nix: switch to lix

Signed-off-by: Bloxx12 <charlie@charlieroot.dev> Change-Id: I6a6a69641a5c002234e971b698d9164999be08f3
2025-07-21 00:06:54 +02:00 · 2025-07-21 00:06:54 +02:00 · f4790c05ed
commit f4790c05ed
parent 6293930e1f
3 changed files with 33 additions and 117 deletions
--- a/modules/system/nix/determinate.mod.nix
+++ b/modules/system/nix/determinate.mod.nix
@ -1,76 +0,0 @@
 {
  config,
  lib,
  pkgs,
  sources,
  ...
 }:
 let
  determinate =
    (import sources.flake-compat {
      src = sources.determinate;
      copySourceTreeToStore = false;
    }).outputs;
  dix =
    (import sources.flake-compat {
      src = determinate.inputs.nix;
      copySourceTreeToStore = false;
    }).outputs.packages.${pkgs.stdenv.system}.nix;
  # Stronger than mkDefault (1000), weaker than mkForce (50) and the "default override priority"
  # (100).
  mkPreferable = lib.mkOverride 750;
  # Stronger than the "default override priority", as the upstream module uses that, and weaker than mkForce (50).
  mkMorePreferable = lib.mkOverride 75;
 in
 {
  config = {
    nix = {
      package = dix;
    };
    environment.systemPackages = [
      determinate.packages.${pkgs.stdenv.system}.default
    ];
    # NOTE(cole-h): Move the generated nix.conf to /etc/nix/nix.custom.conf, which is included from
    # the Determinate Nixd-managed /etc/nix/nix.conf.
    environment.etc."nix/nix.conf".target = "nix/nix.custom.conf";
    systemd = {
      services.nix-daemon.serviceConfig = {
        ExecStart = [
          ""
          "@${
            determinate.packages.${pkgs.stdenv.system}.default
          }/bin/determinate-nixd determinate-nixd --nix-bin ${config.nix.package}/bin daemon"
        ];
        KillMode = mkPreferable "process";
        LimitNOFILE = mkMorePreferable 1048576;
        LimitSTACK = mkPreferable "64M";
        TasksMax = mkPreferable 1048576;
      };
      sockets = {
        nix-daemon.socketConfig.FileDescriptorName = "nix-daemon.socket";
        determinate-nixd = {
          description = "Determinate Nixd Daemon Socket";
          wantedBy = [ "sockets.target" ];
          before = [ "multi-user.target" ];
          unitConfig = {
            RequiresMountsFor = [
              "/nix/store"
              "/nix/var/determinate"
            ];
          };
          socketConfig = {
            Service = "nix-daemon.service";
            FileDescriptorName = "determinate-nixd.socket";
            ListenStream = "/nix/var/determinate/determinate-nixd.socket";
            DirectoryMode = "0755";
          };
        };
      };
    };
  };
 }
--- a/modules/system/nix/nix.mod.nix
+++ b/modules/system/nix/nix.mod.nix
@ -1,17 +1,20 @@
 # credits to raf
 {
  config,
  sources,
  lib,
  pkgs,
  ...
 }:
 let
  inherit (lib.attrsets) mapAttrsToList;
  inherit (lib.modules) mkForce;
  lix = pkgs.callPackage "${sources.lix}/package.nix" {
    stdenv = pkgs.clangStdenv;
  };
 in
 {
  nix = {
    package = lix;
