outputsBuilder
builder for flake system-spaced outputs
The builder gets passed an attrset of all channels
*_Type_*:
function that evaluates to a(n) attribute set or path convertible to it
*_Default_*
```
"channels: { }"
```
## self
The flake to create the DevOS outputs for
*_Type_*:
nix flake
## supportedSystems
The systems supported by this flake
*_Type_*:
list of strings
*_Default_*
```
["aarch64-linux","aarch64-darwin","i686-linux","x86_64-darwin","x86_64-linux"]
```

View file

@ -1,10 +0,0 @@
# get
The `get` subcommand is useful for getting a bare copy of devos without the
git history.
## Usage
```sh
bud get DEST-DIR
```
If DEST-DIR is ommitted, it defaults to _./devos_.

View file

@ -1,24 +0,0 @@
# [`bud`][bud] command
The template incudes a convenient script for managing your system called [`bud`][bud].
It is a portable and highly composable system control tool that work anywhere on your host
or in the flake's devshell.
Although it comes with some predefined standard helpers,
it is very extensible and you are encouraged to write your own script snippets
to ease your workflows. An example is the bud module for a `get` command that
comes included with `devos`.
While writing scripts you can convenientely access smart environment variables
that can tell the current architecture, user or host name, among others, regardless
wether you invoke `bud` within the devshell or as the system-wide installed `bud`.
For details, please review the [bud repo][bud].
## Usage
```sh
bud help
```
[bud]: https://github.com/divnix/bud

View file

@ -49,19 +49,18 @@ argument that gets passed to your home-manager users.
## External Usage
You can easily use the defined home-manager configurations outside of NixOS
using the `homeConfigurations` flake output. The [bud](../bud/index.md) helper
script makes this even easier.
using the `homeConfigurations` flake output.
This is great for keeping your environment consistent across Unix systems,
including OSX.
This is great for keeping your environment consistent across Unix-like systems,
including macOS.
### From within the projects devshell:
```sh
# builds the nixos user defined in the NixOS host
bud home NixOS nixos
# builds the pub-solar user defined in the PubSolarOS host
nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage'
# build and activate
bud home NixOS nixos switch
nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' && ./result/activate && unlink result
```
### Manually from outside the project:

View file

@ -1,102 +0,0 @@
# Bootstrapping
This will help you boostrap a bare host with the help of the
[bespoke iso](./iso.md) live installer.
_Note: nothing prevents you from remotely executing the boostrapping
process. See below._
Once your target host has booted into the live iso, you need to partition
and format your disk according to the [official manual][manual].
## Mount partitions
Then properly mount the formatted partitions at `/mnt`, so that you can
install your system to those new partitions.
Mount `nixos` partition to `/mnt` and &mdash; for UEFI &mdash; `boot`
partition to `/mnt/boot`:
```console
$ mount /dev/disk/by-label/nixos /mnt
$ mkdir -p /mnt/boot && mount /dev/disk/by-label/boot /mnt/boot # UEFI only
$ swapon /dev/disk/by-label/swap
```
Add some extra space to the store. In the iso, it's running on a tmpfs
off your RAM:
```console
$ mkdir -p /mnt/tmpstore/{work,store}
$ mount -t overlay overlay -olowerdir=/nix/store,upperdir=/mnt/tmpstore/store,workdir=/mnt/tmpstore/work /nix/store
```
## Install
Install off of a copy of devos from the time the iso was built:
```console
$ cd /iso/devos
$ nixos-install --flake .#NixOS
```
## Notes of interest
### Remote access to the live installer
The iso live installer comes preconfigured with a network configuration
which announces it's hostname via [MulticastDNS][mDNS] as `hostname.local`,
that is `bootstrap.local` in the [iso example](./iso).
In the rare case that [MulticastDNS][mDNS] is not availabe or turned off
in your network, there is a static link-local IPv6 address configured to
`fe80::47`(mnemonic from the letter's position in the english alphabet:
`n=14 i=9 x=24; 47 = n+i+x`).
Provided that you have added your public key to the authorized keys of the
`root` user _(hint: [`deploy-rs`](../integrations/deploy.md) needs passwordless
sudo access)_:
```nix
{ ... }:
{
users.users.root.openssh.authorizedKeys.keyFiles = [
../secrets/path/to/key.pub
];
}
```
You can then ssh into the live installer through one of the
following options:
```console
ssh root@bootstrap.local
ssh root@fe80::47%eno1 # where eno1 is your network interface on which you are linked to the target
```
_Note: the [static link-local IPv6 address][staticLLA] and [MulticastDNS][mDNS] is only
configured on the live installer. If you wish to enable [MulticastDNS][mDNS]
for your environment, you ought to configure that in a regular [profile](../concepts/profiles.md)._
### EUI-64 LLA & Host Identity
The iso's IPv6 Link Local Address (LLA) is configured with a static 64-bit Extended
Unique Identifiers (EUI-64) that is derived from the host interface's Message
Authentication Code (MAC) address.
After a little while (a few seconds), you can remotely discover this unique and host
specific address over [NDP][NDP] for example with:
```console
ip -6 neigh show # also shows fe80::47
```
***This LLA is stable for the host, unless you need to swap that particular network card.***
Under this reservation, though, you may use this EUI-64 to wire up a specific
(cryptographic) host identity.
[manual]: https://nixos.org/manual/nixos/stable/index.html#sec-installation-partitioning
[mDNS]: https://en.wikipedia.org/wiki/Multicast_DNS
[NDP]: https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol
[staticLLA]: https://tools.ietf.org/html/rfc7404

