Compare commits

..

3 commits

Author SHA1 Message Date
Geoffrey Preud'homme 25c00be8fd
Ability to use unstable packages 2024-03-26 17:04:16 +01:00
Geoffrey Preud'homme fe468eebd7
Remove nixGL 2024-03-26 16:49:09 +01:00
Geoffrey Preud'homme 7973e2ccd7
Remove usernix and home-manager standalone 2024-03-26 16:47:59 +01:00
7 changed files with 13 additions and 252 deletions

View file

@ -1,73 +0,0 @@
#!/usr/bin/env nix-shell
#! nix-shell -i bash
#! nix-shell -p bash nix-output-monitor
echo FIXME Not flakes ready
exit 1
set -euo pipefail
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# Parse arguments
function help {
echo "Usage: $0 [-h|-v|-b] profile"
echo "Build Home Manager configuration on the local machine."
echo
echo "Arguments:"
echo " profile: Home Manager profile to use"
echo
echo "Options:"
echo " -h: Display this help message."
}
while getopts "h" OPTION
do
case "$OPTION" in
h)
help
exit 0
;;
?)
help
exit 2
;;
esac
done
shift "$(($OPTIND -1))"
if [ "$#" -ne 1 ]
then
help
exit 2
fi
profile="$1"
profile_dir="${SCRIPT_DIR}/${profile}"
if [ ! -d "$profile_dir" ]
then
echo "Profile not found."
fi
home_manager_config="${profile_dir}/hm.nix"
if [ ! -f "$home_manager_config" ]
then
echo "Home Manager configuration not found."
fi
set -x
nom-build '<home-manager/home-manager/home-manager.nix>' --argstr confPath "${home_manager_config}" -o "${profile_dir}/hm"
set +x
echo 
path="$(readlink -f "${profile_dir}/hm")"
echo "Manual installation instructions:"
echo "- Transfer $path and dependencies to the destination machine (somehow)"
echo "- Run $path/activate as the destination user"
echo "- Log into the user again to make sure everything is sourced"
echo "- Transfer necessary private keys (or use ssh -A for testing)"
echo "- Run git-sync-init"
echo "- Check that the system can build itself"

View file

@ -1,59 +0,0 @@
#!/usr/bin/env bash
# Runs the command given in a Nix environment, and create it if it doesn't exist.
# Useful for environments where nix isn't installed / you do not have root access
# If you need a fresh slate:
# chmod +w .nix -R
# rm -rf .nix .nix-defexpr .nix-profile .config/nix .local/state/nix .local/share/nix .cache/nix
set -euo pipefail
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
if [ ! -d /nix ]
then
# Doesn't support architectures other than x86_64
NIX_USER_CHROOT_URL=https://github.com/nix-community/nix-user-chroot/releases/download/1.2.2/nix-user-chroot-bin-1.2.2-x86_64-unknown-linux-musl
NIX_USER_CHROOT_SHA256SUM=e11aff604bb8d3ffd1d9c0c68cd636816d7eb8da540de18ee3a41ccad7ac0972
nix_user_chroot="$HOME/.local/bin/nix-user-chroot"
mkdir -p "$(dirname "$nix_user_chroot")"
nix_directory="$HOME/.nix"
mkdir -p "$nix_directory"
if [ ! -x "$nix_user_chroot" ] || ! echo "$NIX_USER_CHROOT_SHA256SUM $nix_user_chroot" | sha256sum --check --status
then
wget "$NIX_USER_CHROOT_URL" -O "$nix_user_chroot"
echo "$NIX_USER_CHROOT_SHA256SUM $nix_user_chroot" | sha256sum --check --status
chmod +x "$nix_user_chroot"
fi
exec "$nix_user_chroot" "$nix_directory" "$0" "$@"
exit 1
fi
nix_profile_path="$HOME/.nix-profile/etc/profile.d/nix.sh"
if [ ! -f "$nix_profile_path" ]
then
NIX_INSTALLER_URL=https://releases.nixos.org/nix/nix-2.19.2/install
NIX_INSTALLER_SHA256SUM=435f0d7e11f7c7dffeeab0ec9cc55723f6d3c03352379d785633cf4ddb5caf90
nix_installer="$(mktemp)"
wget "$NIX_INSTALLER_URL" -O "$nix_installer"
echo "$NIX_INSTALLER_SHA256SUM $nix_installer" | sha256sum --check --status
chmod +x "$nix_installer"
"$nix_installer" --no-daemon --yes --no-channel-add --no-modify-profile
fi
# TODO This installs nix in nix-env, which conflicts with home-manager activation.
# Workaround is temporarily set /nix/store-xxx-nix/bin in PATH
. "$nix_profile_path"
# TODO Useful the first time, but it becomes a bit long after a while
# "${SCRIPT_DIR}/add_channels.sh"
exec "$@"

