From d0470d5aafa7a5778b629bcd1deb51b4be136ea7 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 27 Mar 2023 13:35:59 +0200 Subject: [PATCH 01/10] flake: pull in changes from digga upstream See: https://github.com/divnix/digga/compare/54ede8e591d288c176a09d6fcf4b123896c0bf0f...0595ae70cdb5ccf1ab031199fe98551c4b378bd9?diff=unified --- default.nix | 1 - doc/api-reference.md | 2 +- doc/book.toml | 6 +++++- doc/concepts/users.md | 17 ++--------------- doc/start/index.md | 32 +++++++++++--------------------- doc/tests.md | 15 ++++++++++++--- lib/default.nix | 10 +++++++++- modules/core/nix.nix | 6 +++--- shell/devos.nix | 31 +++++++++++++------------------ shell/hooks/default.nix | 6 ++++-- 10 files changed, 60 insertions(+), 66 deletions(-) diff --git a/default.nix b/default.nix index 0468b228..3d5b5f96 100644 --- a/default.nix +++ b/default.nix @@ -5,7 +5,6 @@ let ciSystems = [ "aarch64-linux" - "i686-linux" "x86_64-linux" ]; diff --git a/doc/api-reference.md b/doc/api-reference.md index ee2cb9e7..41fa2f78 100755 --- a/doc/api-reference.md +++ b/doc/api-reference.md @@ -59,5 +59,5 @@ list of strings _*Default*_ ``` -["aarch64-linux","aarch64-darwin","i686-linux","x86_64-darwin","x86_64-linux"] +["aarch64-linux","aarch64-darwin","x86_64-darwin","x86_64-linux"] ``` diff --git a/doc/book.toml b/doc/book.toml index f9dca6a3..beb67004 100644 --- a/doc/book.toml +++ b/doc/book.toml @@ -1,5 +1,9 @@ [book] -authors = ["Timothy DeHerrera"] +authors = [ + "Timothy DeHerrera", + "Parthiv Seetharaman", + "David Arnold", +] language = "en" multilingual = false src = "." diff --git a/doc/concepts/users.md b/doc/concepts/users.md index 3cb4480e..85e2f070 100644 --- a/doc/concepts/users.md +++ b/doc/concepts/users.md @@ -9,8 +9,7 @@ Users are a special case of [profiles](profiles.md) that define system users and [home-manager][home-manager] configurations. For your convenience, home manager is wired in by default so all you have to worry about is declaring -your users. For a fully fleshed out example, check out the developers personal -[branch](https://github.com/divnix/devos/tree/nrd/users/nrd/default.nix). +your users. ## Basic Usage @@ -60,18 +59,6 @@ using the `homeConfigurations` flake output. This is great for keeping your environment consistent across Unix-like systems, including macOS. -### From within the projects devshell: - -```sh -# builds the pub-solar user defined in the PubSolarOS host -nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' - -# build and activate -nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' && ./result/activate && unlink result -``` - -### Manually from outside the project: - ```sh # build nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPackage" @@ -81,5 +68,5 @@ nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPac ``` [home-manager]: https://nix-community.github.io/home-manager -[modules-list]: https://github.com/divnix/devos/tree/main/users/modules/module-list.nix +[modules-list]: https://github.com/divnix/digga/tree/main/users/modules/module-list.nix [portableuser]: https://digga.divnix.com/api-reference-home.html#homeusers diff --git a/doc/start/index.md b/doc/start/index.md index 06e41292..c160df9f 100644 --- a/doc/start/index.md +++ b/doc/start/index.md @@ -4,7 +4,8 @@ The only dependency is nix, so make sure you have it [installed][install-nix]. ## Get the Template -If you currently don't have flakes setup, you can utilize the digga shell to pull the template: +If you currently don't have flakes setup, you can utilize the digga shell to +pull the template: ```sh nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \ @@ -22,37 +23,26 @@ Then make sure to create the git repository: ```sh git init git add . -git commit -m init +git commit ``` -To drop into a nix-shell, if you don't have flakes setup, use the digga shell to create a `flake.lock`: - -```sh -nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \ - --run "nix flake lock" -``` - -Or if you do have flakes support, just run: - -```sh -nix