From 473604f5675c455a65b91e287b125a9e042ae39f Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sat, 10 Apr 2021 18:05:16 +0200 Subject: refactor: Move nixpkgs attribute to `third_party.nixpkgs` Please read b/108 to make sense of this. This gets rid of the explicit list of exposed packages from nixpkgs, and instead makes the entire package set available at `third_party.nixpkgs`. To accommodate this, a LOT of things have to be very slightly shuffled around. Some of this was done in already submitted CLs, but this change is unfortunately still quite noisy. Pay extra attention to: * overlay-like functionality that was partially moved to actual overlays (partially as in, the minimum required to get a green build) * modified uses of the package set path, esp. in NixOS systems Special notes: * xanthous has been disabled in CI because of issues with the Haskell overlay * //third_party/nix has been disabled because of other unclear dependency issues Both of these will be tackled in a followup CL. Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910 Reviewed-by: glittershark Reviewed-by: sterni Tested-by: BuildkiteCI --- default.nix | 10 +- fun/idual/default.nix | 8 +- ops/nixos/default.nix | 6 +- ops/nixos/whitby/default.nix | 16 +- third_party/default.nix | 94 +++------ third_party/ffmpeg/default.nix | 12 -- third_party/git/default.nix | 8 +- third_party/grpc/default.nix | 6 +- third_party/gtest/default.nix | 2 +- third_party/nix/default.nix | 26 ++- third_party/nix/test-vm.nix | 6 +- third_party/nixpkgs-exposed/.skip-subtree | 1 - third_party/nixpkgs-exposed/OWNERS | 8 - third_party/nixpkgs-exposed/exposed/default.nix | 210 --------------------- third_party/nixpkgs/default.nix | 56 ++++++ third_party/notmuch/default.nix | 3 +- third_party/openldap/default.nix | 2 +- third_party/overlays/haskell/default.nix | 59 +++--- third_party/overlays/tvl.nix | 27 +++ third_party/protobuf/default.nix | 2 +- third_party/rr/default.nix | 16 -- users/Profpatsch/writers/tests/default.nix | 4 +- users/glittershark/achilles/default.nix | 4 +- users/glittershark/owothia/default.nix | 6 +- users/glittershark/pkgs/fprintd/default.nix | 6 +- users/glittershark/system/home/default.nix | 8 +- .../system/home/modules/development.nix | 2 +- users/glittershark/system/system/default.nix | 14 +- users/glittershark/system/system/iso.nix | 10 +- users/glittershark/xanthous/default.nix | 4 +- users/glittershark/xanthous/pkg.nix | 10 +- users/tazjin/aoc2020/default.nix | 4 +- users/tazjin/atom-feed/default.nix | 4 +- users/tazjin/blog/default.nix | 4 +- users/tazjin/blog/fragments.nix | 4 +- users/tazjin/dt/default.nix | 6 +- users/tazjin/emacs/default.nix | 10 +- users/tazjin/homepage/default.nix | 6 +- users/tazjin/nixos/camden/default.nix | 5 +- users/tazjin/nixos/frog/default.nix | 37 ++-- users/tazjin/nixos/tverskoy/default.nix | 12 +- users/tazjin/renderMarkdown.nix | 4 +- users/tazjin/rlox/default.nix | 4 +- web/cgit-taz/default.nix | 14 +- web/converse/default.nix | 4 +- web/todolist/default.nix | 4 +- 46 files changed, 278 insertions(+), 490 deletions(-) delete mode 100644 third_party/ffmpeg/default.nix delete mode 100644 third_party/nixpkgs-exposed/.skip-subtree delete mode 100644 third_party/nixpkgs-exposed/OWNERS delete mode 100644 third_party/nixpkgs-exposed/exposed/default.nix create mode 100644 third_party/nixpkgs/default.nix create mode 100644 third_party/overlays/tvl.nix delete mode 100644 third_party/rr/default.nix diff --git a/default.nix b/default.nix index 15224b9cabd6..ee2207757494 100644 --- a/default.nix +++ b/default.nix @@ -19,11 +19,11 @@ let inherit depot; # Expose lib attribute to packages. - inherit (depot) lib; + inherit (depot.third_party.nixpkgs) lib; # Pass third_party as 'pkgs' (for compatibility with external # imports for certain subdirectories) - pkgs = depot.third_party; + pkgs = depot.third_party.nixpkgs; }; readTree' = import ./nix/readTree {}; @@ -75,9 +75,6 @@ in fix(self: { __readTree = []; config = config self; - # Elevate 'lib' from nixpkgs - lib = import (self.third_party.nixpkgsSrc + "/lib"); - # Expose readTree for downstream repo consumers. readTree = { __functor = x: (readTree' x.config); @@ -97,6 +94,9 @@ in fix(self: { # generate pipelines because that also leads to infinite # recursion. ops = self.ops // { pipelines = null; }; + + # remove nixpkgs from the set, for obvious reasons. + third_party = self.third_party // { nixpkgs = null; }; }); } diff --git a/fun/idual/default.nix b/fun/idual/default.nix index 1ac87ab47f0f..877ab7d3929d 100644 --- a/fun/idual/default.nix +++ b/fun/idual/default.nix @@ -1,7 +1,7 @@ -{ pkgs, lib, ... }: +{ depot, pkgs, lib, ... }: let - inherit (pkgs) python python3 python3Packages; + inherit (pkgs) python3 python3Packages; opts = { pname = "idualctl"; @@ -9,12 +9,12 @@ let src = ./.; propagatedBuildInputs = [ - python.broadlink + depot.third_party.python.broadlink ]; }; package = python3Packages.buildPythonPackage opts; script = python3Packages.buildPythonApplication opts; -in { +in depot.nix.utils.drvTargets { inherit script; python = python3.withPackages (_: [ package ]); setAlarm = pkgs.writeShellScriptBin "set-alarm" '' diff --git a/ops/nixos/default.nix b/ops/nixos/default.nix index fc3508b52919..8be700b104a7 100644 --- a/ops/nixos/default.nix +++ b/ops/nixos/default.nix @@ -8,9 +8,7 @@ # situation. { depot, lib, pkgs, ... }@args: -let - inherit (lib) findFirst isAttrs; - nixos = import "${depot.third_party.nixpkgsSrc}/nixos"; +let inherit (lib) findFirst isAttrs; in rec { whitby = import ./whitby/default.nix args; @@ -25,7 +23,7 @@ in rec { }; }; - nixosFor = configuration: (nixos { + nixosFor = configuration: (depot.third_party.nixos { configuration = { ... }: { imports = [ baseModule diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix index 3c1c1f14bf51..394b79c21ba1 100644 --- a/ops/nixos/whitby/default.nix +++ b/ops/nixos/whitby/default.nix @@ -1,10 +1,8 @@ -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: let inherit (builtins) listToAttrs; inherit (lib) range; - - nixpkgs = import depot.third_party.nixpkgsSrc {}; in lib.fix(self: { imports = [ "${depot.depotPath}/ops/nixos/clbot.nix" @@ -27,7 +25,7 @@ in lib.fix(self: { "${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix" "${depot.depotPath}/ops/nixos/www/tvl.fyi.nix" "${depot.depotPath}/ops/nixos/www/wigglydonke.rs.nix" - "${depot.third_party.nixpkgsSrc}/nixos/modules/services/web-apps/gerrit.nix" + "${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix" ]; hardware = { @@ -140,14 +138,14 @@ in lib.fix(self: { # Generate an immutable /etc/resolv.conf from the nameserver settings # above (otherwise DHCP overwrites it): environment.etc."resolv.conf" = with lib; { - source = depot.third_party.writeText "resolv.conf" '' + source = pkgs.writeText "resolv.conf" '' ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)} options edns0 ''; }; # Disable background git gc system-wide, as it has a tendency to break CI. - environment.etc."gitconfig".source = depot.third_party.writeText "gitconfig" '' + environment.etc."gitconfig".source = pkgs.writeText "gitconfig" '' [gc] autoDetach = false ''; @@ -304,7 +302,7 @@ in lib.fix(self: { bindAddress = "localhost"; }; - environment.systemPackages = with nixpkgs; [ + environment.systemPackages = with pkgs; [ bb curl emacs-nox @@ -332,7 +330,7 @@ in lib.fix(self: { # Regularly back up whitby to Google Cloud Storage. systemd.services.restic = { description = "Backups to Google Cloud Storage"; - script = "${nixpkgs.restic}/bin/restic backup /var/lib/gerrit /var/backup/postgresql"; + script = "${pkgs.restic}/bin/restic backup /var/lib/gerrit /var/backup/postgresql"; environment = { GOOGLE_PROJECT_ID = "tazjins-infrastructure"; @@ -369,7 +367,7 @@ in lib.fix(self: { users.tazjin = { isNormalUser = true; extraGroups = [ "git" "wheel" ]; - shell = nixpkgs.fish; + shell = pkgs.fish; openssh.authorizedKeys.keys = depot.users.tazjin.keys.all; }; diff --git a/third_party/default.nix b/third_party/default.nix index 774e634f9cef..0b1e94c7f86c 100644 --- a/third_party/default.nix +++ b/third_party/default.nix @@ -1,73 +1,23 @@ -# This file controls the import of external dependencies (i.e. -# third-party code) into my package tree. +# This file defines the root of all external dependency imports (i.e. +# third-party code) in the TVL package tree. # -# This includes *all packages needed from nixpkgs*. -{ ... }: - -let - # Tracking nixos-unstable as of 2021-03-25. - nixpkgsCommit = "60dd94fb7e01a8288f6638eee71d7cb354c49327"; - nixpkgsSrc = fetchTarball { - url = "https://github.com/NixOS/nixpkgs/archive/${nixpkgsCommit}.tar.gz"; - sha256 = "0skdwk9bdld295kzrymirs8xrzycqmhsclaz8s18jhcz75hb8sk3"; - }; - nixpkgs = import nixpkgsSrc { - config.allowUnfree = true; - config.allowBroken = true; - - # Lutris depends on p7zip, which is considered insecure. - config.permittedInsecurePackages = [ - "p7zip-16.02" - ]; - }; - - # Tracking nixos-20.09 as of 2021-03-25. - stableCommit = "223d0d733a66b46504ea6b4c15f88b7cc4db58fb"; - stableNixpkgsSrc = fetchTarball { - url = "https://github.com/NixOS/nixpkgs/archive/${stableCommit}.tar.gz"; - sha256 = "073327ris0frqa3kpid3nsjr9w8yx2z83xpsc24w898mrs9r7d5v"; - }; - stableNixpkgs = import stableNixpkgsSrc {}; - - exposed = import ./nixpkgs-exposed/exposed { inherit nixpkgs stableNixpkgs; }; - -in exposed.lib.fix(self: exposed // { - callPackage = nixpkgs.lib.callPackageWith self; - - # Provide the source code of nixpkgs, but do not provide an imported - # version of it. - inherit nixpkgsCommit nixpkgsSrc stableNixpkgsSrc; - - # Expose upstream attributes so they can be overridden in readTree nodes - originals = { - inherit (nixpkgs) gtest openldap go grpc notmuch rr; - inherit (stableNixpkgs) git tdlib; - ffmpeg = nixpkgs.ffmpeg-full; - telega = stableNixpkgs.emacsPackages.telega; - - }; - - # Use LLVM 11 - llvmPackages = nixpkgs.llvmPackages_11; - clangStdenv = nixpkgs.llvmPackages_11.stdenv; - stdenv = nixpkgs.llvmPackages_11.stdenv; - - clang-tools = (nixpkgs.clang-tools.override { - llvmPackages = nixpkgs.llvmPackages_11; - }); - - # Provide Emacs 27 - # - # The assert exists because the name of the attribute is unversioned - # (which is different from previous versions). - emacs27 = assert ((exposed.lib.versions.major nixpkgs.emacs.version) == "27"); - nixpkgs.emacs.overrideAttrs(old: { - configureFlags = old.configureFlags ++ [ "--with-cairo" ]; - }); - - emacs27-nox = assert ((exposed.lib.versions.major nixpkgs.emacs.version) == "27"); - nixpkgs.emacs-nox; - - # Make NixOS available - nixos = import "${nixpkgsSrc}/nixos"; -}) +# There are two categories of third-party programs: +# +# 1) Programs in nixpkgs, the NixOS package set. For these, you might +# want to look at //third_party/nixpkgs (for the package set +# imports) and //third_party/overlays (for modifications in these +# imported package sets). +# +# 2) Third-party software packaged in this repository. This is all +# other folders below //third_party, other than the ones mentioned +# above. + +{ pkgs, ... }: + +{ + # Expose a partially applied NixOS, expecting an attribute set with + # a `configuration` key. Exposing it like this makes it possible to + # modify some of the base configuration used by NixOS. passed to + # this. + nixos = import "${pkgs.path}/nixos"; +} diff --git a/third_party/ffmpeg/default.nix b/third_party/ffmpeg/default.nix deleted file mode 100644 index e1b4d759da70..000000000000 --- a/third_party/ffmpeg/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, ... }: - -pkgs.originals.ffmpeg.overrideAttrs(old: { - buildInputs = old.buildInputs ++ [ - pkgs.cudatoolkit.out - ]; - - configureFlags = old.configureFlags ++ [ - "--enable-libnpp" - "--enable-nonfree" - ]; -}) diff --git a/third_party/git/default.nix b/third_party/git/default.nix index 26ea911a597a..05766a8e6bc2 100644 --- a/third_party/git/default.nix +++ b/third_party/git/default.nix @@ -1,15 +1,13 @@ # Use the upstream git derivation (there's a lot of stuff happening in # there!) and just override the source: -{ depot, ... }: +{ pkgs, ... }: -with depot.third_party; - -(originals.git.overrideAttrs(_: { +(pkgs.git.overrideAttrs(_: { version = "2.29.2"; src = ./.; doInstallCheck = false; preConfigure = '' - ${autoconf}/bin/autoreconf -i + ${pkgs.autoconf}/bin/autoreconf -i ''; })).override { sendEmailSupport = true; diff --git a/third_party/grpc/default.nix b/third_party/grpc/default.nix index ad34425e8f05..87ae5d7a32d7 100644 --- a/third_party/grpc/default.nix +++ b/third_party/grpc/default.nix @@ -1,7 +1,7 @@ -{ pkgs, ... }: +{ depot, pkgs, ... }: -(pkgs.originals.grpc.override { - protobuf = pkgs.protobuf; +(pkgs.grpc.override { + protobuf = depot.third_party.protobuf; stdenv = pkgs.llvmPackages.libcxxStdenv; }).overrideAttrs(orig: rec { version = "1.30.0"; diff --git a/third_party/gtest/default.nix b/third_party/gtest/default.nix index 5ca8080b5228..f320c29d234b 100644 --- a/third_party/gtest/default.nix +++ b/third_party/gtest/default.nix @@ -1,6 +1,6 @@ { pkgs, ... }: -(pkgs.originals.gtest.override { +(pkgs.gtest.override { stdenv = pkgs.llvmPackages.libcxxStdenv; }).overrideAttrs(_: { src = pkgs.fetchFromGitHub { diff --git a/third_party/nix/default.nix b/third_party/nix/default.nix index b48551cff0d1..d3adabe2bdd8 100644 --- a/third_party/nix/default.nix +++ b/third_party/nix/default.nix @@ -1,5 +1,6 @@ args@{ - pkgs ? (import ../.. {}).third_party + depot ? (import ../.. {}) +, pkgs ? depot.third_party.nixpkgs , lib , buildType ? "release" , depotPath ? ../.. @@ -43,10 +44,11 @@ let protoSrcs = pkgs.runCommand "nix-proto-srcs" {} '' export PROTO_SRCS=${./src/proto} mkdir -p $out/libproto - ${pkgs.protobuf}/bin/protoc -I=$PROTO_SRCS \ + ${depot.third_party.protobuf}/bin/protoc -I=$PROTO_SRCS \ --cpp_out=$out/libproto \ - --plugin=protoc-gen-grpc=${pkgs.grpc}/bin/grpc_cpp_plugin --grpc_out=$out/libproto \ - $PROTO_SRCS/*.proto + --plugin=protoc-gen-grpc=${depot.third_party.grpc}/bin/grpc_cpp_plugin \ + --grpc_out=$out/libproto \ + $PROTO_SRCS/*.proto ''; # Derivation for busybox that just has the `busybox` binary in bin/, not all @@ -73,7 +75,6 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation { # TODO(tazjin): Some of these might only be required for native inputs buildInputs = with pkgs; [ - abseil_cpp aws-s3-cpp brotli bzip2 @@ -81,16 +82,18 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation { curl editline flex - glog - grpc libseccomp libsodium systemd.dev openssl - protobuf sqlite xz - ]; + ] ++ (with depot.third_party; [ + abseil_cpp + glog + grpc + protobuf + ]); doCheck = false; doInstallCheck = true; @@ -99,8 +102,8 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation { dontStrip = true; installCheckInputs = with pkgs; [ + depot.third_party.gtest fd - gtest rapidcheck ]; @@ -185,6 +188,9 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation { # TODO(tazjin): integration test setup? # TODO(tazjin): docs generation? + # TODO(tazjin): Sort out after CL/2910 lands + meta.ci = false; + passthru = { build-shell = self.overrideAttrs (up: rec { run_clang_tidy = pkgs.writeShellScriptBin "run-clang-tidy" '' diff --git a/third_party/nix/test-vm.nix b/third_party/nix/test-vm.nix index 8f77441b7dbd..550537679c49 100644 --- a/third_party/nix/test-vm.nix +++ b/third_party/nix/test-vm.nix @@ -1,10 +1,9 @@ { depot, pkgs, ... }: let - configuration = { ... }: { imports = [ - "${pkgs.nixpkgsSrc}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" + "${pkgs.path}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" ]; nix.package = depot.third_party.nix; @@ -16,6 +15,5 @@ let ]; }; - system = pkgs.nixos { inherit configuration; }; - + system = depot.third_party.nixos { inherit configuration; }; in system.vm diff --git a/third_party/nixpkgs-exposed/.skip-subtree b/third_party/nixpkgs-exposed/.skip-subtree deleted file mode 100644 index aff471145e46..000000000000 --- a/third_party/nixpkgs-exposed/.skip-subtree +++ /dev/null @@ -1 +0,0 @@ -This subtree is responsible for setting up the read tree arguments in the first place. diff --git a/third_party/nixpkgs-exposed/OWNERS b/third_party/nixpkgs-exposed/OWNERS deleted file mode 100644 index 72c0ac47fb47..000000000000 --- a/third_party/nixpkgs-exposed/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -# The nixpkgs whitelist needs to be changed every time we reference -# a new attribute, so every commiter should be able to change it, -# otherwise we create undue blockers on superowners. -inherited: true -owners: - - Profpatsch - - sterni - - glittershark diff --git a/third_party/nixpkgs-exposed/exposed/default.nix b/third_party/nixpkgs-exposed/exposed/default.nix deleted file mode 100644 index 478b55cb2965..000000000000 --- a/third_party/nixpkgs-exposed/exposed/default.nix +++ /dev/null @@ -1,210 +0,0 @@ -# This file has to be in yet another subdir -# because of how readTree interprets .skip-subtree -# see https://b.tvl.fyi/issues/89 -{ nixpkgs, stableNixpkgs }: -{ - # Inherit the packages from nixos-unstable that should be available inside - # of the repo. They become available under `pkgs.third_party.