    # Check that Nix can parse the generated nix.conf.
    checkConfig = true;
@ -26,10 +29,14 @@ in
    # registry =
    #   lib.mapAttrs (_: v: {flake = v.outPath;}) sources
    #   // {system.flake = sources.nichts;};
    registry.nixpkgs.to = {
      type = "path";
      source = sources.nixpkgs;
    };
    # Add inputs to the system's legacy channels
    # to make legacy nix commands consistent as well
-    nixPath = mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry;
+    nixPath = [ "nixpkgs=/etc/nixos/nixpkgs" ];
    # Run the Nix daemon on lowest possible priority
    daemonCPUSchedPolicy = "idle";
@ -116,7 +123,7 @@ in
        "flakes" # flakes
        "nix-command" # experimental nix commands
        "cgroups" # allow nix to execute builds inside cgroups
-        "pipe-operators"
+        "pipe-operator"
      ];
      # Ensures that the result of Nix expressions is fully determined by
@ -168,6 +175,9 @@ in
    };
  };
  environment.etc = {
    "nixos/nixpkgs".source = builtins.storePath sources.nixpkgs;
  };
  systemd.services = {
    # WE DONT WANT TO BUILD STUFF ON TMPFS
    # ITS NOT A GOOD IDEA
--- a/npins/sources.json
+++ b/npins/sources.json
@ -1,34 +1,5 @@
 {
  "pins": {
    "determinate": {
      "type": "Git",
      "repository": {
        "type": "GitHub",
        "owner": "determinatesystems",
        "repo": "determinate"
      },
      "branch": "main",
      "submodules": false,
      "revision": "5e73b5071ece6da51aa50c55e3438335e2ef9d9c",
      "url": "https://github.com/determinatesystems/determinate/archive/5e73b5071ece6da51aa50c55e3438335e2ef9d9c.tar.gz",
      "hash": "sha256-UFzMWhD4rN/9C5Rnf6VHB63gHLFgaPxh0meZlRQrbnU="
    },
    "dix": {
      "type": "GitRelease",
      "repository": {
        "type": "GitHub",
        "owner": "determinatesystems",
        "repo": "nix-src"
      },
      "pre_releases": false,
      "version_upper_bound": null,
      "release_prefix": null,
      "submodules": false,
      "version": "v3.8.3",
      "revision": "aa49e142fc30f0598f954abdc0b83c2f290f12d1",
      "url": "https://api.github.com/repos/determinatesystems/nix-src/tarball/v3.8.3",
      "hash": "sha256-Z+nd/hOF4mpn1OqjvtrJZAoXwiXJ36wtoubd1kAWhmE="
    },
    "flake-compat": {
      "type": "Git",
      "repository": {
@ -82,22 +53,33 @@
      "url": "https://github.com/nix-community/lanzaboote/archive/5a776450d904b7ccd377c2a759703152b2553e98.tar.gz",
      "hash": "sha256-9Cc0YqL9ZUpaybJsrRJfXex91QlPmQNqpTLgw/KvJGA="
    },
    "lix": {
      "type": "Git",
      "repository": {
        "type": "Forgejo",
        "server": "https://git.lix.systems/",
        "owner": "lix-project",
        "repo": "lix"
      },
      "branch": "main",
      "submodules": false,
      "revision": "9d8ab804355d95d38a61ad5053d415ca1882d554",
      "url": "https://git.lix.systems/lix-project/lix/archive/9d8ab804355d95d38a61ad5053d415ca1882d554.tar.gz",
      "hash": "sha256-CFoDQz2mnfKWtAb6Y01xu+bfM+Q/6dHGkxKq6W+dzN8="
    },
    "lix-module": {
-      "type": "GitRelease",
+      "type": "Git",
      "repository": {
        "type": "Forgejo",
        "server": "https://git.lix.systems/",
        "owner": "lix-project",
        "repo": "nixos-module"
      },
-      "pre_releases": false,
+      "branch": "main",
      "version_upper_bound": null,
      "release_prefix": null,
      "submodules": false,
-      "version": "2.93.1",
+      "revision": "4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f",
-      "revision": "c3c78a32273e89d28367d8605a4c880f0b6607e3",
+      "url": "https://git.lix.systems/lix-project/nixos-module/archive/4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f.tar.gz",
-      "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/2.93.1.tar.gz",
+      "hash": "sha256-gbpuESxl/An4GTh7QEbQRYJozVIxWkwVGbWK0/0GoRc="
      "hash": "sha256-EfA5K5EZAnspmraJrXQlziffVpaT+QDBiE6yKmuaNNQ="
    },
    "nh": {
      "type": "Git",