flake lock -``` - -Finally, run `nix-shell` to get to an interactive shell with all the dependencies, including the unstable nix -version required. You can run `menu` to confirm that you are using digga (expected output includes [docs], [general commands], [linter], etc.). +Finally, run `nix-shell` to get to an interactive shell with all the +dependencies, including the unstable nix version required. You can run `menu` to +confirm that you are using digga (expected output includes [docs], [general +commands], [linter], etc.). In addition, the [binary cache](../integrations/cachix.md) is added for faster deployment. -> ##### _Notes:_ +> # _Notes:_ > > - Flakes ignore files that have not been added to git, so be sure to stage new > files before building the system. > - You can choose to simply clone the repo with git if you want to follow > upstream changes. -> - If the `nix-shell -p cachix --run "cachix use nrdxp"` line doesn't work -> you can try with sudo: `sudo nix-shell -p cachix --run "cachix use nrdxp"` +> - If the `nix-shell -p cachix --run "cachix use nrdxp"` line doesn't work you +> can try with sudo: `sudo nix-shell -p cachix --run "cachix use nrdxp"` -## Next Steps: +## Next Steps - [Make installable ISO](./iso.md) diff --git a/doc/tests.md b/doc/tests.md index aa2bda14..24dead09 100644 --- a/doc/tests.md +++ b/doc/tests.md @@ -14,12 +14,21 @@ be built during CI. ## Integration Tests -All your profiles defined in suites will be tested in a NixOS VM. +All your profiles defined in suites can be tested against an individual host. +Simply use digga's pre-baked `digga.lib.allProfilesTest` like so: + +```nix +{ + hosts = { + Morty.tests = [ allProfilesTest ]; + }; +} +``` You can write integration tests for one or more NixOS VMs that can, optionally, be networked together, and yes, it's as awesome as it sounds! -Be sure to use the `mkTest` function from digga, `digga.lib.pkgs-lib.mkTest` +Be sure to use the `mkTest` function from Digga, `digga.lib.mkTest` which wraps the official [testing-python][testing-python] function to ensure that the system is setup exactly as it is for a bare DevOS system. There are already great resources for learning how to use these tests effectively, @@ -28,7 +37,7 @@ and the examples in [nixpkgs][nixos-tests]. [test-doc]: https://nixos.org/manual/nixos/stable/index.html#sec-nixos-tests [test-blog]: https://www.haskellforall.com/2020/11/how-to-use-nixos-for-lightweight.html -[default]: https://github.com/divnix/devos/tree/main/tests/default.nix +[default]: https://github.com/divnix/devos/tree/core/tests/default.nix [run-test]: https://github.com/NixOS/nixpkgs/blob/6571462647d7316aff8b8597ecdf5922547bf365/lib/debug.nix#L154-L166 [nixos-tests]: https://github.com/NixOS/nixpkgs/tree/master/nixos/tests [testing-python]: https://github.com/NixOS/nixpkgs/tree/master/nixos/lib/testing-python.nix diff --git a/lib/default.nix b/lib/default.nix index 9bc86f1a..ac167511 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,2 +1,10 @@ {lib}: -lib.makeExtensible (self: {}) +lib.makeExtensible (self: let + callLibs = file: import file {lib = self;}; +in rec { + ## Define your own library functions here! + #id = x: x; + ## Or in files, containing functions that take {lib} + #foo = callLibs ./foo.nix; + ## In configs, they can be used under "lib.our" +}) diff --git a/modules/core/nix.nix b/modules/core/nix.nix index 711304ba..6df8803a 100644 --- a/modules/core/nix.nix +++ b/modules/core/nix.nix @@ -15,10 +15,10 @@ auto-optimise-store = true; # Prevents impurities in builds sandbox = true; - # give root and @wheel special privileges with nix + # Give root and @wheel special privileges with nix trusted-users = ["root" "@wheel"]; - # This is just a representation of the nix default - system-features = ["nixos-test" "benchmark" "big-parallel" "kvm"]; + # Allow only group wheel to connect to the nix daemon + allowed-users = ["@wheel"]; }; # Generally useful nix option defaults extraOptions = '' diff --git a/shell/devos.nix