` - inherit (nixpkgs) - age - atk - autoconf - autoreconfHook - avrdude - avrlibc - bashInteractive - bat - bc - bind - buildBazelPackage - buildFHSUserEnv - buildGoModule - buildGoPackage - buildPackages - buildRustCrate - buildkite-agent - busybox - bzip2 - c-ares - cacert - cachix - cairo - cargo - cgit - clang_11 - cmake - coreutils - cudatoolkit - darwin - dbus-glib - dbus_libs - dfu-programmer - dfu-util - diffutils - docker-compose - dockerTools - emacs27 - emacs27-nox - emacsPackages - emacsPackagesGen - execline - fd - fdtools - fetchFromGitHub - fetchFromGitLab - fetchgit - fetchurl - fetchzip - ffmpeg-full - findutils - fira - fira-code - fira-mono - flamegraph - fontconfig - freetype - gdk-pixbuf - gettext - glibc - glib - gtk3 - gmock - gnused - gnutar - go - google-cloud-sdk - graphviz - gzip - haskell - iana-etc - imagemagickBig - installShellFiles - jdk - jdk11 - jdk11_headless - jetbrains-mono - jq - kontemplate - lib - libappindicator-gtk3 - libredirect - libffi - linuxPackages - linuxPackages_5_11 - lr - luajit - lutris - makeFontsConf - makeWrapper - mandoc - mdbook - meson - mime-types - minify - mkShell - moreutils - nano - ncurses - nginx - ninja - nix - ocamlPackages - openssh - openssl - overrideCC - pandoc - pango - parallel - path - pkgconfig - pkgsCross - plantuml - postgresql - pounce - pulseaudio - python3 - python3Packages - quassel - remarshal - rink - ripgrep - rsync - runCommand - runCommandLocal - runCommandNoCC - rustPlatform - rustc - s6-portable-utils - sbcl - shellcheck - sqlite - stdenvNoCC - stern - substituteAll - symlinkJoin - systemd - tdlib - teensy-loader-cli - terraform_0_12 - texlive - thttpd - tree - tree-sitter - unzip - which - writers - writeShellScript - writeShellScriptBin - writeText - xorg - xz - zlib - zstd; - - # Inherit packages from the stable channel for things that are - # broken on unstable - inherit (stableNixpkgs) - awscli # TODO(grfn): Move back to unstable once it is fixed - ; - - # Required by //third_party/nix - inherit (nixpkgs) - aws-sdk-cpp - bison - boehmgc - boost # urgh - brotli - busybox-sandbox-shell - curl - docbook5 - docbook_xsl_ns - editline - flex - libseccomp - libsodium - libxml2 - libxslt - mercurial - perl - perlPackages - ; - - haskellPackages = (nixpkgs.haskellPackages.override { - overrides = (import ../../overlays/haskell - { /* empty readTree arg */ } - { pkgs = nixpkgs; }); - }); - - gradle_6 = (nixpkgs.gradleGen.override { - java = nixpkgs.jdk11; - jdk = nixpkgs.jdk11; - }).gradleGen rec { - name = "gradle-6.5.1"; - nativeVersion = "0.22-milestone-3"; - - src = builtins.fetchurl { - url = "https://services.gradle.org/distributions/${name}-bin.zip"; - sha256 = "0jmmipjh4fbsn92zpifa5cqg5ws2a4ha0s4jzqhrg4zs542x79sh"; - }; - }; -} diff --git a/third_party/nixpkgs/default.nix b/third_party/nixpkgs/default.nix new file mode 100644 index 000000000000..53adfe81e388 --- /dev/null +++ b/third_party/nixpkgs/default.nix @@ -0,0 +1,56 @@ +# This file imports the pinned nixpkgs sets and applies relevant +# modifications, such as our overlays. +# +# Note that the attribute exposed by this (third_party.nixpkgs) is +# "special" in that the fixpoint used as readTree's config parameter +# in //default.nix passes this attribute as the `pkgs` argument to all +# readTree derivations. + +{ depot, ... }: + +let + # This provides the sources of nixpkgs. We track both + # nixos-unstable, and the current stable channel of the latest NixOS + # release. + + # Tracking nixos-unstable as of 2021-03-25. + unstableHashes = { + commit = "60dd94fb7e01a8288f6638eee71d7cb354c49327"; + sha256 = "0skdwk9bdld295kzrymirs8xrzycqmhsclaz8s18jhcz75hb8sk3"; + }; + + # Tracking nixos-20.09 as of 2021-03-25. + stableHashes = { + commit = "223d0d733a66b46504ea6b4c15f88b7cc4db58fb"; + sha256 = "073327ris0frqa3kpid3nsjr9w8yx2z83xpsc24w898mrs9r7d5v"; + }; + + nixpkgsSrc = fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/${unstableHashes.commit}.tar.gz"; + sha256 = unstableHashes.sha256; + }; + stableNixpkgsSrc = fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/${stableHashes.commit}.tar.gz"; + sha256 = stableHashes.sha256; + }; + + # Stable package set is imported, but not exposed, to overlay + # required packages into the unstable set. + stableNixpkgs = import stableNixpkgsSrc {}; + + # Overlay for packages that should come from the stable channel + # instead (e.g. because something is broken in unstable). + stableOverlay = self: super: { + inherit (stableNixpkgs) + awscli # TODO(grfn): Move back to unstable once it is fixed + ; + }; +in import nixpkgsSrc { + config.allowUnfree = true; + config.allowBroken = true; + overlays = [ + stableOverlay + depot.third_party.overlays.tvl + depot.third_party.overlays.haskell + ]; +} diff --git a/third_party/notmuch/default.nix b/third_party/notmuch/default.nix index 8e1e9c262638..90660837266d 100644 --- a/third_party/notmuch/default.nix +++ b/third_party/notmuch/default.nix @@ -1,6 +1,7 @@ +# Notmuch, but with support for https://dotti.me/ { pkgs, ... }: -pkgs.originals.notmuch.overrideAttrs(old: { +pkgs.notmuch.overrideAttrs(old: { doCheck = false; patches = [ ./dottime.patch ] ++ (if old ? patches then old.patches else []); }) diff --git a/third_party/openldap/default.nix b/third_party/openldap/default.nix index 92de8d3fea7f..aed051c4e067 100644 --- a/third_party/openldap/default.nix +++ b/third_party/openldap/default.nix @@ -6,7 +6,7 @@ # derivation to include this module. { pkgs, ... }: -pkgs.originals.openldap.overrideAttrs(old: { +pkgs.openldap.overrideAttrs(old: { buildInputs = old.buildInputs ++ [ pkgs.libsodium ]; postBuild = '' diff --git a/third_party/overlays/haskell/default.nix b/third_party/overlays/haskell/default.nix index 975918803e29..7b17e61e3e02 100644 --- a/third_party/overlays/haskell/default.nix +++ b/third_party/overlays/haskell/default.nix @@ -1,34 +1,41 @@ -# Defines overrides for Haskell packages, for example to avoid -# breakage currently present in nixpkgs or to modify package versions. +# Defines an overlay for overriding Haskell packages, for example to +# avoid breakage currently present in nixpkgs or to modify package +# versions. { ... }: # This file needs nothing from readTree -{ pkgs }: # ... but is called with a separate package set in the overlay -self: super: with pkgs.haskell.lib; rec { - generic-arbitrary = appendPatch - super.generic-arbitrary - [ ./patches/generic-arbitrary-export-garbitrary.patch ]; +self: super: # overlay parameters for the nixpkgs overlay - random = dontCheck (self.callHackageDirect { - pkg = "random"; - ver = "1.2.0"; - sha256 = "06s3mmqbsfwv09j2s45qnd66nrxfp9280gnl9ng8yh128pfr7bjh"; - } {}); +let + overrides = hsSelf: hsSuper: with super.haskell.lib; rec { + generic-arbitrary = appendPatch hsSuper.generic-arbitrary + [ ./patches/generic-arbitrary-export-garbitrary.patch ]; - # random <1.2 - test-framework = doJailbreak super.test-framework; - hashable = doJailbreak super.hashable; - test-framework-quickcheck2 = doJailbreak super.test-framework-quickcheck2; + # random = dontCheck (hsSuper.callHackageDirect { + # pkg = "random"; + # ver = "1.2.0"; + # sha256 = "06s3mmqbsfwv09j2s45qnd66nrxfp9280gnl9ng8yh128pfr7bjh"; + # } {}); - # can be removed if we have the following PR or equivalent - # https://github.com/NixOS/nixpkgs/pull/116931 - hedgehog-classes = overrideCabal super.hedgehog-classes (attrs: { - # remove version bound on semirings which is inside a - # conditional, so doJailbreak doesn't work - prePatch = '' - sed -i 's|semirings.*0.6|semirings|g' hedgehog-classes.cabal - ''; - }); + # random <1.2 + test-framework = doJailbreak hsSuper.test-framework; + hashable = doJailbreak hsSuper.hashable; + test-framework-quickcheck2 = doJailbreak hsSuper.test-framework-quickcheck2; - hgeometry-combinatorial = dontCheck super.hgeometry-combinatorial; + # can be removed if we have the following PR or equivalent + # https://github.com/NixOS/nixpkgs/pull/116931 + hedgehog-classes = overrideCabal hsSuper.hedgehog-classes (attrs: { + # remove version bound on semirings which is inside a + # conditional, so doJailbreak doesn't work + prePatch = '' + sed -i 's|semirings.*0.6|semirings|g' hedgehog-classes.cabal + ''; + }); + + hgeometry-combinatorial = dontCheck hsSuper.hgeometry-combinatorial; + }; +in { + haskellPackages = super.haskellPackages.override { + inherit overrides; + }; } diff --git a/third_party/overlays/tvl.nix b/third_party/overlays/tvl.nix new file mode 100644 index 000000000000..01f7156ff19b --- /dev/null +++ b/third_party/overlays/tvl.nix @@ -0,0 +1,27 @@ +# This overlay is used to make TVL-specific modifications in the +# nixpkgs tree, where required. +{ ... }: + +self: super: { + # Required for apereo-cas + # TODO(lukegb): Document why? + gradle_6 = (super.gradleGen.override { + java = self.jdk11; + jdk = self.jdk11; + }).gradleGen rec { + name = "gradle-6.5.1"; + nativeVersion = "0.22-milestone-3"; + + src = builtins.fetchurl { + url = "https://services.gradle.org/distributions/${name}-bin.zip"; + sha256 = "0jmmipjh4fbsn92zpifa5cqg5ws2a4ha0s4jzqhrg4zs542x79sh"; + }; + }; + + # Use LLVM 11 + llvmPackages = self.llvmPackages_11; + clangStdenv = self.llvmPackages_11.stdenv; + clang-tools = (super.clang-tools.override { + llvmPackages = self.llvmPackages_11; + }); +} diff --git a/third_party/protobuf/default.nix b/third_party/protobuf/default.nix index ce4a2f8aa5b4..c9e34b2fc309 100644 --- a/third_party/protobuf/default.nix +++ b/third_party/protobuf/default.nix @@ -1,7 +1,7 @@ # Pin protobuf to version 3.12, with LLVM. { depot, pkgs, ... }: -pkgs.callPackage "${depot.third_party.nixpkgsSrc}/pkgs/development/libraries/protobuf/generic-v3.nix" { +pkgs.callPackage "${pkgs.path}/pkgs/development/libraries/protobuf/generic-v3.nix" { version = "3.12.2"; sha256 = "1lp368aa206vpic9fmax4k6llnmf28plfvkkm4vqhgphmjqykvl2"; stdenv = pkgs.llvmPackages.libcxxStdenv; diff --git a/third_party/rr/default.nix b/third_party/rr/default.nix deleted file mode 100644 index 8f2cf85cc5da..000000000000 --- a/third_party/rr/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, ... }: - -pkgs.originals.rr.overrideAttrs(_: { - src = pkgs.fetchFromGitHub { - owner = "mozilla"; - repo = "rr"; - rev = "8fc7d2a09a739fee1883d262501e88613165c1dd"; - sha256 = "0avq5lv082z2sasggfn2awnfrh08cr8f0i9iw1dnrcxa6pc3bi9k"; - fetchSubmodules = false; - }; - - # Workaround as documented on https://github.com/mozilla/rr/wiki/Zen - postInstall = '' - cp $src/scripts/zen_workaround.py $out/bin/rr_zen_workaround - ''; -}) diff --git a/users/Profpatsch/writers/tests/default.nix b/users/Profpatsch/writers/tests/default.nix index 4b28792f75a0..e61bf482eeaa 100644 --- a/users/Profpatsch/writers/tests/default.nix +++ b/users/Profpatsch/writers/tests/default.nix @@ -1,4 +1,4 @@ -{ depot, ... }: +{ depot, pkgs, ... }: let inherit (depot.users.Profpatsch.writers) @@ -9,7 +9,7 @@ let rustSimpleBin ; - inherit (depot.third_party) + inherit (pkgs) coreutils ; diff --git a/users/glittershark/achilles/default.nix b/users/glittershark/achilles/default.nix index 8ce6fda5c1c7..4ad71455d444 100644 --- a/users/glittershark/achilles/default.nix +++ b/users/glittershark/achilles/default.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: +{ depot, pkgs, ... }: -pkgs.naersk.buildPackage { +depot.third_party.naersk.buildPackage { src = ./.; buildInputs = with pkgs; [ diff --git a/users/glittershark/owothia/default.nix b/users/glittershark/owothia/default.nix index 171bb3668956..e10098ed943b 100644 --- a/users/glittershark/owothia/default.nix +++ b/users/glittershark/owothia/default.nix @@ -1,4 +1,6 @@ -{ pkgs ? (import ../../../. {}).third_party, ... }: +{ depot ? (import ../../../. {}) +, pkgs ? depot.third_party.nixpkgs +, ... }: pkgs.haskellPackages.callCabal2nix "owothia" - (pkgs.gitignoreSource ./.) { } + (depot.third_party.gitignoreSource ./.) { } diff --git a/users/glittershark/pkgs/fprintd/default.nix b/users/glittershark/pkgs/fprintd/default.nix index 0f9d414aeb86..1a977e34d37e 100644 --- a/users/glittershark/pkgs/fprintd/default.nix +++ b/users/glittershark/pkgs/fprintd/default.nix @@ -1,9 +1,11 @@ -args @ { pkgs, ... }: +{ depot, pkgs, ... }: let - nixpkgs = import pkgs.nixpkgsSrc { + nixpkgs = import pkgs.path { config.allowUnfree = true; overlays = [(self: super: { + # TODO(grfn): Can we not override this here? It bootstraps + # rustc, builds firefox, and many other things. gcc = super.gcc9; })]; }; diff --git a/users/glittershark/system/home/default.nix b/users/glittershark/system/home/default.nix