diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index e4fc197e..c8a8f64c 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -2,7 +2,7 @@ name: "Check & Cachix" on: push: branches: - - core + - main - trying - staging jobs: diff --git a/.github/workflows/mdbook_docs.yml b/.github/workflows/mdbook_docs.yml index 842171c4..5faf9c28 100644 --- a/.github/workflows/mdbook_docs.yml +++ b/.github/workflows/mdbook_docs.yml @@ -3,7 +3,7 @@ name: Deploy Docs to GitHub Pages on: push: branches: - - core + - main jobs: deploy: diff --git a/README.md b/README.md index fc5bb769..15211ebc 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Make an awesome template for NixOS users, with consideration for common tools li [devshell][devshell], and [more](./doc/integrations). ### No. Why _flakes_? -Flakes are a part of an explicit push to improve [Nix's UI](https://github.com/NixOS/nix/blob/master/doc/manual/src/contributing/cli-guideline.md), and have become an intergral part of that effort. +Flakes are a part of an explicit push to improve [Nix's UX](https://github.com/NixOS/nix/blob/master/doc/manual/src/contributing/cli-guideline.md), and have become an integral part of that effort. They also make [Nix expressions](https://nixos.org/manual/nix/unstable/expressions/expression-syntax.html) easier to distribute and reuse with convient [flake references](https://github.com/NixOS/nix/blob/master/src/nix/flake.md#flake-references) for building or using packages, modules, and whole systems. @@ -22,18 +22,14 @@ Also, have a look at [_flake.nix_][toc]. If anything is not immediately discoverable via "[`digga`][digga]'s [`mkFlake`][mk-flake], please file a bug report. -## Motivation -NixOS provides an amazing abstraction to manage our environment, but that new -power can sometimes bring feelings of overwhelm and confusion. Having a turing -complete system can easily lead to unlimited complexity if we do it wrong. -Instead, we should have a community consensus on how to manage a NixOS system -and its satellite projects, from which best practices can evolve. +### Status: Beta +Although this project has already matured quite a bit, especially through +recent outfactoring of [`digga`][digga], a fair amount of api polishing is still +expected. There are unstable versions (0._x_._x_) to help users keep track +of changes and progress, and a [`develop`](https://github.com/divnix/devos/tree/develop) branch for the brave 😜 -___The future is declarative! 🎉___ - -## Examples in the Wild -The author maintains his own branch, so you can take inspiration, direction, or -make critical comments about the [code][please]. 😜 +## In the Wild +* The original [authors][please] ## Shoulders This work does not reinvent the wheel. It stands on the [shoulders of the @@ -92,4 +88,3 @@ DevOS is licensed under the [MIT License][mit]. [nixpkgs]: https://github.com/NixOS/nixpkgs [nvfetcher]: https://github.com/berberman/nvfetcher [please]: https://github.com/nrdxp/devos/tree/nrd -[toc]: https://github.com/divnix/devos/blob/core/flake.nix diff --git a/pkgs/bud/default.nix b/bud/default.nix similarity index 100% rename from pkgs/bud/default.nix rename to bud/default.nix diff --git a/pkgs/bud/get.bash b/bud/get.bash similarity index 100% rename from pkgs/bud/get.bash rename to bud/get.bash diff --git a/doc/CONTRIBUTING.md b/doc/CONTRIBUTING.md index 4766cdf7..8574daea 100644 --- a/doc/CONTRIBUTING.md +++ b/doc/CONTRIBUTING.md @@ -1,25 +1,18 @@ # Pull Requests -All development is done in the `develop` branch. Only minor bug-fixes and release -PRs should target `master`. -If making a change to the template, or adding a feature, please be sure to update the -relevant docs. Each directory contains its own README.md, which will -automatically be pulled into the [mdbook](https://devos.divnix.com). The book is -rendered on every change, so the docs should always be up to date. +## TL;DR; +- **Target Branch**: `main` +- **Merge Policy**: [`bors`][bors] is alwyas right (→ `bors try`) +- **Docs**: every changeset is expected to contain doc updates +- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages + should cover the motivation and use case in an easily understandable manner + even when read after a few months. +- **Test Driven Development**: please default to test driven development where possible. -We also use [BORS](https://bors.tech) to ensure that all pull requests pass the -test suite once at least one review is completed. +### Within the Devshell (`nix develop`) +- **Hooks**: please `git commit` within the devshell +- **Fail Early**: please run from within the devshell on your local machine: + - `nix flake check` -# Style -If you wish to contribute please follow these guidelines: +[bors]: https://bors.tech -* format your code with [`nixpkgs-fmt`][nixpkgs-fmt]. The default devshell - includes a pre-commit hook that does this for you. - -* The commit message follows the same semantics as [nixpkgs][nixpkgs]. - * You can use a `#` symbol to specify ambiguities. For example, - `develop#zsh: ` would tell me that you're updating the - `zsh` subprofile living under the `develop` profile. - -[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt -[nixpkgs]: https://github.com/NixOS/nixpkgs diff --git a/doc/SUMMARY.md b/doc/SUMMARY.md index 4378683f..1d7bafe9 100644 --- a/doc/SUMMARY.md +++ b/doc/SUMMARY.md @@ -6,7 +6,6 @@ - [Bootstrapping](./start/bootstrapping.md) - [From NixOS](./start/from-nixos.md) - [Key Concepts](./concepts/index.md) - - [Extern](./concepts/extern.md) - [Hosts](./concepts/hosts.md) - [Overrides](./concepts/overrides.md) - [Profiles](./concepts/profiles.md) @@ -17,17 +16,10 @@ - [Overlays](./outputs/overlays.md) - [Packages](./outputs/pkgs.md) - [Concerns]() - - [Lib](./lib.md) - [Secrets](./secrets.md) - [Tests](./tests.md) -- [Helper Script – `flk`](./flk/index.md) - - [up](./flk/up.md) - - [update](./flk/update.md) - - [get](./flk/get.md) - - [doi](./flk/doi.md) - - [iso](./flk/iso.md) - - [install](./flk/install.md) - - [home](./flk/home.md) +- [Helper Script – `bud`](./bud/index.md) + - [get](./bud/get.md) - [Integrations](./integrations/index.md) - [Cachix](./integrations/cachix.md) - [Deploy RS](./integrations/deploy.md) diff --git a/doc/flk/get.md b/doc/bud/get.md similarity index 90% rename from doc/flk/get.md rename to doc/bud/get.md index 8761f004..12263df0 100644 --- a/doc/flk/get.md +++ b/doc/bud/get.md @@ -4,7 +4,7 @@ git history. ## Usage ```sh -flk get DEST-DIR +bud get DEST-DIR ``` If DEST-DIR is ommitted, it defaults to _./devos_. diff --git a/doc/bud/index.md b/doc/bud/index.md new file mode 100644 index 00000000..7b985792 --- /dev/null +++ b/doc/bud/index.md @@ -0,0 +1,24 @@ +# [`bud`][bud] command +The template incudes a convenient script for managing your system called [`bud`][bud]. + +It is a portable and highly composable system control tool that work anywhere on your host +or in the flake's devshell. + +Although it comes with some predefined standard helpers, +it is very extensible and you are encouraged to write your own script snippets +to ease your workflows. An example is the bud module for a `get` command that +comes included with `devos`. + +While writing scripts you can convenientely access smart environment variables +that can tell the current architecture, user or host name, among others, regardless +wether you invoke `bud` within the devshell or as the system-wide installed `bud`. + +For details, please review the [bud repo][bud]. + +## Usage +```sh +bud help +``` + + +[bud]: https://github.com/divnix/bud diff --git a/doc/concepts/extern.md b/doc/concepts/extern.md deleted file mode 100644 index 45d8dcb5..00000000 --- a/doc/concepts/extern.md +++ /dev/null @@ -1,42 +0,0 @@ -# External Art -When you need to use a module, overlay, or pass a value from one of your inputs -to the rest of your NixOS configuration, you can make use of a couple arguments. -It is encouraged to add external art directly in your `flake.nix` so the file -represents a complete dependency overview of your flake. - -## Overlays -External overlays can directly be added to a channel's `overlays` list. - -flake.nix: -```nix -{ - channels.nixos.overlays = [ inputs.agenix.overlay ]; -} -``` -Upon exporting overlays, these overlays will be automatically filtered out by inspecting the `inputs` argument. - -## Modules -There is a dedicated `nixos.hostDefaults.externalModules` argument for external -modules. - -flake.nix: -```nix -{ - nixos.hostDefaults.externalModules = [ inputs.agenix.nixosModules.age ]; -} -``` - -## Home Manager -Since there isn't a `hosts` concept for home-manager, externalModules is just a -top-level argument in the `home` namespace. - -flake.nix: -```nix -{ - home.externalModules = [ doom-emacs = doom-emacs.hmModule ]; -} -``` - -> ##### Note: -> To avoid declaring "external" modules separately, which is obvious since they come from `inputs`, the optimal solution would be to automatically export modules that were created in -> your flake. But this is not possible due to NixOS/nix#4740. diff --git a/doc/concepts/index.md b/doc/concepts/index.md index 8aca6e5c..618292cb 100644 --- a/doc/concepts/index.md +++ b/doc/concepts/index.md @@ -1,4 +1,10 @@ # Key Concepts -There are few idioms unique to DevOS. This section is dedicated to helping you -understand them. +Key concepts are derived from [digga][digga]. Please refer to its +[docs][digga-docs] for more details. + +This section is dedicated to helping you develop a more hands on +understanding of them them. + +[digga-docs]: https://digga.divnix.com +[digga]: https://github.com/divnix/digga diff --git a/doc/concepts/users.md b/doc/concepts/users.md index 20f371de..12bf5622 100644 --- a/doc/concepts/users.md +++ b/doc/concepts/users.md @@ -1,3 +1,8 @@ +> ##### _Note:_ +> This section and its semantics need a conceptiual rework. +> Since recently [portable home configurations][portableuser] +> that are not bound to any specific host are a thing. + # Users Users are a special case of [profiles](profiles.md) that define system @@ -69,3 +74,4 @@ nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPac [home-manager]: https://nix-community.github.io/home-manager [modules-list]: https://github.com/divnix/devos/tree/core/users/modules/module-list.nix +[portableuser]: https://digga.divnix.com/api-reference-home.html#homeusers diff --git a/doc/flk/doi.md b/doc/flk/doi.md deleted file mode 100644 index fc522cdd..00000000 --- a/doc/flk/doi.md +++ /dev/null @@ -1,10 +0,0 @@ -# DigitalOcean - -Now you can [create a droplet](https://cloud.digitalocean.com/droplets/new) using your custom image. - -Making a DigitalOcean compatible image for `hosts/NixOS.nix` is as simple as: -```sh -flk doi NixOS -``` - -This works for any file matching `hosts/*.nix` excluding `default.nix`. diff --git a/doc/flk/home.md b/doc/flk/home.md deleted file mode 100644 index f0bae767..00000000 --- a/doc/flk/home.md +++ /dev/null @@ -1,8 +0,0 @@ -# home -The `home` subcommand is for using your home-manager configurations outside of -NixOS, providing an awesome mechanism for keeping your environments -synchronized, even when using other systems. - -## Usage -The [users](../concepts/users.md#external-usage) page contains a good usage -example. diff --git a/doc/flk/index.md b/doc/flk/index.md deleted file mode 100644 index 04fc1c48..00000000 --- a/doc/flk/index.md +++ /dev/null @@ -1,20 +0,0 @@ -# flk command -The devshell for the project incudes a convenient script for managing your -system called `flk`. Each of the following chapters is a reference for one of -its subcommands. - -## Rebuild -Without any of the subcommands, `flk` acts as a convenient shortcut for -`nixos-rebuild`: -```sh -flk NixOS build -``` - -Will build _hosts/NixOS.nix_. You can change out `build` for `switch`, `test`, -etc. Any additional arguments are passed through to the call to -`nixos-rebuild`. - -## Usage -```sh -flk help -``` diff --git a/doc/flk/install.md b/doc/flk/install.md deleted file mode 100644 index 3ae52504..00000000 --- a/doc/flk/install.md +++ /dev/null @@ -1,12 +0,0 @@ -# install -The `install` subcommand is a simple convenience for `nixos-install`, similar -to the shortcut for `nixos-rebuild`, all additional arguments are passed -through. - -## Example -```sh -flk install NixOS -``` - -This will install _hosts/NixOS.nix_ to /mnt. You can override this directory -using standard `nixos-install` args. diff --git a/doc/flk/iso.md b/doc/flk/iso.md deleted file mode 120000 index fa658ef4..00000000 --- a/doc/flk/iso.md +++ /dev/null @@ -1 +0,0 @@ -../start/iso.md \ No newline at end of file diff --git a/doc/flk/up.md b/doc/flk/up.md deleted file mode 100644 index 265e03a0..00000000 --- a/doc/flk/up.md +++ /dev/null @@ -1,4 +0,0 @@ -# up -The `up` subcommand is a simple shortcut for `nixos-generate-config` that is -compatible with devos. There is a short explanation in the the getting started -[guide](../start/from-nixos.md#generate-configuration). diff --git a/doc/flk/update.md b/doc/flk/update.md deleted file mode 100644 index 869db72f..00000000 --- a/doc/flk/update.md +++ /dev/null @@ -1,22 +0,0 @@ -# update -The `update` subcommand is a simple alias for: -```sh -nix flake update -``` -As it sounds, this will update your lock file. - -## Updating Package Sources -If you pass directory name then it will update that input if the directory -contains a flake.nix, with an optional arguement to update only a specific -input in the subflake. - -For example, you can update any -[package sources](../outputs/pkgs.md#automatic-source-updates) you may have -declared in _pkgs/flake.nix_: -```sh -flk update pkgs -``` -or just its _nixpkgs_: -```sh -flk update pkgs nixpkgs -``` diff --git a/doc/integrations/nvfetcher.md b/doc/integrations/nvfetcher.md index 2bfaa029..4670657e 100644 --- a/doc/integrations/nvfetcher.md +++ b/doc/integrations/nvfetcher.md @@ -38,6 +38,6 @@ fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching > ##### _Note:_ > Please refer to the [NvFetcher Readme][nvf-readme] for more options. -[nvf: https://github.com/berberman/nvfetcher +[nvf]: https://github.com/berberman/nvfetcher [nvf-readme]: https://github.com/berberman/nvfetcher#readme [sources.toml]: https://github.com/divnix/devos/tree/core/pkgs/sources.toml diff --git a/doc/mkFlakeOptions.md b/doc/mkFlakeOptions.md deleted file mode 100644 index dbc7abc1..00000000 --- a/doc/mkFlakeOptions.md +++ /dev/null @@ -1,541 +0,0 @@ -## channels -nixpkgs channels to create - - -*_Type_*: -attribute set of submodules - - -*_Default_* -``` -{} -``` - - - - -## channels.\.config -nixpkgs config for this channel - - -*_Type_*: -attribute set or path convertible to it - - -*_Default_* -``` -{} -``` - - - - -## channels.\.input -nixpkgs flake input to use for this channel - - -*_Type_*: -nix flake - - -*_Default_* -``` -"self.inputs." -``` - - - - -## channels.