b/shell/devos.nix index c216f3b9..fdbcee2e 100644 --- a/shell/devos.nix +++ b/shell/devos.nix @@ -8,11 +8,11 @@ inherit (pkgs) agenix + alejandra cachix editorconfig-checker - mdbook nix - alejandra + nodePackages nvfetcher shellcheck shfmt @@ -25,21 +25,23 @@ prettier ; - hooks = import ./hooks; - pkgWithCategory = category: package: {inherit package category;}; devos = pkgWithCategory "devos"; - linter = pkgWithCategory "linter"; - docs = pkgWithCategory "docs"; + formatter = pkgWithCategory "linter"; in { - _file = toString ./.; - - imports = ["${extraModulesPath}/git/hooks.nix"]; - git = {inherit hooks;}; + imports = ["${extraModulesPath}/git/hooks.nix" ./hooks]; # override for our own welcome devshell.name = pkgs.lib.mkForce "PubSolarOS"; + packages = [ + alejandra + editorconfig-checker + nodePackages.prettier + shellcheck + shfmt + ]; + commands = with pkgs; [ (devos nix) @@ -50,14 +52,7 @@ in { help = pkgs.nvfetcher.meta.description; command = "cd $PRJ_ROOT/pkgs; ${pkgs.nvfetcher}/bin/nvfetcher -c ./sources.toml $@"; } - (linter alejandra) - (linter editorconfig-checker) - (linter nodePackages.prettier) - (linter shfmt) - (linter shellcheck) - (linter treefmt) - - (docs mdbook) + (formatter treefmt) ] ++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [ (devos cachix) diff --git a/shell/hooks/default.nix b/shell/hooks/default.nix index 10f2c9d2..1d60d49c 100644 --- a/shell/hooks/default.nix +++ b/shell/hooks/default.nix @@ -1,4 +1,6 @@ { - enable = true; - pre-commit.text = builtins.readFile ./pre-commit.sh; + git.hooks = { + enable = true; + pre-commit.text = builtins.readFile ./pre-commit.sh; + }; } From b01c5f9fced9f154c621853bb98b04b011ec59d8 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 27 Mar 2023 10:38:24 +0200 Subject: [PATCH 02/10] audio: disable useless bluetooth sap plugin --- modules/audio/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/audio/default.nix b/modules/audio/default.nix index f6d52e71..9a69301b 100644 --- a/modules/audio/default.nix +++ b/modules/audio/default.nix @@ -96,7 +96,13 @@ in { }; # Enable bluetooth - hardware.bluetooth.enable = mkIf cfg.bluetooth.enable true; + hardware.bluetooth = mkIf cfg.bluetooth.enable { + enable = true; + # disable useless SIM Access Profile plugin + disabledPlugins = [ + "sap" + ]; + }; services.blueman.enable = mkIf cfg.bluetooth.enable true; # Enable audio server & client From b1ad71cd35a7c55f7e61fd5981dbdcbfd49f1805 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 27 Mar 2023 13:36:56 +0200 Subject: [PATCH 03/10] cachix: remove unused binary caches --- flake.nix | 6 +----- profiles/cachix/nix-community.nix | 10 ---------- profiles/cachix/nrdxp.nix | 10 ---------- 3 files changed, 1 insertion(+), 25 deletions(-) delete mode 100644 profiles/cachix/nix-community.nix delete mode 100644 profiles/cachix/nrdxp.nix diff --git a/flake.nix b/flake.nix index bd494148..a9a49f7d 100644 --- a/flake.nix +++ b/flake.nix @@ -2,8 +2,6 @@ description = "A highly structured configuration database."; nixConfig.extra-experimental-features = "nix-command flakes"; - nixConfig.extra-substituters = "https://nix-dram.cachix.org https://dram.cachix.org https://nrdxp.cachix.org https://nix-community.cachix.org"; - nixConfig.extra-trusted-public-keys = "nix-dram.cachix.org-1:CKjZ0L1ZiqH3kzYAZRt8tg8vewAx5yj8Du/+iR8Efpg= dram.cachix.org-1:baoy1SXpwYdKbqdTbfKGTKauDDeDlHhUpC+QuuILEMY= nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; inputs = { # Track channels with commits tested and built by hydra @@ -99,9 +97,7 @@ imports = [(digga.lib.importHosts ./hosts)]; hosts = { - /* - set host specific properties here - */ + # Set host-specific properties here bootstrap = { modules = [ digga.nixosModules.bootstrapIso diff --git a/profiles/cachix/nix-community.nix b/profiles/cachix/nix-community.nix deleted file mode 100644 index 3c957fcd..00000000 --- a/profiles/cachix/nix-community.