index 1d6d8795ab97..1efba3f3c1e5 100644 --- a/users/glittershark/system/home/default.nix +++ b/users/glittershark/system/home/default.nix @@ -3,15 +3,13 @@ with lib; rec { - nixpkgs = import pkgs.nixpkgsSrc {}; - - home = confPath: (import "${nixpkgs.home-manager.src}/modules" { - pkgs = nixpkgs; + home = confPath: (import "${pkgs.home-manager.src}/modules" { + inherit pkgs; configuration = { config, lib, ... }: { imports = [confPath]; _module.args.pkgs = mkForce - (import pkgs.nixpkgsSrc (filterAttrs (n: v: v != null) config.nixpkgs)); + (import pkgs.path (filterAttrs (n: v: v != null) config.nixpkgs)); lib.depot = depot; }; diff --git a/users/glittershark/system/home/modules/development.nix b/users/glittershark/system/home/modules/development.nix index 1152a3395a8e..04a501e74b38 100644 --- a/users/glittershark/system/home/modules/development.nix +++ b/users/glittershark/system/home/modules/development.nix @@ -54,7 +54,7 @@ with lib; gdb lldb hyperfine - config.lib.depot.third_party.clang-tools + clang-tools clj2nix clojure diff --git a/users/glittershark/system/system/default.nix b/users/glittershark/system/system/default.nix index a640b3337c9c..78cab61a01f9 100644 --- a/users/glittershark/system/system/default.nix +++ b/users/glittershark/system/system/default.nix @@ -1,19 +1,15 @@ args @ { depot, pkgs, ... }: -let - nixpkgs = import pkgs.nixpkgsSrc {}; -in - rec { chupacabra = import ./machines/chupacabra.nix; - chupacabraSystem = (pkgs.nixos { + chupacabraSystem = (depot.third_party.nixos { configuration = chupacabra; }).system; mugwump = import ./machines/mugwump.nix; - mugwumpSystem = (pkgs.nixos { + mugwumpSystem = (depot.third_party.nixos { configuration = mugwump; }).system; @@ -22,14 +18,14 @@ rec { roswellSystem = (depot.ops.nixos.nixosFor ({ ... }: { imports = [ ./machines/roswell.nix - "${nixpkgs.home-manager.src}/nixos" + "${pkgs.home-manager.src}/nixos" ]; home-manager.users.grfn = { config, lib, ... }: { imports = [ ../home/machines/roswell.nix ]; lib.depot = depot; _module.args.pkgs = lib.mkForce - (import pkgs.nixpkgsSrc + (import pkgs.path (lib.filterAttrs (n: v: v != null) config.nixpkgs)); }; })).system; @@ -60,7 +56,7 @@ rec { system=$(nix-build -E '(import ${depotPath} {}).users.glittershark.system.system.${hostname}' --no-out-link) ;; ''; - in depot.third_party.writeShellScriptBin "rebuilder" '' + in pkgs.writeShellScriptBin "rebuilder" '' set -ue if [[ $EUID -ne 0 ]]; then echo "Oh no! Only root is allowed to rebuild the system!" >&2 diff --git a/users/glittershark/system/system/iso.nix b/users/glittershark/system/system/iso.nix index 056922ee1e82..256aee6a5e3a 100644 --- a/users/glittershark/system/system/iso.nix +++ b/users/glittershark/system/system/iso.nix @@ -1,17 +1,17 @@ -{ pkgs, ... }: +{ depot, lib, pkgs, ... }: let configuration = { ... }: { imports = [ - "${pkgs.nixpkgsSrc}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel.nix" - "${pkgs.nixpkgsSrc}/nixos/modules/installer/cd-dvd/channel.nix" + "${pkgs.path}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel.nix" + "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix" ]; networking.networkmanager.enable = true; networking.useDHCP = false; networking.firewall.enable = false; - networking.wireless.enable = pkgs.lib.mkForce false; + networking.wireless.enable = lib.mkForce false; }; -in (pkgs.nixos { +in (depot.third_party.nixos { inherit configuration; }).config.system.build.isoImage diff --git a/users/glittershark/xanthous/default.nix b/users/glittershark/xanthous/default.nix index 0b89a50afb9e..c417c7af3e34 100644 --- a/users/glittershark/xanthous/default.nix +++ b/users/glittershark/xanthous/default.nix @@ -4,4 +4,6 @@ }: pkgs.haskell.lib.failOnAllWarnings ( pkgs.haskellPackages.callPackage (import ./pkg.nix { inherit pkgs; }) {} -) +) // { + meta.ci = false; +} diff --git a/users/glittershark/xanthous/pkg.nix b/users/glittershark/xanthous/pkg.nix index 98a9b9b6a6b1..16a6500866a7 100644 --- a/users/glittershark/xanthous/pkg.nix +++ b/users/glittershark/xanthous/pkg.nix @@ -1,10 +1,10 @@ -{ pkgs ? (import ../../../. {}).third_party }: +{ depot ? (import ../../../. {}) +, pkgs ? depot.third_party.nixpkgs +, ... }: let - ignore = pkgs.gitignoreSource.gitignoreFilter ./.; -in - -import (pkgs.haskellPackages.haskellSrc2nix { + ignore = depot.third_party.gitignoreSource.gitignoreFilter ./.; +in import (pkgs.haskellPackages.haskellSrc2nix { name = "xanthous"; src = builtins.path { name = "xanthous-source"; diff --git a/users/tazjin/aoc2020/default.nix b/users/tazjin/aoc2020/default.nix index 5989224f8d62..7a7309ac5aaa 100644 --- a/users/tazjin/aoc2020/default.nix +++ b/users/tazjin/aoc2020/default.nix @@ -1,7 +1,7 @@ # Solutions for Advent of Code 2020, written in Emacs Lisp. # # For each day a new file is created as "solution-day$n.el". -{ depot, ... }: +{ depot, pkgs, ... }: let inherit (builtins) attrNames filter head listToAttrs match readDir; @@ -16,7 +16,7 @@ let deps = p: with p; [ dash s ht p.f ]; src = ./. + ("/" + f); }) solutionFiles; -in depot.third_party.symlinkJoin { +in pkgs.symlinkJoin { name = "aoc2020"; paths = solutions; } diff --git a/users/tazjin/atom-feed/default.nix b/users/tazjin/atom-feed/default.nix index fe5e4b997c0a..9ed2c6189237 100644 --- a/users/tazjin/atom-feed/default.nix +++ b/users/tazjin/atom-feed/default.nix @@ -1,13 +1,13 @@ # This file defines functions for generating an Atom feed. -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: with depot.nix.yants; let inherit (builtins) map readFile replaceStrings; inherit (lib) concatStrings concatStringsSep removeSuffix; - inherit (depot.third_party) runCommandNoCC; + inherit (pkgs) runCommandNoCC; # 'link' describes a related link to a feed, or feed element. # diff --git a/users/tazjin/blog/default.nix b/users/tazjin/blog/default.nix index a5254b5496c3..a3c373a0fa76 100644 --- a/users/tazjin/blog/default.nix +++ b/users/tazjin/blog/default.nix @@ -2,7 +2,7 @@ # files in this repository. # # All blog posts are rendered from Markdown by cheddar. -{ depot, lib, ... }@args: +{ depot, lib, pkgs, ... }@args: with depot.nix.yants; @@ -36,7 +36,7 @@ let posts = list post (import ./posts.nix); fragments = import ./fragments.nix args; - rendered = depot.third_party.runCommandNoCC "tazjins-blog" {} '' + rendered = pkgs.runCommandNoCC "tazjins-blog" {} '' mkdir -p $out ${lib.concatStringsSep "\n" (map (post: diff --git a/users/tazjin/blog/fragments.nix b/users/tazjin/blog/fragments.nix index 98028fad7029..1ffddeeb6758 100644 --- a/users/tazjin/blog/fragments.nix +++ b/users/tazjin/blog/fragments.nix @@ -7,11 +7,11 @@ # # The post index is generated by //users/tazjin/homepage, not by this # code. -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: let inherit (builtins) filter map hasAttr replaceStrings; - inherit (depot.third_party) runCommandNoCC writeText; + inherit (pkgs) runCommandNoCC writeText; inherit (depot.users.tazjin) renderMarkdown; # Generate a post list for all listed, non-draft posts. diff --git a/users/tazjin/dt/default.nix b/users/tazjin/dt/default.nix index 04430c883bf6..8a728062db21 100644 --- a/users/tazjin/dt/default.nix +++ b/users/tazjin/dt/default.nix @@ -1,13 +1,11 @@ { depot, pkgs, ... }: -let - stdenv = with pkgs; overrideCC clangStdenv clang_11; - abseil_cpp = pkgs.abseil_cpp; +let stdenv = with pkgs; overrideCC clangStdenv clang_11; in stdenv.mkDerivation { name = "dt"; src = ./.; nativeBuildInputs = [ pkgs.cmake ]; - buildInputs = with pkgs; [ + buildInputs = with depot.third_party; [ abseil_cpp farmhash ]; diff --git a/users/tazjin/emacs/default.nix b/users/tazjin/emacs/default.nix index c7f0f8c03dc9..b4d5f952e954 100644 --- a/users/tazjin/emacs/default.nix +++ b/users/tazjin/emacs/default.nix @@ -10,12 +10,10 @@ { depot, lib, pkgs, ... }: let - inherit (depot) third_party; - - emacsWithPackages = (third_party.emacsPackagesGen third_party.emacs27).emacsWithPackages; + emacsWithPackages = (pkgs.emacsPackagesGen pkgs.emacs27).emacsWithPackages; # $PATH for binaries that need to be available to Emacs - emacsBinPath = lib.makeBinPath [ third_party.emacsPackages.telega ]; + emacsBinPath = lib.makeBinPath [ pkgs.emacsPackages.telega ]; identity = x: x; @@ -109,7 +107,7 @@ let depot.third_party.emacs.vterm depot.third_party.emacs.explain-pause-mode ])))); -in lib.fix(self: l: f: third_party.writeShellScriptBin "tazjins-emacs" '' +in lib.fix(self: l: f: pkgs.writeShellScriptBin "tazjins-emacs" '' export PATH="${emacsBinPath}:$PATH" exec ${tazjinsEmacs f}/bin/emacs \ --debug-init \ @@ -129,7 +127,7 @@ in lib.fix(self: l: f: third_party.writeShellScriptBin "tazjins-emacs" '' # Build a derivation that uses the specified local Emacs (i.e. # built outside of Nix) instead - withLocalEmacs = emacsBin: third_party.writeShellScriptBin "tazjins-emacs" '' + withLocalEmacs = emacsBin: pkgs.writeShellScriptBin "tazjins-emacs" '' export PATH="${emacsBinPath}:$PATH" export EMACSLOADPATH="${(tazjinsEmacs f).deps}/share/emacs/site-lisp:" exec ${emacsBin} \ diff --git a/users/tazjin/homepage/default.nix b/users/tazjin/homepage/default.nix index 8f53eba67e80..17d5d5cc87de 100644 --- a/users/tazjin/homepage/default.nix +++ b/users/tazjin/homepage/default.nix @@ -5,14 +5,14 @@ # elements for things such as blog posts and projects. # # Content for the blog is in //users/tazjin/blog instead of here. -{ depot, lib, ... }@args: +{ depot, lib, pkgs, ... }@args: with depot; with nix.yants; let inherit (builtins) readFile replaceStrings sort; - inherit (third_party) writeFile runCommandNoCC; + inherit (pkgs) writeFile runCommandNoCC; # The different types of entries on the homepage. entryClass = enum "entryClass" [ "blog" "project" "misc" ]; @@ -58,7 +58,7 @@ let ''); - index = entries: third_party.writeText "index.html" (lib.concatStrings ( + index = entries: pkgs.writeText "index.html" (lib.concatStrings ( [ (builtins.readFile ./header.html) ] ++ (map entryToDiv (sort (a: b: a.date > b.date) entries)) ++ [ (builtins.readFile ./footer.html) ] diff --git a/users/tazjin/nixos/camden/default.nix b/users/tazjin/nixos/camden/default.nix index d5a9d61bda2f..f334320b381b 100644 --- a/users/tazjin/nixos/camden/default.nix +++ b/users/tazjin/nixos/camden/default.nix @@ -2,7 +2,7 @@ { depot, pkgs, lib, ... }: config: let - nixpkgs = import depot.third_party.nixpkgsSrc { + nixpkgs = import pkgs.path { config.allowUnfree = true; }; @@ -85,7 +85,7 @@ in lib.fix(self: { nixPath = [ "depot=/home/tazjin/depot" - "nixpkgs=${depot.third_party.nixpkgsSrc}" + "nixpkgs=${pkgs.path}" ]; trustedUsers = [ "root" "tazjin" ]; @@ -131,7 +131,6 @@ in lib.fix(self: { (with depot; [ fun.idual.script fun.idual.setAlarm - third_party.pounce ]) ++ # programs from nixpkgs diff --git a/users/tazjin/nixos/frog/default.nix b/users/tazjin/nixos/frog/default.nix index dcc955f96811..35d58147d48f 100644 --- a/users/tazjin/nixos/frog/default.nix +++ b/users/tazjin/nixos/frog/default.nix @@ -1,23 +1,20 @@ -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: config: let inherit (depot.third_party) lieer; - nixpkgs = import depot.third_party.nixpkgsSrc { - config.allowUnfree = true; - }; # add google-c-style here because other machines get it from, eh, # elsewhere. frogEmacs = (depot.users.tazjin.emacs.overrideEmacs(epkgs: epkgs ++ [ - depot.third_party.emacsPackages.google-c-style + pkgs.emacsPackages.google-c-style ])); - quasselClient = depot.third_party.quassel.override { + quasselClient = pkgs.quassel.override { client = true; enableDaemon = false; monolithic = false; }; -in depot.lib.fix(self: { +in lib.fix(self: { imports = [ "${depot.depotPath}/ops/nixos/v4l2loopback.nix" ]; @@ -37,7 +34,7 @@ in depot.lib.fix(self: { kernelModules = [ "dm-snapshot" ]; }; - kernelPackages = nixpkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxPackages_latest; kernel.sysctl = { "kernel.perf_event_paranoid" = -1; }; @@ -58,7 +55,7 @@ in depot.lib.fix(self: { pulseaudio = { enable = true; - package = nixpkgs.pulseaudioFull; + package = pkgs.pulseaudioFull; }; bluetooth = { @@ -70,14 +67,14 @@ in depot.lib.fix(self: { maxJobs = 48; nixPath = [ "depot=/depot" - "nixpkgs=${depot.third_party.nixpkgsSrc}" + "nixpkgs=${pkgs.path}" ]; binaryCaches = ["ssh://nix-ssh@whitby.tvl.fyi"]; binaryCachePublicKeys = ["cache.tvl.fyi:fd+9d1ceCPvDX/xVhcfv8nAa6njEhAGAEe+oGJDEeoc="]; }; - nixpkgs.pkgs = nixpkgs; + nixpkgs.pkgs = pkgs; networking = { hostName = "frog"; @@ -95,7 +92,7 @@ in depot.lib.fix(self: { # Generate an immutable /etc/resolv.conf from the nameserver settings # above (otherwise DHCP overwrites it): environment.etc."resolv.conf" = with lib; { - source = depot.third_party.writeText "resolv.conf" '' + source = pkgs.writeText "resolv.conf" '' ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)} options edns0 ''; @@ -114,7 +111,7 @@ in depot.lib.fix(self: { extraGroups = [ "wheel" "audio" "docker" ]; isNormalUser = true; uid = 1000; - shell = nixpkgs.fish; + shell = pkgs.fish; }; security.sudo = { @@ -123,7 +120,7 @@ in depot.lib.fix(self: { }; fonts = { - fonts = with nixpkgs; [ + fonts = with pkgs; [ corefonts dejavu_fonts jetbrains-mono @@ -158,7 +155,7 @@ in depot.lib.fix(self: { # Required for Yubikey usage as smartcard services.pcscd.enable = true; services.udev.packages = [ - nixpkgs.yubikey-personalization + pkgs.yubikey-personalization ]; # Enable Docker for Nixery testing @@ -175,7 +172,7 @@ in depot.lib.fix(self: { videoDrivers = [ "amdgpu" ]; displayManager = { # Give EXWM permission to control the session. - sessionCommands = "${nixpkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER"; + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER"; lightdm.enable = true; lightdm.greeters.gtk.clock-format = "%H·%M"; # TODO(tazjin): TZ? @@ -224,15 +221,12 @@ in depot.lib.fix(self: { lieer ops.kontemplate quasselClient - third_party.ffmpeg third_party.git - third_party.lutris - third_party.rr tools.nsfv-setup ]) ++ # programs from nixpkgs - (with nixpkgs; [ + (with pkgs; [ age bat chromium @@ -245,6 +239,7 @@ in depot.lib.fix(self: { emacs27 # mostly for emacsclient exa fd + ffmpeg-full file gdb gnupg @@ -259,6 +254,7 @@ in depot.lib.fix(self: { jq kubectl linuxPackages.perf + # lutris manpages miller msmtp @@ -276,6 +272,7 @@ in depot.lib.fix(self: { pmutils pwgen ripgrep + rr rustup screen scrot diff --git a/users/tazjin/nixos/tverskoy/default.nix b/users/tazjin/nixos/tverskoy/default.nix index 42fd01c30e96..c2694bf5eb03 100644 --- a/users/tazjin/nixos/tverskoy/default.nix +++ b/users/tazjin/nixos/tverskoy/default.nix @@ -1,17 +1,17 @@ -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: config: let # add google-c-style here because other machines get it from, eh, # elsewhere. emacs = (depot.users.tazjin.emacs.overrideEmacs(epkgs: epkgs ++ [ - depot.third_party.emacsPackages.google-c-style + pkgs.emacsPackages.google-c-style ])); - nixpkgs = import depot.third_party.nixpkgsSrc { + nixpkgs = import pkgs.path { config.allowUnfree = true; }; - quasselClient = depot.third_party.quassel.override { + quasselClient = pkgs.quassel.override { client = true; enableDaemon = false; monolithic = false; @@ -33,8 +33,8 @@ in lib.fix(self: { nix = { nixPath = lib.mkForce [ - "nixpkgs=${depot.third_party.nixpkgsSrc}" - "nixos=${depot.third_party.nixpkgsSrc}" + "nixpkgs=${pkgs.path}" + "nixos=${pkgs.path}" "depot=/depot" ]; diff --git a/users/tazjin/renderMarkdown.nix b/users/tazjin/renderMarkdown.nix index 58f29c30e0f3..0994661cbb9c 100644 --- a/users/tazjin/renderMarkdown.nix +++ b/users/tazjin/renderMarkdown.nix @@ -1,9 +1,9 @@ # Render a Markdown file to HTML. -{ depot, ... }: +{ depot, pkgs, ... }: with depot.nix.yants; -defun [ path drv ] (file: depot.third_party.runCommandNoCC "${file}.rendered.html" {} '' +defun [ path drv ] (file: pkgs.runCommandNoCC "${file}.rendered.html" {} '' cat ${file} | ${depot.tools.cheddar}/bin/cheddar --about-filter ${file} > $out '') diff --git a/users/tazjin/rlox/default.nix b/users/tazjin/rlox/default.nix index 4b2d650cb585..e50ac32be452 100644 --- a/users/tazjin/rlox/default.nix +++ b/users/tazjin/rlox/default.nix @@ -1,5 +1,5 @@ -{ pkgs, ... }: +{ depot, ... }: -pkgs.naersk.buildPackage { +depot.third_party.naersk.buildPackage { src = ./.; } diff --git a/web/cgit-taz/default.nix b/web/cgit-taz/default.nix index 636695c883c5..f2f47e5793a2 100644 --- a/web/cgit-taz/default.nix +++ b/web/cgit-taz/default.nix @@ -1,11 +1,15 @@ # This derivation configures a 'cgit' instance to serve repositories # from a different source. - -{ depot, ... }: - -with depot.third_party; +{ depot, pkgs, ... }: let + inherit (pkgs) + mime-types + thttpd + writeShellScriptBin + writeText + ; + sourceFilter = writeShellScriptBin "cheddar-about" '' exec ${depot.tools.cheddar}/bin/cheddar --about-filter $@ ''; @@ -33,7 +37,7 @@ let thttpdConfig = writeText "thttpd.conf" '' port=2448 - dir=${cgit}/cgit + dir=${depot.third_party.cgit}/cgit nochroot novhost cgipat=**.cgi diff --git a/web/converse/default.nix b/web/converse/default.nix index a75067119694..cc2dab7f88f8 100644 --- a/web/converse/default.nix +++ b/web/converse/default.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: +{ depot, pkgs, ... }: -pkgs.naersk.buildPackage { +depot.third_party.naersk.buildPackage { src = ./.; buildInputs = with pkgs; [ openssl postgresql.lib ]; nativeBuildInputs = [ pkgs.pkgconfig ]; diff --git a/web/todolist/default.nix b/web/todolist/default.nix index 47640c87416e..c9efbc03f936 100644 --- a/web/todolist/default.nix +++ b/web/todolist/default.nix @@ -2,12 +2,12 @@ # # Only TODOs that match the form 'TODO($username)' are considered, and # only for users that are known to us. -{ depot, lib, ... }: +{ depot, lib, pkgs, ... }: with depot.nix.yants; let - inherit (depot.third_party) + inherit (pkgs) jq ripgrep runCommandNoCC -- cgit 1.4.1