View file

@ -1,51 +0,0 @@
# From NixOS
## Generate Configuration
Assuming you're happy with your existing partition layout, you can generate a
basic NixOS configuration for your system using:
```sh
bud up
```
This will make a new file `hosts/up-$(hostname).nix`, which you can edit to
your liking.
You must then add a host to `nixos.hosts` in flake.nix:
```nix
{
nixos.hosts = {
modules = hosts/NixOS.nix;
};
}
```
Make sure your `i18n.defaultLocale` and `time.timeZone` are set properly for
your region. Keep in mind that `networking.hostName` will be automatically
set to the name of your host;
Now might be a good time to read the docs on [suites](../concepts/suites.md) and
[profiles](../concepts/profiles.md) and add or create any that you need.
> ##### _Note:_
> While the `up` sub-command is provided as a convenience to quickly set up and
> install a "fresh" NixOS system on current hardware, committing these files is
> discouraged.
>
> They are placed in the git staging area automatically because they would be
> invisible to the flake otherwise, but it is best to move what you need from
> them directly into a host module of your own making, and commit that instead.
# Installation
Once you're ready to deploy `hosts/my-host.nix`:
```sh
bud my-host switch
```
This calls `nixos-rebuild` with sudo to build and install your configuration.
> ##### _Notes:_
> - Instead of `switch`, you can pass `build`, `test`, `boot`, etc just as with
> `nixos-rebuild`.

View file

@ -2,25 +2,35 @@
The only dependency is nix, so make sure you have it [installed][install-nix].
## Get the Template
Here is a snippet that will get you the template without the git history:
If you currently don't have flakes setup, you can utilize the digga shell to pull the template:
```sh
nix-shell -p cachix --run "cachix use nrdxp"
nix-shell https://github.com/divnix/devos/archive/main.tar.gz -A shell \
--run "bud get main"
cd devos
nix-shell
nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \
--run "nix flake init -t github:divnix/digga"
```
If you already have flakes support, you can directly pull the template:
```sh
nix flake init -t github:divnix/digga
```
Then make sure to create the git repository:
```sh
git init
git add .
git commit -m init
```
This will place you in a new folder named `devos` with git initialized, and a
nix-shell that provides all the dependencies, including the unstable nix
version required.
To drop into a nix-shell, if you don't have flakes setup, use the digga shell to create a `flake.lock`:
```sh
nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \
--run "nix flake lock"
```
Or if you do have flakes support, just run:
```sh
nix flake lock
```
Finally, run `nix-shell` to get to an interactive shell with all the dependencies, including the unstable nix
version required. You can run `menu` to confirm that you are using digga (expected output includes [docs], [general commands], [linter], etc.).
In addition, the [binary cache](../integrations/cachix.md) is added for faster deployment.
@ -33,9 +43,8 @@ In addition, the [binary cache](../integrations/cachix.md) is added for faster d
> you can try with sudo: `sudo nix-shell -p cachix --run "cachix use nrdxp"`
## Next Steps:
- [Make installable ISO](./iso.md)
- [Bootstrap Host](./bootstrapping.md)
- [Already on NixOS](./from-nixos.md)
[install-nix]: https://nixos.org/manual/nix/stable/#sect-multi-user-installation

