update inputs

and remove some workarounds
2023-07-12 20:01:14 +07:00 · 2023-07-12 20:01:14 +07:00 · a6edc08515
parent ab6e49cab5
commit a6edc08515
11 changed files with 59 additions and 129 deletions
--- a/flake.lock
+++ b/flake.lock
@ -107,11 +107,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1688999869,
-        "narHash": "sha256-gLD2UI6+Nb9JV5Wh4FnLHAZwLMiY11RHYBKmBZCxLXc=",
+        "lastModified": 1689134369,
+        "narHash": "sha256-0G9dutIvhS/WUr3Awcnqw71g8EVVvvkOhVDnDDbY4Fw=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "a6d1d954b81caf4c9291b8ac35452fef842f289b",
+        "rev": "e42fb59768f0305085abde0dd27ab5e0cc15420c",
        "type": "github"
      },
      "original": {
@ -206,11 +206,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1688586836,
-        "narHash": "sha256-5uLYGa+8lysS1X5ehdU3ewmrMIG8p9+qS7yJ0LyhMHs=",
+        "lastModified": 1689103880,
+        "narHash": "sha256-vHRCkcpnBbFsPqUNXliUmdPU81jqyuL9ZPzj3vJx2RE=",
        "owner": "simple-nixos-mailserver",
        "repo": "nixos-mailserver",
-        "rev": "d460e9ff62ea1238fb3348a87326b743ae177902",
+        "rev": "69a4b7ad67d2732ba1f86666b3d4d2d83b15200e",
        "type": "gitlab"
      },
      "original": {
@ -241,16 +241,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1689008574,
-        "narHash": "sha256-VFMgyHDiqsGDkRg73alv6OdHJAqhybryWHv77bSCGIw=",
+        "lastModified": 1689168768,
+        "narHash": "sha256-mCw3LPg2jJkapvJpkd1IZ8k0IJlSG2ECvz3vcOAu+Uo=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "4a729ce4b1fe5ec4fffc71c67c96aa5184ebb462",
+        "rev": "6fd9edc94426a3c050ad589c8f033b5ca55454c7",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
-        "ref": "nixos-unstable",
+        "ref": "master",
        "repo": "nixpkgs",
        "type": "github"
      }
@ -288,6 +288,22 @@
        "type": "github"
      }
    },
+    "nixpkgs2": {
+      "locked": {
+        "lastModified": 1689008574,
+        "narHash": "sha256-VFMgyHDiqsGDkRg73alv6OdHJAqhybryWHv77bSCGIw=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "4a729ce4b1fe5ec4fffc71c67c96aa5184ebb462",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "notlua": {
      "inputs": {
        "nixpkgs": [
@ -315,11 +331,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1688609524,
-        "narHash": "sha256-Wqzk7qgiyGBZhy9PU0IIlaqnt3JCCOoxgS2/ZiGMtTc=",
+        "lastModified": 1689165382,
+        "narHash": "sha256-sBaEdI+lVJ6bcn287g3z8uc4wCRz9E+S5m67MWi/t6I=",
        "owner": "chayleaf",
        "repo": "notnft",
-        "rev": "442ec56617084bcc1b310cacb2e22e2c83bb6e3f",
+        "rev": "2ad8d7f831e05e0e646d345350f59b7030cb1cd6",
        "type": "github"
      },
      "original": {
@ -330,11 +346,11 @@
    },
    "nur": {
      "locked": {
-        "lastModified": 1689062700,
-        "narHash": "sha256-uUD+KBJfX8kLALpB8cvIgSZ/xGWS34zBRbSlWsIyx80=",
+        "lastModified": 1689162346,
+        "narHash": "sha256-/Aaygnbta0Dd5cyKZVk3AVA/MEmcWjEasYzUQa/tkJc=",
        "owner": "nix-community",
        "repo": "NUR",
-        "rev": "7d0ac0daa6e05b6619f9172be4f05f785882dfaa",
+        "rev": "b1a645e8e9fee78ad8e1f32575a29d1af8de9cf8",
        "type": "github"
      },
      "original": {
@ -354,6 +370,7 @@
        "nixos-mailserver": "nixos-mailserver",
        "nixos-router": "nixos-router",
        "nixpkgs": "nixpkgs",
+        "nixpkgs2": "nixpkgs2",
        "notlua": "notlua",
        "notnft": "notnft",
        "nur": "nur",
@ -368,11 +385,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1689042658,
-        "narHash": "sha256-p7cQAFNt5kX19sZvK74CmY0nTrtujpZg6sZUiV1ntAk=",
+        "lastModified": 1689129196,
+        "narHash": "sha256-/z/Al4sFcIh5oPQWA9MclQmJR9g3RO8UDiHGaj/T9R8=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "d7181bb2237035df17cab9295c95f987f5c527e6",
+        "rev": "db8d909c9526d4406579ee7343bf2d7de3d15eac",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,7 +2,8 @@
  description = "NixOS + Home Manager configuration of chayleaf";