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - nix.settings = { - substituters = [ - "https://nix-community.cachix.org" - ]; - trusted-public-keys = [ - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; -} diff --git a/profiles/cachix/nrdxp.nix b/profiles/cachix/nrdxp.nix deleted file mode 100644 index ddced9c3..00000000 --- a/profiles/cachix/nrdxp.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - nix.settings = { - substituters = [ - "https://nrdxp.cachix.org" - ]; - trusted-public-keys = [ - "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=" - ]; - }; -} From 972e3f1569c6c84c7445c997e189ebe127141649 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 27 Mar 2023 18:03:28 +0200 Subject: [PATCH 04/10] cachix: default binary cache is nixos.org, no need to specify it explicitly (results in double entry in nix.conf) Also force our nix.extraOptions because digga tries real hard to put their binary caches there: https://github.com/divnix/digga/blob/0595ae70cdb5ccf1ab031199fe98551c4b378bd9/modules/nix-config.nix#L19-L23 --- modules/core/nix.nix | 2 +- profiles/cachix/default.nix | 13 ------------- profiles/full-install/default.nix | 2 -- profiles/pub-solar-iso/default.nix | 1 - 4 files changed, 1 insertion(+), 17 deletions(-) delete mode 100644 profiles/cachix/default.nix diff --git a/modules/core/nix.nix b/modules/core/nix.nix index 711304ba..325e20c3 100644 --- a/modules/core/nix.nix +++ b/modules/core/nix.nix @@ -21,7 +21,7 @@ system-features = ["nixos-test" "benchmark" "big-parallel" "kvm"]; }; # Generally useful nix option defaults - extraOptions = '' + extraOptions = lib.mkForce '' min-free = 536870912 keep-outputs = true keep-derivations = true diff --git a/profiles/cachix/default.nix b/profiles/cachix/default.nix deleted file mode 100644 index 9b810da7..00000000 --- a/profiles/cachix/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - folder = ./.; - toImport = name: value: folder + ("/" + name); - filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix"; - imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); -in { - inherit imports; - nix.settings.substituters = ["https://cache.nixos.org/"]; -} diff --git a/profiles/full-install/default.nix b/profiles/full-install/default.nix index d3c03da7..d9b07733 100644 --- a/profiles/full-install/default.nix +++ b/profiles/full-install/default.nix @@ -7,8 +7,6 @@ }: let inherit (lib) fileContents; in { - imports = [../cachix]; - config = { pub-solar.audio.mopidy.enable = true; pub-solar.audio.bluetooth.enable = true; diff --git a/profiles/pub-solar-iso/default.nix b/profiles/pub-solar-iso/default.nix index 2b3669c5..fa973283 100644 --- a/profiles/pub-solar-iso/default.nix +++ b/profiles/pub-solar-iso/default.nix @@ -7,7 +7,6 @@ }: let inherit (lib) fileContents; in { - imports = [../cachix]; config = { pub-solar.graphical.wayland.software-renderer.enable = true; pub-solar.sway.terminal = "foot"; From 52c2ca9f13b93d7e71925bdf229b80cd8f9fc474 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 27 Mar 2023 18:53:54 +0200 Subject: [PATCH 05/10] nix.conf: add back required experimental features --- modules/core/nix.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/core/nix.nix b/modules/core/nix.nix index 325e20c3..87182a6e 100644 --- a/modules/core/nix.nix +++ b/modules/core/nix.nix @@ -22,6 +22,7 @@ }; # Generally useful nix option defaults extraOptions = lib.mkForce '' + experimental-features = flakes nix-command min-free = 536870912 keep-outputs = true keep-derivations = true From 3bdc4b1f3989711267e5c6346ad6c0e5dbc02314 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Tue, 28 Mar 2023 14:00:07 +0200 Subject: [PATCH 06/10] ci: cleanup unused directories --- .drone/setup_ssh.sh | 11 ---- .drone/upstream-branch.sh | 12 ---- .github/ISSUE_TEMPLATE/bug_report.md | 38 ----------- .github/ISSUE_TEMPLATE/community_request.md | 22 ------- .github/ISSUE_TEMPLATE/feature_request.md | 24 ------- .github/ISSUE_TEMPLATE/upstream_notice.md | 16 ----- .github/workflows/check.yml | 29 --------- .github/workflows/mdbook_docs.yml | 27 -------- .github/workflows/release.yml | 71 --------------------- 9 files changed, 250 deletions(-) delete mode 100755 .drone/setup_ssh.sh delete mode 100755 .drone/upstream-branch.sh delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md delete mode 100644 .github/ISSUE_TEMPLATE/community_request.md delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 .github/ISSUE_TEMPLATE/upstream_notice.md delete mode 100644 .github/workflows/check.yml delete mode 100644 .github/workflows/mdbook_docs.yml delete mode 100644 .github/workflows/release.yml diff --git a/.drone/setup_ssh.sh b/.drone/setup_ssh.sh deleted file mode 100755 index f4a1bbd4..00000000 --- a/.drone/setup_ssh.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env sh - -set -e - -# Setup ssh inside container -mkdir -p ~/.ssh -echo "$GITEA_SSH_KEY" > ~/.ssh/id_rsa -echo "[git.b12f.io]:2222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ4uaREL7acSSCNAX+voDYl1Kj7JipP62fR5x1UyGP9u" >> ~/.ssh/known_hosts -echo "Host git.b12f.io" >> ~/.ssh/config -echo " Port 2222" >> ~/.ssh/config -chmod -R 600 ~/.ssh diff --git a/.drone/upstream-branch.sh b/.drone/upstream-branch.sh deleted file mode 100755 index a53ad4bb..00000000 --- a/.drone/upstream-branch.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env sh - -set -e -set -u - -LOCAL="$DRONE_BRANCH" -[ "$LOCAL" = "main" ] && UPSTREAM=origin/devos || UPSTREAM=origin/main - -git fetch --all -git checkout "$LOCAL" -git merge "$UPSTREAM" -git push origin "$LOCAL" diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 1040ee63..00000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Bug report -about: Create a report to help improve -title: '' -labels: 'bug' -assignees: '' - ---- - -Your issue may already be reported! -Please search on the [issue tracker](../) before creating one. - -## Expected Behavior - - - -## Current Behavior - - -## Possible Solution - - - -## Steps to Reproduce - - -1. -2. -3. -4. - -## Context - - - -## Your Environment - - diff --git a/.github/ISSUE_TEMPLATE/community_request.md b/.github/ISSUE_TEMPLATE/community_request.md deleted file mode 100644 index c55a3faf..00000000 --- a/.github/ISSUE_TEMPLATE/community_request.md +++ /dev/null @@ -1,22 +0,0 @@ ---- -name: Commuity Request -about: inspire contribution to the `community` branch -title: '' -labels: 'community' -assignees: '' - ---- - -Your issue may already be reported! -Please search on the [issue tracker](../) before creating one. - -## Ideas - - - - - - -## Requests - - diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 327943c0..00000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -name: Feature request -about: Suggest an idea -title: '' -labels: 'enhancement' -assignees: '' - ---- - -Your issue may already be reported! -Please search on the [issue tracker](../) before creating one. - -## Would your feature fix an existing issue? - - -## Describe the solution you'd like - - -## Describe alternatives you've considered - - -## Additional context - - diff --git a/.github/ISSUE_TEMPLATE/upstream_notice.md b/.github/ISSUE_TEMPLATE/upstream_notice.md deleted file mode 100644 index 4ada54e3..00000000 --- a/.github/ISSUE_TEMPLATE/upstream_notice.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -name: Upstream notice (Issues or Changes) -about: Create an upstream notice to help our research -title: '[ ]: ' -labels: 'upstream' -assignees: '' - ---- - -## Link - - - -## Context - diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml deleted file mode 100644 index 756aa2bf..00000000 --- a/.github/workflows/check.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: "Check & Cachix" -on: - push: - branches: - - main - - trying - - staging -jobs: - check: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2.3.4 - - uses: cachix/install-nix-action@v13 - with: - install_url: https://github.com/numtide/nix-flakes-installer/releases/download/nix-2.4pre20210415_76980a1/install - extra_nix_config: | - experimental-features = nix-command flakes - system-features = nixos-test benchmark big-parallel kvm recursive-nix - substituters = https://nrdxp.cachix.org https://nix-community.cachix.org https://cache.nixos.org - trusted-public-keys = nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= - - uses: cachix/cachix-action@v10 - with: - name: nrdxp - signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' - authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - - run: nix -Lv flake check - - run: nix -Lv build ".