View file

@ -3,6 +3,7 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-23.11";
unixpkgs.url = "nixpkgs";
# OS
disko = {
url = "disko";
@ -30,19 +31,12 @@
# url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs";
};
nixgl = {
url = "github:guibou/nixGL";
inputs.nixpkgs.follows = "nixpkgs";
};
nur.url = "github:nix-community/NUR";
};
outputs = { self, nixpkgs, disko, nix-on-droid, home-manager, stylix, nixgl, ... }@attrs:
outputs = { self, nixpkgs, unixpkgs, disko, nix-on-droid, stylix, ... }@attrs:
let
nixpkgsConfig = {
overlays = [
nixgl.overlay
];
config = {
allowUnfree = true;
# TODO Not sure why, HM needs nixos-option which needs an old Nix?
@ -50,6 +44,15 @@
"nix-2.15.3"
];
};
overlays = [
(final: prev: { unstable = unixpkgs.legacyPackages.${prev.system}.pkgs; })
];
# Only allows importing packages, not NixOS modules. If that is needed, see:
# https://discourse.nixos.org/t/how-to-use-unstable-nixpkgs-in-imports-with-flake/17414/7
};
homeManagerConfig = {
sharedModules = [ self.homeManagerModules.dotfiles ];
extraSpecialArgs = attrs;
};
lib = {
nixosSystem = { system, modules ? [ ] }: nixpkgs.lib.nixosSystem {
@ -59,10 +62,7 @@
self.nixosModules.dotfiles
{
nixpkgs = nixpkgsConfig;
home-manager = {
sharedModules = [ self.homeManagerModules.dotfiles ];
extraSpecialArgs = attrs;
};
home-manager = homeManagerConfig;
}
];
};
@ -73,17 +73,10 @@
modules = modules ++ [
self.nixOnDroidModules.dotfiles
{
home-manager.sharedModules = [ self.homeManagerModules.dotfiles ];
home-manager = homeManagerConfig;
}
];
};
homeManagerConfiguration = { system, modules ? [ ] }: home-manager.lib.homeManagerConfiguration {
specialArgs = attrs;
pkgs = import nixpkgs (nixpkgsConfig // {
inherit system;
});
modules = modules ++ [ self.homeManagerModules.dotfiles ];
};
};
in
{

View file

@ -23,7 +23,6 @@
./ssh.nix
./theme
./tmux
./usernix
./vim
];
}

View file

@ -1,8 +1,4 @@
{ pkgs, config, lib, ... }:
let
nixGLIntelPrefix = "${pkgs.nixgl.nixVulkanIntel}/bin/nixVulkanIntel ${pkgs.nixgl.nixGLIntel}/bin/nixGLIntel ";
wmPrefix = "${lib.optionalString config.frogeye.desktop.nixGLIntel nixGLIntelPrefix}";
in
{
imports = [
./audio
@ -25,7 +21,6 @@ in
scriptPath = ".config/xsession";
profilePath = ".config/xprofile";
windowManager = {
command = lib.mkForce "${wmPrefix} ${config.xsession.windowManager.i3.package}/bin/i3";
i3.enable = true;
};
numlock.enable = config.frogeye.desktop.numlock;