  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    nixpkgs.url = "github:nixos/nixpkgs/master";
+    nixpkgs2.url = "github:nixos/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware";
    impermanence.url = "github:nix-community/impermanence";
    nur.url = "github:nix-community/NUR";
@ -45,7 +46,7 @@
    };
  };

-  outputs = inputs@{ self, nixpkgs, nixos-hardware, impermanence, home-manager, nur, nix-gaming, notlua, notnft, nixos-mailserver, nixos-router, maubot, ... }:
+  outputs = inputs@{ self, nixpkgs, nixpkgs2, nixos-hardware, impermanence, home-manager, nur, nix-gaming, notlua, notnft, nixos-mailserver, nixos-router, maubot, ... }:
  let
    # --impure required for developing
    # it takes the paths for modules from filesystem as opposed to flake inputs
@ -103,6 +104,7 @@
        specialArgs.server-config = nixosConfigurations.nixserver.config;
        modules = [
          {
+            _module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
            _module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
          }
          (import ./system/devices/bpi-r3-router.nix "emmc")
@ -111,10 +113,13 @@
      };
      router-sd = rec {
        system = "aarch64-linux";
-        specialArgs.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
        specialArgs.router-lib = if devNixRt then import /${devPath}/nixos-router/lib.nix { inherit (nixpkgs) lib; } else nixos-router.lib.${system};
        specialArgs.server-config = nixosConfigurations.nixserver.config;
        modules = [
+          {
+            _module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
+            _module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
+          }
          (import ./system/devices/bpi-r3-router.nix "sd")
          (if devNixRt then (import /${devPath}/nixos-router) else nixos-router.nixosModules.default)
        ];
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@ -16,14 +16,10 @@ in
  nixForNixPlugins = pkgs.nixVersions.nix_2_16;
  clang-tools_latest = pkgs.clang-tools_16;
  clang_latest = pkgs.clang_16;
-  steam-run = pkgs.steam-run.overrideAttrs (old: {
-    multiArch = true;
-  });
  home-daemon = callPackage ./home-daemon { };
  /*ghidra = pkgs.ghidra.overrideAttrs (old: {
    patches = old.patches ++ [ ./ghidra-stdcall.patch ];
  });*/
-  lalrpop = callPackage ./lalrpop { };
  # pin version
  looking-glass-client = pkgs.looking-glass-client.overrideAttrs (old: {
    version = "B6";
@ -37,7 +33,6 @@ in
  });
  kvmfrOverlay = kvmfr: kvmfr.overrideAttrs (old: {
    inherit (pkgs'.looking-glass-client) version src;
-    patches = [ ./kvmfr-linux6_4.patch ];
  });
  pineapplebot = callPackage ./pineapplebot.nix { };