View file

@ -1,22 +1,36 @@
# ISO
# Installation Media
This project leverages [nix-community/nixos-generators][nixos-generators] for
building machine images. In most cases, you'll probably want to use the
`install-iso` format.
Making an installable ISO for `hosts/bootstrap.nix` is as simple as:
Making and writing an installable iso for `hosts/bootstrap.nix` is as simple as:
```sh
bud build bootstrap bootstrapIso
sudo -E $(which bud) burn
nix run github:nix-community/nixos-generators -- \
--format install-iso \
--flake '.#bootstrap'
```
This works for any host.
Then "burn" the ISO to your USB stick (or CD-R if you like!) following the
[instructions in the NixOS manual][burn] (or using your preferred USB burner).
## ISO image nix store & cache
You can also swap out the `--format` for [any of the others][formats] supported
by nixos-generators.
The iso image holds the store to the live environment and _also_ acts as a binary cache
to the installer. To considerably speed up things, the image already includes all flake
`inputs` as well as the `devshell` closures.
Continue by following the usual installation instructions in the NixOS manual.
While you _could_ provision any machine with a single stick, a custom-made iso for
the host you want to install DevOS to, maximises those local cache hits.
## ISO Nix Store and Cache
For hosts that don't differ too much, a single usb stick might be ok, whereas when
there are bigger differences, a custom-made usb stick will be considerably faster.
The ISO image holds the Nix store for the live environment and _also_ acts as a
binary cache to the installer. To considerably speed things up, the image
already includes all flake `inputs` as well as the `devshell` closures.
While you _could_ provision any NixOS machine with the same USB stick, an ISO
custom-made for your target host will maximise those local cache hits. For hosts
that don't differ too much, a single USB stick might be ok, whereas when there
are bigger differences, a custom-made USB stick will be considerably faster.
[nixos-generators]: https://github.com/nix-community/nixos-generators
[burn]: https://nixos.org/manual/nixos/stable/index.html#sec-booting-from-usb
[formats]: https://github.com/nix-community/nixos-generators/tree/master/formats

View file

@ -18,10 +18,6 @@
digga.inputs.home-manager.follows = "home";
digga.inputs.deploy.follows = "deploy";
bud.url = "github:divnix/bud";
bud.inputs.nixpkgs.follows = "nixos";
bud.inputs.devshell.follows = "digga/devshell";
home.url = "github:nix-community/home-manager/release-22.05";
home.inputs.nixpkgs.follows = "nixos";
@ -59,7 +55,6 @@
outputs =
{ self
, digga
, bud
, nixos
, home
, nixos-hardware
@ -116,7 +111,6 @@
digga.nixosModules.nixConfig
home.nixosModules.home-manager
agenix.nixosModules.age
bud.nixosModules.bud
];
};

View file

@ -1,6 +1,6 @@
{ profiles, ... }:
{
# build with: `bud build bootstrap bootstrapIso`
# build with: `nix build '.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'`
# reachable on the local link via ssh root@fe80::47%eno1
# where 'eno1' is replaced by your own machine's network
# interface that has the local link to the target machine

View file

@ -28,10 +28,14 @@ in
config = {
pub-solar = {
terminal-life.enable = true;
audio.enable = lib.mkIf (!cfg.lite) true;
crypto.enable = lib.mkIf (!cfg.lite) true;
devops.enable = lib.mkIf (!cfg.lite) true;
terminal-life = {
enable = true;
lite = cfg.lite;
};
};
};
}

View file

@ -7,6 +7,14 @@ in
{
options.pub-solar.terminal-life = {
enable = mkEnableOption "Life in black and white";
lite = mkOption {
description = ''
Enable a lite edition of terminal-life with less modules and a reduced package set.
'';
default = false;
type = types.bool;
};
};
config = mkIf cfg.enable {

View file

@ -1,6 +1,7 @@
{ config, pkgs, ... }:
let
psCfg = config.pub-solar;
cfg = config.pub-solar.terminal-life;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs);
@ -76,7 +77,7 @@ in
withRuby = true;
withPython3 = true;
extraPackages = with pkgs; [
extraPackages = with pkgs; lib.mkIf (!cfg.lite) [
ccls
gopls
nodejs

View file

@ -8,6 +8,7 @@ channels: final: prev: {
discord
element-desktop
rage
nix-index
nixpkgs-fmt
qutebrowser
signal-desktop

View file

@ -1,7 +1,6 @@
{ self, inputs, ... }:
{
modules = with inputs; [
bud.devshellModules.bud
];
exportedModules = [
./devos.nix

View file

@ -1,12 +1,22 @@
{ pkgs, extraModulesPath, inputs, ... }:
{ pkgs, extraModulesPath, inputs, lib, ... }:
let
inherit (pkgs)
agenix
cachix
editorconfig-checker
mdbook
nixUnstable
nixpkgs-fmt
nvfetcher
;
hooks = import ./hooks;
pkgWithCategory = category: package: { inherit package category; };
devos = pkgWithCategory "devos";
linter = pkgWithCategory "linter";
docs = pkgWithCategory "docs";
devos = pkgWithCategory "devos";
in
{
@ -44,15 +54,15 @@ in
}
(linter nixpkgs-fmt)
(linter editorconfig-checker)
# (docs python3Packages.grip) too many deps
(docs mdbook)
]
++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [
(devos cachix)
]
++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [
(devos inputs.nixos-generators.defaultPackage.${pkgs.system})
(devos deploy-rs)
]
++ lib.optional
(system != "i686-linux")
(devos cachix)
++ lib.optional
(system != "aarch64-darwin")
(devos inputs.nixos-generators.defaultPackage.${pkgs.system})
;
}