\.overlays -overlays to apply to this channel -these will get exported under the 'overlays' flake output -as \/\ and any overlay pulled from ${inputs} -will be filtered out - - -*_Type_*: -list of valid Nixpkgs overlay or path convertible to its or anything convertible to it - - -*_Default_* -``` -[] -``` - - - - -## channelsConfig -nixpkgs config for all channels - - -*_Type_*: -attribute set or path convertible to it - - -*_Default_* -``` -{} -``` - - - - -## devshell -Modules to include in your devos shell. the `modules` argument -will be exported under the `devshellModules` output - - -*_Type_*: -submodule - - -*_Default_* -``` -{} -``` - - - - -## devshell.externalModules -modules to include that won't be exported -meant importing modules from external flakes - - -*_Type_*: -list of valid module or path convertible to its or anything convertible to it - - -*_Default_* -``` -[] -``` - - - - -## devshell.modules -modules to include in all hosts and export to devshellModules output - - -*_Type_*: -list of path to a modules or anything convertible to it or path convertible to it - - -*_Default_* -``` -[] -``` - - - - -## home -hosts, modules, suites, and profiles for home-manager - - -*_Type_*: -submodule - - -*_Default_* -``` -{} -``` - - - - -## home.externalModules -modules to include that won't be exported -meant importing modules from external flakes - - -*_Type_*: -list of valid module or path convertible to its or anything convertible to it - - -*_Default_* -``` -[] -``` - - - - -## home.importables -Packages of paths to be passed to modules as `specialArgs`. - - -*_Type_*: -attribute set - - -*_Default_* -``` -{} -``` - - - - -## home.importables.suites -collections of profiles - - -*_Type_*: -attribute set of list of paths or anything convertible to its - - - - - - -## home.modules -modules to include in all hosts and export to homeModules output - - -*_Type_*: -list of path to a modules or anything convertible to it or path convertible to it - - -*_Default_* -``` -[] -``` - - - - -## home.profiles -WARNING: The 'suites' and `profiles` options have been deprecated, you can now create -both with the importables option. `rakeLeaves` can be used to create profiles and -by passing a module or `rec` set to `importables`, suites can access profiles. -Example: -``` -importables = rec { - profiles = digga.lib.importers.rakeLeaves ./profiles; - suites = with profiles; { }; -} -``` -See https://github.com/divnix/digga/pull/30 for more details - - -*_Type_*: -list of paths - - -*_Default_* -``` -[] -``` - - - - -## home.suites -WARNING: The 'suites' and `profiles` options have been deprecated, you can now create -both with the importables option. `rakeLeaves` can be used to create profiles and -by passing a module or `rec` set to `importables`, suites can access profiles. -Example: -``` -importables = rec { - profiles = digga.lib.importers.rakeLeaves ./profiles; - suites = with profiles; { }; -} -``` -See https://github.com/divnix/digga/pull/30 for more details - - -*_Type_*: -function that evaluates to a(n) attrs or path convertible to it - - - - - - -## nixos -hosts, modules, suites, and profiles for nixos - - -*_Type_*: -submodule - - -*_Default_* -``` -{} -``` - - - - -## nixos.hostDefaults -Defaults for all hosts. -the modules passed under hostDefaults will be exported -to the 'nixosModules' flake output. -They will also be added to all hosts. - - -*_Type_*: -submodule - - -*_Default_* -``` -{} -``` - - - - -## nixos.hostDefaults.channelName -Channel this host should follow - - -*_Type_*: -a channel defined in `channels` - - -*_Default_* -``` -null -``` - - - - -## nixos.hostDefaults.externalModules -modules to include that won't be exported -meant importing modules from external flakes - - -*_Type_*: -list of valid module or path convertible to its or anything convertible to it - - -*_Default_* -``` -[] -``` - - - - -## nixos.hostDefaults.modules -modules to include in all hosts and export to nixosModules output - - -*_Type_*: -list of path to a modules or anything convertible to it or path convertible to it - - -*_Default_* -``` -[] -``` - - - - -## nixos.hostDefaults.system -system for this host - - -*_Type_*: -system defined in `supportedSystems` - - -*_Default_* -``` -null -``` - - - - -## nixos.hosts -configurations to include in the nixosConfigurations output - - -*_Type_*: -attribute set of submodules - - -*_Default_* -``` -{} -``` - - - - -## nixos.hosts.\.channelName -Channel this host should follow - - -*_Type_*: -a channel defined in `channels` - - -*_Default_* -``` -null -``` - - - - -## nixos.hosts.\.modules -modules to include - - -*_Type_*: -list of valid module or path convertible to its or anything convertible to it - - -*_Default_* -``` -[] -``` - - - - -## nixos.hosts.\.system -system for this host - - -*_Type_*: -system defined in `supportedSystems` - - -*_Default_* -``` -null -``` - - - - -## nixos.importables -Packages of paths to be passed to modules as `specialArgs`. - - -*_Type_*: -attribute set - - -*_Default_* -``` -{} -``` - - - - -## nixos.importables.suites -collections of profiles - - -*_Type_*: -attribute set of list of paths or anything convertible to its - - - - - - -## nixos.profiles -WARNING: The 'suites' and `profiles` options have been deprecated, you can now create -both with the importables option. `rakeLeaves` can be used to create profiles and -by passing a module or `rec` set to `importables`, suites can access profiles. -Example: -``` -importables = rec { - profiles = digga.lib.importers.rakeLeaves ./profiles; - suites = with profiles; { }; -} -``` -See https://github.com/divnix/digga/pull/30 for more