From bb57760151f49e466188618f697fdc994cbe4baf Mon Sep 17 00:00:00 2001 From: Paul-Henri Froidmont Date: Tue, 17 Jan 2023 11:21:33 +0100 Subject: [PATCH] Switch to stable branch and update inputs --- flake.lock | 39 ++++-- flake.nix | 303 +++++++++++++++++++++------------------- modules/belgian-eid.nix | 4 +- modules/system.nix | 9 +- overlay.nix | 10 -- users/default.nix | 8 +- 6 files changed, 196 insertions(+), 177 deletions(-) diff --git a/flake.lock b/flake.lock index 2622e9c..7e36561 100644 --- a/flake.lock +++ b/flake.lock @@ -6,11 +6,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1669740584, - "narHash": "sha256-rHxz/olYeCx9GHjJTZElkVCVo4aXaP9FNaQ8oyCLz9A=", + "lastModified": 1673948101, + "narHash": "sha256-cD0OzFfnLFeeaz4jVszH9QiMTn+PBxmcYzrp+xujpwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b0a446bbf29cfeb78e0d1a8210bdf6fae8efccd", + "rev": "bd3efacb82c721edad1ce9eda583df5fb62ab00a", "type": "github" }, "original": { @@ -21,11 +21,27 @@ }, "nixpkgs": { "locked": { - "lastModified": 1669052418, - "narHash": "sha256-M1I4BKXBQm2gey1tScemEh5TpHHE3gKptL7BpWUvL8s=", + "lastModified": 1671983799, + "narHash": "sha256-Z2Ro6hFPZHkBqkVXY5/aBUzxi5xizQGvuHQ9+T5B/ks=", "owner": "nixos", "repo": "nixpkgs", - "rev": "20fc948445a6c22d4e8d5178e9a6bc6e1f5417c8", + "rev": "fad51abd42ca17a60fc1d4cb9382e2d79ae31836", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1673796341, + "narHash": "sha256-1kZi9OkukpNmOaPY7S5/+SlCDOuYnP3HkXHvNDyLQcc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "6dccdc458512abce8d19f74195bb20fdb067df50", "type": "github" }, "original": { @@ -37,16 +53,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669542132, - "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", + "lastModified": 1673800717, + "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a115bb9bd56831941be3776c8a94005867f316a7", + "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } @@ -54,7 +70,8 @@ "root": { "inputs": { "home-manager": "home-manager", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable" } }, "utils": { diff --git a/flake.nix b/flake.nix index 2c26845..c27ba09 100644 --- a/flake.nix +++ b/flake.nix @@ -1,167 +1,184 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager.url = "github:nix-community/home-manager"; }; - outputs = { self, home-manager, nixpkgs }: { + outputs = { self, home-manager, nixpkgs, nixpkgs-unstable }: + let + pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux; + commonModuleArgs = { pkgs, ... }: { + _module.args.pkgs-unstable = import nixpkgs-unstable { + inherit (pkgs.stdenv.targetPlatform) system; + config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ + "corefonts" + "steam" + "steam-original" + "steam-run" + ]; + }; + }; + in + { + nixosConfigurations.nixos-desktop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit nixpkgs; inherit nixpkgs-unstable; }; + modules = + [ + home-manager.nixosModules.home-manager + commonModuleArgs + ./hardware/desktop.nix + ./profiles/base.nix + ./users + ( + { + nixpkgs.overlays = [ (import ./overlay.nix { }) ]; + networking.hostName = "nixos-desktop"; + # Allow to externally control MPD + networking.firewall.allowedTCPPorts = [ 6600 ]; - nixosConfigurations.nixos-desktop = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit nixpkgs; }; - modules = - [ - home-manager.nixosModules.home-manager - ./hardware/desktop.nix - ./profiles/base.nix - ./users - ( - { - nixpkgs.overlays = [ (import ./overlay.nix { }) ]; - networking.hostName = "nixos-desktop"; - # Allow to externally control MPD - networking.firewall.allowedTCPPorts = [ 6600 ]; + nix.registry.nixpkgs.flake = nixpkgs; - nix.registry.nixpkgs.flake = nixpkgs; + system.stateVersion = "19.09"; + } + ) + ]; + }; - system.stateVersion = "19.09"; - } - ) - ]; - }; + nixosConfigurations.froidmpa-laptop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit nixpkgs; inherit nixpkgs-unstable; }; + modules = + [ + home-manager.nixosModules.home-manager + commonModuleArgs + ./hardware/clevo-nl51ru.nix + ./profiles/base.nix + ./users + ( + { + nixpkgs.overlays = [ (import ./overlay.nix { }) ]; + networking.hostName = "froidmpa-laptop"; - nixosConfigurations.froidmpa-laptop = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit nixpkgs; }; - modules = - [ - home-manager.nixosModules.home-manager - ./hardware/clevo-nl51ru.nix - ./profiles/base.nix - ./users - ( - { - nixpkgs.overlays = [ (import ./overlay.nix { }) ]; - networking.hostName = "froidmpa-laptop"; + nix.registry.nixpkgs.flake = nixpkgs; - nix.registry.nixpkgs.flake = nixpkgs; - - home-manager.users.froidmpa = { pkgs, config, ... }: { - services.network-manager-applet.enable = true; - services.blueman-applet.enable = true; - services.grobi = { - enable = true; - executeAfter = [ "${pkgs.systemd}/bin/systemctl --user restart stalonetray" "${pkgs.feh}/bin/feh --bg-fill ~/.wallpaper.png" ]; - rules = [ - { - name = "External HDMI"; - outputs_connected = [ "HDMI-1" ]; - configure_single = "HDMI-1"; - primary = true; - atomic = true; - } - { - name = "Primary"; - configure_single = "eDP"; - } - ]; - }; - }; - - system.stateVersion = "21.05"; - } - ) - - ]; - }; - - nixosConfigurations.rpi3 = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = - [ - ( - { pkgs, ... }: { - networking.hostName = "rpi3"; - - nix.registry.nixpkgs.flake = nixpkgs; - - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - boot.kernelParams = [ "cma=256M" ]; - - fileSystems."/" = - { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - - swapDevices = [{ device = "/swapfile"; size = 1024; }]; - - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keyFiles = [ - ./ssh_keys/phfroidmont-desktop.pub - ./ssh_keys/phfroidmont-laptop.pub - ]; - - services.adguardhome = { - enable = true; - - host = "0.0.0.0"; - port = 80; - openFirewall = true; - - mutableSettings = false; - - settings = { - auth_attempts = 5; - block_auth_min = 15; - dns = { - bind_host = "0.0.0.0"; - port = 53; - statistics_interval = 90; - querylog_enabled = true; - querylog_interval = "2160h"; - upstream_dns = [ - "tls://doh.mullvad.net" - "[/lan/]192.168.1.1" - "[//]192.168.1.1" - ]; - local_ptr_upstreams = [ "192.168.1.1" ]; - use_private_ptr_resolvers = true; - resolve_clients = true; - bootstrap_dns = [ "9.9.9.10" ]; - rewrites = [ + home-manager.users.froidmpa = { pkgs, config, ... }: { + services.network-manager-applet.enable = true; + services.blueman-applet.enable = true; + services.grobi = { + enable = true; + executeAfter = [ "${pkgs.systemd}/bin/systemctl --user restart stalonetray" "${pkgs.feh}/bin/feh --bg-fill ~/.wallpaper.png" ]; + rules = [ { - domain = "rpi3"; - answer = "192.168.1.2"; + name = "External HDMI"; + outputs_connected = [ "HDMI-1" ]; + configure_single = "HDMI-1"; + primary = true; + atomic = true; } { - domain = "rpi3.lan"; - answer = "192.168.1.2"; + name = "Primary"; + configure_single = "eDP"; } ]; }; }; - }; - networking.firewall.allowedTCPPorts = [ 53 ]; - networking.firewall.allowedUDPPorts = [ 53 ]; + system.stateVersion = "21.05"; + } + ) - environment.systemPackages = with pkgs; [ - vim - htop - ]; + ]; + }; - nix = { - nixPath = [ - "nixpkgs=${nixpkgs}" + nixosConfigurations.rpi3 = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = + [ + ( + { pkgs, ... }: { + networking.hostName = "rpi3"; + + nix.registry.nixpkgs.flake = nixpkgs; + + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + boot.kernelParams = [ "cma=256M" ]; + + fileSystems."/" = + { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + + swapDevices = [{ device = "/swapfile"; size = 1024; }]; + + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keyFiles = [ + ./ssh_keys/phfroidmont-desktop.pub + ./ssh_keys/phfroidmont-laptop.pub ]; - }; - system.stateVersion = "22.05"; - } - ) - ]; + services.adguardhome = { + enable = true; + + host = "0.0.0.0"; + port = 80; + openFirewall = true; + + mutableSettings = false; + + settings = { + auth_attempts = 5; + block_auth_min = 15; + dns = { + bind_host = "0.0.0.0"; + port = 53; + statistics_interval = 90; + querylog_enabled = true; + querylog_interval = "2160h"; + upstream_dns = [ + "tls://doh.mullvad.net" + "[/lan/]192.168.1.1" + "[//]192.168.1.1" + ]; + local_ptr_upstreams = [ "192.168.1.1" ]; + use_private_ptr_resolvers = true; + resolve_clients = true; + bootstrap_dns = [ "9.9.9.10" ]; + rewrites = [ + { + domain = "rpi3"; + answer = "192.168.1.2"; + } + { + domain = "rpi3.lan"; + answer = "192.168.1.2"; + } + ]; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 53 ]; + networking.firewall.allowedUDPPorts = [ 53 ]; + + environment.systemPackages = with pkgs; [ + vim + htop + ]; + + nix = { + nixPath = [ + "nixpkgs=${nixpkgs}" + ]; + }; + + system.stateVersion = "22.05"; + } + ) + ]; + }; }; - }; } diff --git a/modules/belgian-eid.nix b/modules/belgian-eid.nix index 7aa8321..17fa5fa 100644 --- a/modules/belgian-eid.nix +++ b/modules/belgian-eid.nix @@ -1,7 +1,7 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, pkgs-unstable, ... }: { services.pcscd.enable = true; - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs-unstable; [ eid-mw ]; } diff --git a/modules/system.nix b/modules/system.nix index e4217ca..27f324f 100644 --- a/modules/system.nix +++ b/modules/system.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, nixpkgs, ... }: +{ config, lib, pkgs, nixpkgs, pkgs-unstable, nixpkgs-unstable, ... }: { nix = { @@ -20,11 +20,11 @@ experimental-features = nix-command flakes ''; nixPath = [ - "nixpkgs=${nixpkgs}" + "nixpkgs=${nixpkgs-unstable}" ]; }; - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs-unstable; [ wget inetutils openvpn @@ -47,9 +47,8 @@ lsof dnsutils ]; - nixpkgs.config.allowUnfree = true; fonts = { - fonts = with pkgs; [ + fonts = with pkgs-unstable; [ corefonts # Microsoft free fonts meslo-lgs-nf ]; diff --git a/overlay.nix b/overlay.nix index baf319b..40d07ed 100644 --- a/overlay.nix +++ b/overlay.nix @@ -3,15 +3,5 @@ final: prev: { ncmpcpp = prev.ncmpcpp.override { visualizerSupport = true; }; firefox = prev.firefox.override { pkcs11Modules = [ prev.eid-mw ]; }; - exodus = prev.exodus.overrideDerivation (old: { - src = prev.fetchurl { - url = "https://downloads.exodus.com/releases/${old.pname}-linux-x64-${old.version}.zip"; - sha256 = "sha256-rizVb3Yckd0ionRunT7VRq+wJvtNffkk3QzxTYQgvnY="; - }; - unpackCmd = '' - ${prev.unzip}/bin/unzip "$src" -x "Exodus*/lib*so" - ''; - }); - activitywatch-bin = prev.callPackage ./packages/activitywatch.nix { }; } diff --git a/users/default.nix b/users/default.nix index e11d552..65a0b07 100644 --- a/users/default.nix +++ b/users/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, pkgs-unstable, ... }: { environment.pathsToLink = [ "/share/zsh" ]; @@ -16,9 +16,6 @@ nixpkgs = { overlays = [ (import ../overlay.nix { }) ]; - config = { - allowUnfree = true; - }; }; xsession = { @@ -242,7 +239,7 @@ }; }; - packages = with pkgs; [ + packages = with pkgs-unstable; [ haskellPackages.xmobar i3lock ncmpcpp @@ -275,7 +272,6 @@ portfolio transmission-remote-gtk monero-gui - exodus jdk jetbrains.idea-community