View file

@ -1,92 +0,0 @@
{ pkgs, lib, config, ... }:
let
ensureNixPath = "${config.xdg.configHome}/dotfiles/ensure_nix.sh";
# TODO Can we maybe use a lighter version of this?
in
{
config = lib.mkIf config.frogeye.userNix {
dconf.enable = lib.mkForce false;
# Otherwise standalone home-manager complains it can't find /etc/dbus-1/session.conf.
# Symlinking it to /usr/share/dbus-1/session.conf goes further but not much.
home.activation = {
# When Nix is installed in the user directory via a proot, systemd --user
# is started outside of it, so it cannot access /nix. So we need to:
# - Ensure files systemd access aren't via /nix.
# Sometimes there's multiple layers of redirection, so easiest way is
# to copy the file outside the store.
# - Wrap services entrypoints into a proot wrapper
prootSystemd = lib.hm.dag.entryBetween [ "reloadSystemd" ] [ "linkGeneration" ] ''
cd ${config.xdg.configHome}/systemd/user
${pkgs.findutils}/bin/find . -maxdepth 1 -type l | while read path
do
temp="$(mktemp -p "$PWD")"
${pkgs.gnused}/bin/sed 's|^Exec\S\+=|\0${ensureNixPath} |' "$path" > "$temp"
$DRY_RUN_CMD mv $VERBOSE_ARG "$temp" "$path"
rm -f "$temp"
done
# Targets (need to be symlinks to original)
${pkgs.findutils}/bin/find . -mindepth 2 -maxdepth 2 -type l | while read path
do
$DRY_RUN_CMD rm $VERBOSE_ARG "$path"
$DRY_RUN_CMD ln $VERBOSE_ARG -s "../$(basename "$path")" "$path"
done
'';
# Unless files were created by HM, it will complain that something is in the way, so we delete them.
# This is very ugly, as you're not supposed to write things before writeBoundary, but hey
prootSystemdClean = lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
$DRY_RUN_CMD rm $VERBOSE_ARG -rf ${config.xdg.configHome}/systemd/user
'';
# I wonder if it's possible to do this in a slightly more Nix way, without causing infinite recursion
# Create a graphical entrypoint by overriding one of the OS programs
graphicalEntrypoints =
let
graphicalBin = "${config.home.homeDirectory}/.local/bin";
graphicalProfile = pkgs.writeTextFile {
name = "graphical-profile";
text = ''
export PATH="${graphicalBin}:$PATH"
'';
};
graphicalEntrypoint = pkgs.writeTextFile {
name = "graphical-entrypoint";
text = ''
#!/bin/sh
exec ${ensureNixPath} ${config.xsession.scriptPath}
'';
executable = true;
};
in
# lib.mkIf config.frogeye.desktop.xorg # TODO Removed because wrong ordering or something?
lib.hm.dag.entryAfter [ "writeBoundary" ] ''
$DRY_RUN_CMD cp $VERBOSE_ARG -L -f ${graphicalProfile} ${config.home.homeDirectory}/.xprofile
$DRY_RUN_CMD cp $VERBOSE_ARG -L -f ${graphicalEntrypoint} ${graphicalBin}/cinnamon-session-cinnamon
'';
};
# Ubuntu gives you this for some reason, but it just makes warnings
xsession.initExtra = ''
unset LD_PRELOAD
'';
# Some systemd options don't work if you're running a proot inside, so they need to be relaxed
systemd.user = {
services = {
mpd.Service = {
# This tries to override PATH for some reason, which makes ensure_nix not work
Environment = lib.mkForce [ ];
# Since we're wrapping in ensure_nix, notifications for Type=notify
# will come from a process lower
NotifyAccess = "all";
};
# Below might be applicable on all services that use those options, but none is to test right now
syncthing.Service = {
PrivateUsers = lib.mkForce [ ];
RestrictNamespaces = lib.mkForce [ ];
SystemCallFilter = lib.mkForce [ ];
};
};
};
};
}

View file

@ -3,7 +3,6 @@
options.frogeye = {
extra = lib.mkEnableOption "Big software";
gaming = lib.mkEnableOption "Games";
userNix = lib.mkEnableOption "Nix is \"installed\" in ~/.nix";
polarity = lib.mkOption {
default = "light";
description = "Whether to use light theme or dark theme.";
@ -18,7 +17,6 @@
description = "A list of xrandr screen names from left to right.";
type = lib.types.listOf lib.types.str;
};
nixGLIntel = lib.mkEnableOption "Enable nixGLIntel/nixVulkanIntel for windows manager";
maxVideoHeight = lib.mkOption {
type = lib.types.int;
description = "Maximum video height in pixel the machine can reasonably watch";