details - - -*_Type_*: -list of paths - - -*_Default_* -``` -[] -``` - - - - -## nixos.suites -WARNING: The 'suites' and `profiles` options have been deprecated, you can now create -both with the importables option. `rakeLeaves` can be used to create profiles and -by passing a module or `rec` set to `importables`, suites can access profiles. -Example: -``` -importables = rec { - profiles = digga.lib.importers.rakeLeaves ./profiles; - suites = with profiles; { }; -} -``` -See https://github.com/divnix/digga/pull/30 for more details - - -*_Type_*: -function that evaluates to a(n) attrs or path convertible to it - - - - - - -## outputsBuilder -builder for flake system-spaced outputs -The builder gets passed an attrset of all channels - - -*_Type_*: -function that evaluates to a(n) attrs - - -*_Default_* -``` -"channels: { }" -``` - - - - -## self -The flake to create the devos outputs for - -*_Type_*: -nix flake - - - - - - -## supportedSystems -The systems supported by this flake - - -*_Type_*: -list of strings - - -*_Default_* -``` -["aarch64-linux","i686-linux","x86_64-darwin","x86_64-linux"] -``` - - - diff --git a/doc/outputs/pkgs.md b/doc/outputs/pkgs.md index 58ce52bd..548667ff 100644 --- a/doc/outputs/pkgs.md +++ b/doc/outputs/pkgs.md @@ -13,16 +13,6 @@ the supported systems listed in the package's `meta.platforms` attribute. And, as usual, every package in the overlay is also available to any NixOS [host](../concepts/hosts.md). -## Automatic Source Updates -There is the added, but optional, convenience of declaring your sources in -_pkgs/flake.nix_ as an input. You can then access them from the `srcs` package. -This allows updates to be managed automatically by simply -[updating](../flk/update.md#updating-package-sources) the lock file. No -more manually entering sha256 hashes! - -As an added bonus, version strings are also generated automatically from either -the flake ref, or the date and git revision of the source. - ## Example pkgs/development/libraries/libinih/default.nix: ```nix diff --git a/doc/start/bootstrapping.md b/doc/start/bootstrapping.md index 873af32e..f4c5190e 100644 --- a/doc/start/bootstrapping.md +++ b/doc/start/bootstrapping.md @@ -20,29 +20,32 @@ partition to `/mnt/boot`: ```console $ mount /dev/disk/by-label/nixos /mnt $ mkdir -p /mnt/boot && mount /dev/disk/by-label/boot /mnt/boot # UEFI only -$ swapon /dev/$your_swap_partition +$ swapon /dev/disk/by-label/swap +``` + +Add some extra space to the store. In the iso, it's running on a tmpfs +off your RAM: +```console +$ mkdir -p /mnt/tmpstore/{work,store} +$ mount -t overlay overlay -olowerdir=/nix/store,upperdir=/mnt/tmpstore/store,workdir=/mnt/tmpstore/work /nix/store ``` ## Install -Install using the `flk` wrapper baked into the iso off of a copy of devos -from the time the iso was built: +Install off of a copy of devos from the time the iso was built: ```console $ cd /iso/devos -$ nix develop -$ flk install NixOS --impure # use same host as above +$ nixos-install --flake .#NixOS ``` - - ## Notes of interest ### Remote access to the live installer The iso live installer comes preconfigured with a network configuration which announces it's hostname via [MulticastDNS][mDNS] as `hostname.local`, -that is `NixOS.local` in the [iso example](./iso). +that is `bootstrap.local` in the [iso example](./iso). In the rare case that [MulticastDNS][mDNS] is not availabe or turned off in your network, there is a static link-local IPv6 address configured to @@ -66,7 +69,7 @@ You can then ssh into the live installer through one of the following options: ```console -ssh root@NixOS.local +ssh root@bootstrap.local ssh root@fe80::47%eno1 # where eno1 is your network interface on which you are linked to the target ``` diff --git a/doc/start/iso.md b/doc/start/iso.md index efa515a0..76af1c6e 100644 --- a/doc/start/iso.md +++ b/doc/start/iso.md @@ -1,14 +1,12 @@ # ISO -Making and writing an installable iso for `hosts/NixOS.nix` is as simple as: +Making and writing an installable iso for `hosts/bootstrap.nix` is as simple as: ```sh -flk iso NixOS - -dd bs=4M if=result/iso/*.iso of=/dev/$your_installation_device \ - status=progress oflag=sync +bud build bootstrap bootstrapIso +sudo -E $(which bud) burn ``` -This works for any file matching `hosts/*.nix` excluding `default.nix`. +This works for any host. ## ISO image nix store & cache diff --git a/flake.lock b/flake.lock index 868ba07e..169c0844 100644 --- a/flake.lock +++ b/flake.lock @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1626456025, - "narHash": "sha256-TrKfxVir+TilnqSNYokxJKx2ugEem7Khv4YmSwqj9JQ=", + "lastModified": 1627855680, + "narHash": "sha256-snDOrUp8nth2Vs3GeEXr7Xji+HaHy25htZLNvid/U3I=", "owner": "divnix", "repo": "bud", - "rev": "59c10c3879b11371944ab664462fe2e9366cfb44", + "rev": "612228a68d404d559405225427a5d8b3cef9d27c", "type": "github" }, "original": { @@ -59,38 +59,6 @@ "type": "github" } }, - "ci-agent": { - "inputs": { - "flake-compat": [ - "digga", - "deploy", - "flake-compat" - ], - "nix-darwin": [ - "darwin" - ], - "nixos-20_09": [ - "nixos" - ], - "nixos-unstable": [ - "latest" - ], - "pre-commit-hooks-nix": "pre-commit-hooks-nix" - }, - "locked": { - "lastModified": 1626066948, - "narHash": "sha256-rBo4nCPyAHb1e/9ysYGH7tW1FV0N2XNvRcJR+g8gugA=", - "owner": "hercules-ci", - "repo": "hercules-ci-agent", - "rev": "7f3265cc42d5f364066c145939ee2812938b991c", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "hercules-ci-agent", - "type": "github" - } - }, "darwin": { "inputs": { "nixpkgs": [ @@ -116,18 +84,20 @@ "flake-compat": "flake-compat", "naersk": "naersk", "nixpkgs": [ + "digga", "nixpkgs" ], "utils": [ + "digga", "flake-utils" ] }, "locked": { - "lastModified": 1625729093, - "narHash": "sha256-hpo8T7mlVEpHpZIYqhxqt5i/XY8eu4p66MrAg/MCuVY=", + "lastModified": 1628068208, + "narHash": "sha256-akJBkj6os4bjO1drhketJvXNC21yPuy4ufL2pyius4M=", "owner": "serokell", "repo": "deploy-rs", - "rev": "587cbcfe8d3ea05c5bb153764d3617012ef28c86", + "rev": "d72174307d5b88ec24cc2e69e875228fe3d642ed", "type": "github" }, "original": { @@ -157,6 +127,7 @@ "deploy": "deploy", "devshell": "devshell", "flake-utils": "flake-utils", + "flake-utils-plus": "flake-utils-plus", "home-manager": [ "home" ], @@ -166,20 +137,18 @@ "nixos-generators": "nixos-generators", "nixpkgs": [ "nixos" - ], - "utils": "utils" + ] }, "locked": { - "lastModified": 1626470112, - "narHash": "sha256-hC5I3A1HxfGi45avpYBf8zXi1hQkHYWgRgUM4sF9byI=", + "lastModified": 1628211944, + "narHash": "sha256-2q1dNUzitVd0JNRHYTubbyb8ks3fL9hPJOvQgofxELE=", "owner": "divnix", "repo": "digga", - "rev": "f25928ed0bf05ab20af5a8231d264ae01b42ab34", + "rev": "760bb9c29063258ba547145de0ab96acd7eba4c0", "type": "github" }, "original": { "owner": "divnix", - "ref": "develop", "repo": "digga", "type": "github" } @@ -215,13 +184,35 @@ "type": "github" } }, + "flake-utils-plus": { + "inputs": { + "flake-utils": [ + "digga", + "flake-utils" + ] + }, + "locked": { + "lastModified": 1627071952, + "narHash": "sha256-FhE0KOuI9Kl4eyGJXu4bh9fBP2hbxjnD1DlKHljCcYs=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "51a82925db31073bc4822c9b538a0a3ebf1134b2", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "ref": "staging", + "repo": "flake-utils-plus", + "type": "github" + } + }, "flake-utils_2": { "locked": { - "lastModified": 1619345332, - "narHash": "sha256-qHnQkEp1uklKTpx3MvKtY6xzgcqXDsz5nLilbbuL+3A=", + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", "owner": "numtide", "repo": "flake-utils", - "rev": "2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", "type": "github" }, "original": { @@ -253,16 +244,18 @@ }, "latest": { "locked": { - "lastModified": 1626529037, - "narHash": "sha256-Q1vbk2fgE43JgjvTBdghZ70ParF2ek/jTn62ACkU8Fw=", - "owner": "NixOS", + "lastModified": 1627942574, + "narHash": "sha256-guUcGRWvY2mfiVSet2x/zeHIyflm2wgglj0ldg0mMio=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "5f069e17541ac5cd240fced18687cef190080be3", + "rev": "c464dc811babfe316ed4ab7bbc12351122e69dd7", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" } }, "naersk": { @@ -312,11 +305,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1620663773, - "narHash": "sha256-Nfc2g9xUCPYBFKE5O7OdrDpCVspwk64S8EbsDYoY38c=", + "lastModified": 1628492639, + "narHash": "sha256-ffF/oEhLs/stAsXXobruKHyH9jnMC2rt/SM3ASrs2U8=", "owner": "dramforever", "repo": "nix-dram", - "rev": "86485e22621b17bcc4472889eedbd562498bb5a2", + "rev": "fba426108ea6bdeb1e362bac9da06cbd33726f41", "type": "github" }, "original": { @@ -327,25 +320,28 @@ }, "nixos": { "locked": { - "lastModified": 1626527571, - "narHash": "sha256-+X2GhKfkuLUYs8wVQPUKZULX3OvaNn2KwrvhoxQk9SA=", - "owner": "NixOS", + "lastModified": 1628203131, + "narHash": "sha256-jQgXeJ9NQQS0Eobb/qQOvS+RRULkqRikAeXkkFKOPDA=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "0a96dbc8b6bd4874ef0f55ce30ec7bdf1cb09452", + "rev": "178da37860823d35e801c7df2f73d7866d3d598a", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "nixos", "ref": "release-21.05", - "type": "indirect" + "repo": "nixpkgs", + "type": "github" } }, "nixos-generators": { "inputs": { "nixlib": [ + "digga", "nixlib" ], "nixpkgs": [ + "digga", "blank" ] }, @@ -380,11 +376,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1620340338, - "narHash": "sha256-Op/4K0+Z9Sp5jtFH0s/zMM4H7VFZxrekcAmjQ6JpQ4w=", + "lastModified": 1626556499, + "narHash": "sha256-c2ueMT7fi/yvCNq3nGLEC2v5GklS7eHpB1240LRSW9Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63586475587d7e0e078291ad4b49b6f6a6885100", + "rev": "b59c06dc92f8d03660eb4155754d93a6c34cda83", "type": "github" }, "original": { @@ -396,11 +392,12 @@ }, "nur": { "locked": { - "lastModified": 1626202371, - "narHash": "sha256-thj8msabJEeAfuC/6Zb4jZnnJ7SfcLUZEY0TjXhFQNs=", - "path": "/nix/store/z9h5jj2b9ls0q3mkvhdz5s05ly7m20k7-source", - "rev": "c10216f94e7e99a05f515a8bdc87d5b460164f1a", - "type": "path" + "lastModified": 1626378135, + "narHash": "sha256-koC6DBYmLCrgXA+AMHVaODf1uHYPmvcFygHfy3eg6vI=", + "owner": "nix-community", + "repo": "NUR", + "rev": "00c2ec8f0bbdf0cfb2135bde55fbae5d6b64aa6d", + "type": "github" }, "original": { "id": "nur", @@ -416,7 +413,7 @@ ], "flake-utils": [ "digga", - "utils", + "flake-utils-plus", "flake-utils" ], "nixpkgs": [ @@ -424,11 +421,11 @@ ] }, "locked": { - "lastModified": 1626443440, - "narHash": "sha256-9xDWqVcLxAiRC/g/JnSfsj+s/Ont0fZjczAH9pqqBdg=", + "lastModified": 1627523399, + "narHash": "sha256-j9CgnUQpWcb8OB4LRzPW8BdxvmoROJptgptDlPA8Heo=", "owner": "berberman", "repo": "nvfetcher", - "rev": "ba3366421ff66a06f4176780dff5e8373512bfba", + "rev": "fb8f2cc770ad3dd3e29d7ba3004692d4d53fba9b", "type": "github" }, "original": { @@ -437,22 +434,6 @@ "type": "github" } }, - "pre-commit-hooks-nix": { - "flake": false, - "locked": { - "lastModified": 1622650193, - "narHash": "sha256-qSzUpJDv04ajS9FXoCq6NjVF3qOt9IiGIiGh0P8amyw=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "0398f0649e0a741660ac5e8216760bae5cc78579", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", @@ -461,7 +442,6 @@ "blank" ], "bud": "bud", - "ci-agent": "ci-agent", "darwin": "darwin", "deploy": [ "digga", @@ -472,6 +452,10 @@ "digga", "flake-utils" ], + "flake-utils-plus": [ + "digga", + "flake-utils-plus" + ], "home": "home", "latest": "latest", "naersk": "naersk_2", @@ -486,32 +470,7 @@ "nixos" ], "nur": "nur", - "nvfetcher": "nvfetcher", - "utils": [ - "digga", - "utils" - ] - } - }, - "utils": { - "inputs": { - "flake-utils": [ - "flake-utils" - ] - }, - "locked": { - "lastModified": 1626288344, - "narHash": "sha256-TioHDqWJkw37jjx4DVrH6LCzwrUfAqXbWl4rKR91fpA=", - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "rev": "5c6ee69f6957afc2fe22c094717d6d78516418b5", - "type": "github" - }, - "original": { - "owner": "gytis-ivaskevicius", - "ref": "staging", - "repo": "flake-utils-plus", - "type": "github" + "nvfetcher": "nvfetcher" } } }, diff --git a/flake.nix b/flake.nix index 17708acb..4684fc56 100644 --- a/flake.nix +++ b/flake.nix @@ -7,10 +7,10 @@ inputs = { - nixos.url = "nixpkgs/release-21.05"; - latest.url = "nixpkgs"; + nixos.url = "github:nixos/nixpkgs/release-21.05"; + latest.url = "github:nixos/nixpkgs/nixos-unstable"; - digga.url = "github:divnix/digga/develop"; + digga.url = "github:divnix/digga"; digga.inputs.nixpkgs.follows = "nixos"; digga.inputs.nixlib.follows = "nixos"; digga.inputs.home-manager.follows = "home"; @@ -33,13 +33,7 @@ nvfetcher.url = "github:berberman/nvfetcher"; nvfetcher.inputs.nixpkgs.follows = "latest"; nvfetcher.inputs.flake-compat.follows = "digga/deploy/flake-compat"; - nvfetcher.inputs.flake-utils.follows = "digga/utils/flake-utils"; - - ci-agent.url = "github:hercules-ci/hercules-ci-agent"; - ci-agent.inputs.nix-darwin.follows = "darwin"; - ci-agent.inputs.nixos-20_09.follows = "nixos"; - ci-agent.inputs.nixos-unstable.follows = "latest"; - ci-agent.inputs.flake-compat.follows = "digga/deploy/flake-compat"; + nvfetcher.inputs.flake-utils.follows = "digga/flake-utils-plus/flake-utils"; naersk.url = "github:nmattia/naersk"; naersk.inputs.nixpkgs.follows = "latest"; @@ -51,7 +45,7 @@ nixpkgs.follows = "nixos"; nixlib.follows = "digga/nixlib"; blank.follows = "digga/blank"; - utils.follows = "digga/utils"; + flake-utils-plus.follows = "digga/flake-utils-plus"; flake-utils.follows = "digga/flake-utils"; # end ANTI CORRUPTION LAYER @@ -64,7 +58,6 @@ , digga , bud , nixos - , ci-agent , home , nixos-hardware , nur @@ -74,9 +67,6 @@ , nix-dram , ... } @ inputs: - let - bud' = bud self; # rebind to access self.budModules - in digga.lib.mkFlake { inherit self inputs; @@ -85,7 +75,7 @@ channels = { nixos = { - imports = [ (digga.lib.importers.overlays ./overlays) ]; + imports = [ (digga.lib.importOverlays ./overlays) ]; overlays = [ digga.overlays.patchedNix nur.overlay @@ -114,25 +104,25 @@ hostDefaults = { system = "x86_64-linux"; channelName = "nixos"; - imports = [ (digga.lib.importers.modules ./modules) ]; + imports = [ (digga.lib.importModules ./modules) ]; externalModules = [ { lib.our = self.lib; } + digga.nixosModules.bootstrapIso digga.nixosModules.nixConfig - ci-agent.nixosModules.agent-profile home.nixosModules.home-manager agenix.nixosModules.age - (bud.nixosModules.bud bud') + bud.nixosModules.bud ]; }; - imports = [ (digga.lib.importers.hosts ./hosts) ]; + imports = [ (digga.lib.importHosts ./hosts) ]; hosts = { /* set host specific properties here */ NixOS = { }; }; importables = rec { - profiles = digga.lib.importers.rakeLeaves ./profiles // { - users = digga.lib.importers.rakeLeaves ./users; + profiles = digga.lib.rakeLeaves ./profiles // { + users = digga.lib.rakeLeaves ./users; }; suites = with profiles; rec { base = [ core users.nixos users.root ]; @@ -143,10 +133,10 @@ }; home = { - imports = [ (digga.lib.importers.modules ./users/modules) ]; + imports = [ (digga.lib.importModules ./users/modules) ]; externalModules = [ ]; importables = rec { - profiles = digga.lib.importers.rakeLeaves ./users/profiles; + profiles = digga.lib.rakeLeaves ./users/profiles; suites = with profiles; rec { base = [ direnv git ]; }; @@ -156,7 +146,7 @@ }; # digga.lib.importers.rakeLeaves ./users/hm; }; - devshell.modules = [ (import ./shell bud') ]; + devshell = ./shell; homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; @@ -169,7 +159,7 @@ } // { - budModules = { devos = import ./pkgs/bud; }; + budModules = { devos = import ./bud; }; } ; } diff --git a/hosts/bootstrap.nix b/hosts/bootstrap.nix new file mode 100644 index 00000000..d491855d --- /dev/null +++ b/hosts/bootstrap.nix @@ -0,0 +1,18 @@ +{ profiles, ... }: +{ + # build with: `bud build bootstrap bootstrapIso` + # reachable on the local link via ssh root@fe80::47%eno1 + # where 'eno1' is replaced by your own machine's network + # interface that has the local link to the target machine + imports = [ + # profiles.networking + profiles.core + profiles.users.root # make sure to configure ssh keys + profiles.users.nixos + ]; + + boot.loader.systemd-boot.enable = true; + + # will be overridden by the bootstrapIso instrumentation + fileSystems."