#nixosConfigurations.NixOS.config.system.build.toplevel" - - run: nix -Lv develop -c echo OK - - run: nix -Lv develop --command bud --help diff --git a/.github/workflows/mdbook_docs.yml b/.github/workflows/mdbook_docs.yml deleted file mode 100644 index 5faf9c28..00000000 --- a/.github/workflows/mdbook_docs.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Deploy Docs to GitHub Pages - -on: - push: - branches: - - main - -jobs: - deploy: - runs-on: ubuntu-18.04 - steps: - - uses: actions/checkout@v2 - - - name: Setup mdBook - uses: peaceiris/actions-mdbook@v1 - with: - mdbook-version: 'latest' - - - run: mdbook build doc - - - name: Deploy - uses: peaceiris/actions-gh-pages@v3 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - publish_branch: gh-pages - publish_dir: ./doc/book - cname: devos.divnix.com diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 8cabd128..00000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,71 +0,0 @@ -name: Release - -on: - push: - tags: - - v* - -jobs: - changelog: - name: Update Changelog - runs-on: ubuntu-latest - steps: - - name: Get version from tag - env: - GITHUB_REF: ${{ github.ref }} - run: | - export CURRENT_VERSION=${GITHUB_TAG/refs\/tags\/v/} - echo "CURRENT_VERSION=$CURRENT_VERSION" >> $GITHUB_ENV - - name: Checkout code - uses: actions/checkout@v2 - with: - ref: main - - name: Update Changelog - uses: heinrichreimer/github-changelog-generator-action@v2.1.1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - issues: false - issuesWoLabels: false - pullRequests: true - prWoLabels: true - addSections: '{"documentation":{"prefix":"**Documentation:**","labels":["documentation"]}}' - - uses: stefanzweifel/git-auto-commit-action@v4 - with: - commit_message: Update Changelog for tag ${{ env.CURRENT_VERSION }} - file_pattern: CHANGELOG.md - - release_notes: - name: Create Release Notes - runs-on: ubuntu-latest - needs: changelog - steps: - - name: Get version from tag - env: - GITHUB_REF: ${{ github.ref }} - run: | - export CURRENT_VERSION=${GITHUB_TAG/refs\/tags\/v/} - echo "CURRENT_VERSION=$CURRENT_VERSION" >> $GITHUB_ENV - - - name: Checkout code - uses: actions/checkout@v2 - with: - ref: main - - - name: Get Changelog Entry - id: changelog_reader - uses: mindsers/changelog-reader-action@v1 - with: - version: ${{ env.CURRENT_VERSION }} - path: ./CHANGELOG.md - - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ github.ref }} - release_name: Release ${{ github.ref }} - body: ${{ steps.changelog_reader.outputs.log_entry }} - draft: false - prerelease: false From 3ea141d445f5b3cf0acc7beff6623737d62eb1d6 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Tue, 28 Mar 2023 14:03:41 +0200 Subject: [PATCH 07/10] cachix: remove unused binary caches from drone runner --- modules/docker-ci-runner/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/docker-ci-runner/default.nix b/modules/docker-ci-runner/default.nix index 11998fd9..4863d970 100644 --- a/modules/docker-ci-runner/default.nix +++ b/modules/docker-ci-runner/default.nix @@ -23,7 +23,7 @@ let export nix_user_config_file="/home/build/.local/share/nix/trusted-settings.json" mkdir -p $(dirname \\$nix_user_config_file) - echo '{"extra-experimental-features":{"nix-command flakes":true},"extra-substituters":{"https://nix-dram.cachix.org https://dram.cachix.org https://nrdxp.cachix.org https://nix-community.cachix.org":true},"extra-trusted-public-keys":{"nix-dram.cachix.org-1:CKjZ0L1ZiqH3kzYAZRt8tg8vewAx5yj8Du/+iR8Efpg= dram.cachix.org-1:baoy1SXpwYdKbqdTbfKGTKauDDeDlHhUpC+QuuILEMY= nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=":true}}' > \\$nix_user_config_file + echo '{"extra-experimental-features":{"nix-command flakes":true}}' > \\$nix_user_config_file chown -R build /home/build/ curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_linux_amd64.tar.gz | tar xz From 91353938af657ad6079820945632be5bd478d4c0 Mon Sep 17 00:00:00 2001 From: Akshay Mankar Date: Mon, 17 Apr 2023 20:05:42 +0200 Subject: [PATCH 08/10] modules/networking: Use mkDefault for caddy config --- modules/core/networking.