diff --git a/modules/system/nix/determinate.mod.nix b/modules/system/nix/determinate.mod.nix deleted file mode 100644 index 55affa2..0000000 --- a/modules/system/nix/determinate.mod.nix +++ /dev/null @@ -1,76 +0,0 @@ -{ - config, - lib, - pkgs, - sources, - ... -}: -let - determinate = - (import sources.flake-compat { - src = sources.determinate; - copySourceTreeToStore = false; - }).outputs; - dix = - (import sources.flake-compat { - src = determinate.inputs.nix; - copySourceTreeToStore = false; - }).outputs.packages.${pkgs.stdenv.system}.nix; - - # Stronger than mkDefault (1000), weaker than mkForce (50) and the "default override priority" - # (100). - mkPreferable = lib.mkOverride 750; - - # Stronger than the "default override priority", as the upstream module uses that, and weaker than mkForce (50). - mkMorePreferable = lib.mkOverride 75; -in -{ - config = { - nix = { - package = dix; - }; - environment.systemPackages = [ - determinate.packages.${pkgs.stdenv.system}.default - ]; - - # NOTE(cole-h): Move the generated nix.conf to /etc/nix/nix.custom.conf, which is included from - # the Determinate Nixd-managed /etc/nix/nix.conf. - environment.etc."nix/nix.conf".target = "nix/nix.custom.conf"; - systemd = { - services.nix-daemon.serviceConfig = { - ExecStart = [ - "" - "@${ - determinate.packages.${pkgs.stdenv.system}.default - }/bin/determinate-nixd determinate-nixd --nix-bin ${config.nix.package}/bin daemon" - ]; - KillMode = mkPreferable "process"; - LimitNOFILE = mkMorePreferable 1048576; - LimitSTACK = mkPreferable "64M"; - TasksMax = mkPreferable 1048576; - }; - sockets = { - nix-daemon.socketConfig.FileDescriptorName = "nix-daemon.socket"; - determinate-nixd = { - description = "Determinate Nixd Daemon Socket"; - wantedBy = [ "sockets.target" ]; - before = [ "multi-user.target" ]; - - unitConfig = { - RequiresMountsFor = [ - "/nix/store" - "/nix/var/determinate" - ]; - }; - - socketConfig = { - Service = "nix-daemon.service"; - FileDescriptorName = "determinate-nixd.socket"; - ListenStream = "/nix/var/determinate/determinate-nixd.socket"; - DirectoryMode = "0755"; - }; - }; - }; - }; - }; -} diff --git a/modules/system/nix/nix.mod.nix b/modules/system/nix/nix.mod.nix index 4ae7264..5eb3fe2 100644 --- a/modules/system/nix/nix.mod.nix +++ b/modules/system/nix/nix.mod.nix @@ -1,17 +1,20 @@ # credits to raf { - config, sources, lib, pkgs, ... }: let - inherit (lib.attrsets) mapAttrsToList; inherit (lib.modules) mkForce; + + lix = pkgs.callPackage "${sources.lix}/package.nix" { + stdenv = pkgs.clangStdenv; + }; in { nix = { + package = lix; # Check that Nix can parse the generated nix.conf. checkConfig = true; @@ -26,10 +29,14 @@ in # registry = # lib.mapAttrs (_: v: {flake = v.outPath;}) sources # // {system.flake = sources.nichts;}; + registry.nixpkgs.to = { + type = "path"; + source = sources.nixpkgs; + }; # Add inputs to the system's legacy channels # to make legacy nix commands consistent as well - nixPath = mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry; + nixPath = [ "nixpkgs=/etc/nixos/nixpkgs" ]; # Run the Nix daemon on lowest possible priority daemonCPUSchedPolicy = "idle"; @@ -116,7 +123,7 @@ in "flakes" # flakes "nix-command" # experimental nix commands "cgroups" # allow nix to execute builds inside cgroups - "pipe-operators" + "pipe-operator" ]; # Ensures that the result of Nix expressions is fully determined by @@ -168,6 +175,9 @@ in }; }; + environment.etc = { + "nixos/nixpkgs".source = builtins.storePath sources.nixpkgs; + }; systemd.services = { # WE DONT WANT TO BUILD STUFF ON TMPFS # ITS NOT A GOOD IDEA diff --git a/npins/sources.json b/npins/sources.json index 68bd682..5a3305a 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -1,34 +1,5 @@ { "pins": { - "determinate": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "determinatesystems", - "repo": "determinate" - }, - "branch": "main", - "submodules": false, - "revision": "5e73b5071ece6da51aa50c55e3438335e2ef9d9c", - "url": "https://github.com/determinatesystems/determinate/archive/5e73b5071ece6da51aa50c55e3438335e2ef9d9c.tar.gz", - "hash": "sha256-UFzMWhD4rN/9C5Rnf6VHB63gHLFgaPxh0meZlRQrbnU=" - }, - "dix": { - "type": "GitRelease", - "repository": { - "type": "GitHub", - "owner": "determinatesystems", - "repo": "nix-src" - }, - "pre_releases": false, - "version_upper_bound": null, - "release_prefix": null, - "submodules": false, - "version": "v3.8.3", - "revision": "aa49e142fc30f0598f954abdc0b83c2f290f12d1", - "url": "https://api.github.com/repos/determinatesystems/nix-src/tarball/v3.8.3", - "hash": "sha256-Z+nd/hOF4mpn1OqjvtrJZAoXwiXJ36wtoubd1kAWhmE=" - }, "flake-compat": { "type": "Git", "repository": { @@ -82,22 +53,33 @@ "url": "https://github.com/nix-community/lanzaboote/archive/5a776450d904b7ccd377c2a759703152b2553e98.tar.gz", "hash": "sha256-9Cc0YqL9ZUpaybJsrRJfXex91QlPmQNqpTLgw/KvJGA=" }, + "lix": { + "type": "Git", + "repository": { + "type": "Forgejo", + "server": "https://git.lix.systems/", + "owner": "lix-project", + "repo": "lix" + }, + "branch": "main", + "submodules": false, + "revision": "9d8ab804355d95d38a61ad5053d415ca1882d554", + "url": "https://git.lix.systems/lix-project/lix/archive/9d8ab804355d95d38a61ad5053d415ca1882d554.tar.gz", + "hash": "sha256-CFoDQz2mnfKWtAb6Y01xu+bfM+Q/6dHGkxKq6W+dzN8=" + }, "lix-module": { - "type": "GitRelease", + "type": "Git", "repository": { "type": "Forgejo", "server": "https://git.lix.systems/", "owner": "lix-project", "repo": "nixos-module" }, - "pre_releases": false, - "version_upper_bound": null, - "release_prefix": null, + "branch": "main", "submodules": false, - "version": "2.93.1", - "revision": "c3c78a32273e89d28367d8605a4c880f0b6607e3", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/2.93.1.tar.gz", - "hash": "sha256-EfA5K5EZAnspmraJrXQlziffVpaT+QDBiE6yKmuaNNQ=" + "revision": "4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f.tar.gz", + "hash": "sha256-gbpuESxl/An4GTh7QEbQRYJozVIxWkwVGbWK0/0GoRc=" }, "nh": { "type": "Git",