/" = { device = "/dev/disk/by-label/nixos"; }; +} diff --git a/modules/customBuilds.nix b/modules/customBuilds.nix deleted file mode 100644 index d7757c6b..00000000 --- a/modules/customBuilds.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ lib, pkgs, self, config, modules, channel, ... }: -{ - system.build = { - iso = (config.lib.digga.mkBuild - (config.lib.digga.modules.isoConfig { - inherit self; - fullHostConfig = config; - }) - ).config.system.build.isoImage; - }; -} diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix index 0d13ac01..71be3965 100644 --- a/pkgs/_sources/generated.nix +++ b/pkgs/_sources/generated.nix @@ -12,6 +12,5 @@ leaveDotGit = false; sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs"; }; - }; } diff --git a/shell/default.nix b/shell/default.nix index edad83c0..aef90a55 100644 --- a/shell/default.nix +++ b/shell/default.nix @@ -1,63 +1,10 @@ -bud: -{ pkgs, extraModulesPath, ... }: -let - - hooks = import ./hooks; - - pkgWithCategory = category: package: { inherit package category; }; - linter = pkgWithCategory "linter"; - docs = pkgWithCategory "docs"; - devos = pkgWithCategory "devos"; - -in +{ self, inputs, ... }: { - _file = toString ./.; - - imports = [ "${extraModulesPath}/git/hooks.nix" ]; - git = { inherit hooks; }; - - # tempfix: remove when merged https://github.com/numtide/devshell/pull/123 - devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry '' - # PATH is devshell's exorbitant privilige: - # fence against its pollution - _PATH=''${PATH} - # Load installed profiles - for file in "$DEVSHELL_DIR/etc/profile.d/"*.sh; do - # If that folder doesn't exist, bash loves to return the whole glob - [[ -f "$file" ]] && source "$file" - done - # Exert exorbitant privilige and leave no trace - export PATH=''${_PATH} - unset _PATH - ''); - - packages = with pkgs; [ - git-crypt + externalModules = with inputs; [ + bud.devshellModules.bud + ]; + modules = [ + ./devos.nix ]; - - commands = with pkgs; [ - (devos (bud { inherit pkgs; })) - (devos nixUnstable) - (devos agenix) - { - category = "devos"; - name = pkgs.nvfetcher-bin.pname; - help = pkgs.nvfetcher-bin.meta.description; - command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml --no-output $@; nixpkgs-fmt _sources/"; - } - (linter nixpkgs-fmt) - (linter editorconfig-checker) - # (docs python3Packages.grip) too many deps - (docs mdbook) - ] - - ++ lib.optional - (pkgs ? deploy-rs) - (devos deploy-rs.deploy-rs) - - ++ lib.optional - (system != "i686-linux") - (devos cachix) - - ; } + diff --git a/shell/devos.nix b/shell/devos.nix new file mode 100644 index 00000000..128b45c3 --- /dev/null +++ b/shell/devos.nix @@ -0,0 +1,61 @@ +{ pkgs, extraModulesPath, ... }: +let + + hooks = import ./hooks; + + pkgWithCategory = category: package: { inherit package category; }; + linter = pkgWithCategory "linter"; + docs = pkgWithCategory "docs"; + devos = pkgWithCategory "devos"; + +in +{ + _file = toString ./.; + + imports = [ "${extraModulesPath}/git/hooks.nix" ]; + git = { inherit hooks; }; + + # tempfix: remove when merged https://github.com/numtide/devshell/pull/123 + devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry '' + # PATH is devshell's exorbitant privilige: + # fence against its pollution + _PATH=''${PATH} + # Load installed profiles + for file in "$DEVSHELL_DIR/etc/profile.d/"*.sh; do + # If that folder doesn't exist, bash loves to return the whole glob + [[ -f "$file" ]] && source "$file" + done + # Exert exorbitant privilige and leave no trace + export PATH=''${_PATH} + unset _PATH + ''); + + packages = with pkgs; [ + git-crypt + ]; + + commands = with pkgs; [ + (devos nixUnstable) + (devos agenix) + { + category = "devos"; + name = pkgs.nvfetcher-bin.pname; + help = pkgs.nvfetcher-bin.meta.description; + command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml --no-output $@"; + } + (linter nixpkgs-fmt) + (linter editorconfig-checker) + # (docs python3Packages.grip) too many deps + (docs mdbook) + ] + + ++ lib.optional + (pkgs ? deploy-rs) + (devos deploy-rs.deploy-rs) + + ++ lib.optional + (system != "i686-linux") + (devos cachix) + + ; +} diff --git a/users/profiles/direnv/default.nix b/users/profiles/direnv/default.nix index 2b51c9d2..d345e2d3 100644 --- a/users/profiles/direnv/default.nix +++ b/users/profiles/direnv/default.nix @@ -1,6 +1,9 @@ { programs.direnv = { enable = true; - nix-direnv.enable = true; + nix-direnv = { + enable = true; + enableFlakes = true; + }; }; }