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/core/networking.nix b/modules/core/networking.nix index f5bd201d..fa91046e 100644 --- a/modules/core/networking.nix +++ b/modules/core/networking.nix @@ -56,12 +56,12 @@ in { # Caddy reverse proxy for local services like cups services.caddy = { - enable = cfg.enableCaddy; - globalConfig = '' + enable = lib.mkDefault cfg.enableCaddy; + globalConfig = lib.mkDefault '' default_bind 127.0.0.1 auto_https off ''; - extraConfig = concatStringsSep "\n" [ + extraConfig = lib.mkDefault (concatStringsSep "\n" [ (lib.optionalString config.pub-solar.printing.enable '' @@ -79,7 +79,7 @@ in { file_server } '') - ]; + ]); }; }; } From 2692b2dc20031427a608945647243d252b31796b Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 24 Apr 2023 13:05:05 +0200 Subject: [PATCH 09/10] host_001_momo_koeln: fix swap UUID This got changed while debugging boot failures on this host, by re-creating swap. --- .../hardware-configuration.nix | 37 ++++++++++--------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/hosts/host_001_momo_koeln/hardware-configuration.nix b/hosts/host_001_momo_koeln/hardware-configuration.nix index 39e05d60..d3606463 100644 --- a/hosts/host_001_momo_koeln/hardware-configuration.nix +++ b/hosts/host_001_momo_koeln/hardware-configuration.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { # Use the GRUB 2 boot loader. boot.loader.systemd-boot.enable = false; boot.loader.grub.enable = true; @@ -11,28 +14,28 @@ # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; boot.initrd.luks.devices."cryptroot" = { device = "/dev/disk/by-uuid/531ee357-5777-498f-abbf-64bb4cff9a14"; }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/f5b3152a-a3bd-46d1-968f-53d50fca921e"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/f5b3152a-a3bd-46d1-968f-53d50fca921e"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/1fd053f8-725b-418d-aed1-aee71dac2b62"; - fsType = "ext4"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/1fd053f8-725b-418d-aed1-aee71dac2b62"; + fsType = "ext4"; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/46191ecf-244c-4445-b1c0-ae3059871a70"; } - ]; + swapDevices = [ + {device = "/dev/disk/by-uuid/967d1933-131d-4b56-8aa9-15c11ff940c9";} + ]; networking = { defaultGateway = "80.244.242.1"; From db53f9f1be2e00ca2974948b570d3e3e46f0c17a Mon Sep 17 00:00:00 2001 From: teutat3s Date: Mon, 24 Apr 2023 13:13:12 +0200 Subject: [PATCH 10/10] host_001_momo_koeln: fix initrd kernelModules boot.initrd.kernelModules overrides boot.initrd.availableKernelModules and forces the initrd to load only those modules. This leads to the host being unbootable in this case because of missing required modules. availableKernelModules is the correct place for desired modules. This got fixed during a debugging session of hensoko and teutat3s, but not implemented in nix code until now. --- hosts/host_001_momo_koeln/hardware-configuration.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/host_001_momo_koeln/hardware-configuration.nix b/hosts/host_001_momo_koeln/hardware-configuration.nix index d3606463..b1b7611c 100644 --- a/hosts/host_001_momo_koeln/hardware-configuration.nix +++ b/hosts/host_001_momo_koeln/hardware-configuration.nix @@ -14,8 +14,8 @@ # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod"]; - boot.initrd.kernelModules = ["dm-snapshot"]; + boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod" "dm-snapshot"]; + boot.initrd.kernelModules = []; boot.kernelModules = ["kvm-intel"]; boot.extraModulePackages = [];