  proton-ge = pkgs.stdenvNoCC.mkDerivation {
--- a/pkgs/lalrpop/default.nix
+++ b/pkgs/lalrpop/default.nix
@ -1,44 +0,0 @@
-{ lib
-, rustPlatform
-, rust
-, fetchFromGitHub
-, substituteAll
-, stdenv
-}:
-
-rustPlatform.buildRustPackage rec {
-  pname = "lalrpop";
-  version = "0.19.9";
-
-  src = fetchFromGitHub {
-    owner = "lalrpop";
-    repo = "lalrpop";
-    rev = version;
-    hash = "sha256-1jXLcIlyObo9eIg0q6CyUTGhcAyZ8TDGmxxYhVxgcS8=";
-  };
-
-  cargoHash = "sha256-o1zpkwBmU1f/BZ4RrWuF5YvgjLhQOBOEdSbmouLPKAo=";
-
-  patches = [
-    (substituteAll {
-      src = ./use-correct-binary-path-in-tests.patch;
-      target_triple = rust.toRustTarget stdenv.hostPlatform;
-    })
-  ];
-
-  buildAndTestSubdir = "lalrpop";
-
-  # there are some tests in lalrpop-test and some in lalrpop
-  checkPhase = ''
-    buildAndTestSubdir=lalrpop-test cargoCheckHook
-    cargoCheckHook
-  '';
-
-  meta = with lib; {
-    description = "LR(1) parser generator for Rust";
-    homepage = "https://github.com/lalrpop/lalrpop";
-    changelog = "https://github.com/lalrpop/lalrpop/blob/${src.rev}/RELEASES.md";
-    license = with licenses; [ asl20 /* or */ mit ];
-    maintainers = with maintainers; [ chayleaf ];
-  };
-}
--- a/pkgs/lalrpop/use-correct-binary-path-in-tests.patch
+++ b/pkgs/lalrpop/use-correct-binary-path-in-tests.patch
@ -1,13 +0,0 @@
-diff --git a/lalrpop-test/src/lib.rs b/lalrpop-test/src/lib.rs
-index 087df01..9361a9e 100644
--- a/lalrpop-test/src/lib.rs
-+++ b/lalrpop-test/src/lib.rs
-@@ -1031,7 +1031,7 @@ fn verify_lalrpop_generates_itself() {
-     // Don't remove the .rs file that already exist
-     fs::copy(&grammar_file, &copied_grammar_file).expect("no grammar file found");
- 
-    assert!(Command::new("../target/debug/lalrpop")
-+    assert!(Command::new("../target/@target_triple@/release/lalrpop")
-         .args(&[
-             "--force",
-             "--no-whitespace",
--- a/system/hardware/bpi-r3/default.nix
+++ b/system/hardware/bpi-r3/default.nix
@ -1,4 +1,5 @@
 { pkgs
+, pkgs2
 , config
 , ... }:

@ -9,7 +10,7 @@
  };

  # boot.kernelPackages = pkgs.linuxPackages_testing;
-  boot.kernelPackages = pkgs.linuxPackages_bpiR3;
+  boot.kernelPackages = pkgs2.linuxPackages_bpiR3;

  hardware.deviceTree.enable = true;
  hardware.deviceTree.filter = "mt7986a-bananapi-bpi-r3.dtb";
--- a/system/hosts/nixmsi.nix
+++ b/system/hosts/nixmsi.nix
@ -159,4 +159,6 @@
    man-pages man-pages-posix
  ];
  documentation.dev.enable = true;
+
+  impermanence.directories = [ /etc/nixos ];
 }
--- a/system/hosts/nixserver/matrix.nix
+++ b/system/hosts/nixserver/matrix.nix
@ -1,6 +1,5 @@
 { config
 , lib
-, pkgs
 , ... }:

 let
@ -50,37 +49,6 @@ in {
    enable = true;
    homeserver = "http://${lib.quoteListenAddr matrixAddr}:${toString matrixPort}/";
  };
-  # TODO: remove when https://github.com/NixOS/nixpkgs/pull/242912 is merged
-  systemd.services.heisenbridge.preStart = let
-    bridgeConfig = builtins.toFile "heisenbridge-registration.yml" (builtins.toJSON {
-      inherit (config.services.heisenbridge) namespaces; id = "heisenbridge";
-      url = config.services.heisenbridge.registrationUrl; rate_limited = false;
-      sender_localpart = "heisenbridge";
-    });
-  in lib.mkForce ''
-    umask 077
-    set -e -u -o pipefail
-
-    if ! [ -f "/var/lib/heisenbridge/registration.yml" ]; then
-      # Generate registration file if not present (actually, we only care about the tokens in it)
-      ${config.services.heisenbridge.package}/bin/heisenbridge --generate --config /var/lib/heisenbridge/registration.yml
-    fi
-
-    # Overwrite the registration file with our generated one (the config may have changed since then),
-    # but keep the tokens. Two step procedure to be failure safe
-    ${pkgs.yq}/bin/yq --slurp \
-      '.[0] + (.[1] | {as_token, hs_token})' \
-      ${bridgeConfig} \
-      /var/lib/heisenbridge/registration.yml \
-      > /var/lib/heisenbridge/registration.yml.new
-    mv -f /var/lib/heisenbridge/registration.yml.new /var/lib/heisenbridge/registration.yml
-
-    # Grant Synapse access to the registration
-    if ${pkgs.getent}/bin/getent group matrix-synapse > /dev/null; then
-      chgrp -v matrix-synapse /var/lib/heisenbridge/registration.yml
-      chmod -v g+r /var/lib/heisenbridge/registration.yml
-    fi
-  '';

  services.matrix-synapse = {
    enable = true;
--- a/system/hosts/router/default.nix
+++ b/system/hosts/router/default.nix
@ -465,6 +465,8 @@ in {
        allow_iot4 = add set { type = f: f.ipv4_addr; flags = f: with f; [ interval ]; };
        allow_iot6 = add set { type = f: f.ipv6_addr; flags = f: with f; [ interval ]; };

+        # TODO: is type=route hook=output better? it might help get rid of the routing inconsistency
+        # between router-originated and forwarded traffic
        prerouting = add chain { type = f: f.filter; hook = f: f.prerouting; prio = f: f.filter; policy = f: f.accept; } ([
          [(mangle meta.mark ct.mark)]
          [(is.ne meta.mark 0) accept]
--- a/system/modules/impermanence.nix
+++ b/system/modules/impermanence.nix
@ -15,7 +15,7 @@ in {
        };
        path = mkOption {
          type = types.path;
-          default = if cfg.enable then throw "You must set path to persistent storage" else "";
+          default = throw "You must set path to persistent storage";
          description = "Default path for persistence";
        };
        directories = mkOption {
@ -48,15 +48,12 @@ in {
      hideMounts = true;
      directories = map (x:
        if builtins.isPath x then toString x
-        else if builtins.isAttrs x && x?directory && builtins.isPath x.directory then x // { directory = toString x.directory; }
-        else x)
-      ([
-        # nixos files
-        { directory = /etc/nixos; user = "root"; group = "root"; mode = "0755"; }
+        else if builtins.isPath (x.directory or null) then x // { directory = toString x.directory; }
+        else x
+      ) ([
+        # the following two can't be created by impermanence (i.e. they have to exist on disk in stage 1)
        { directory = /var/lib/nixos; user = "root"; group = "root"; mode = "0755"; }
-
        { directory = /var/log; user = "root"; group = "root"; mode = "0755"; }
-
        # persist this since everything here is cleaned up by systemd-tmpfiles over time anyway
        # ...or so I'd like to believe
        { directory = /var/lib/systemd; user = "root"; group = "root"; mode = "0755"; }
@ -74,7 +71,7 @@ in {
        { directory = /var/lib/swtpm-localca; user = "root"; group = "root"; mode = "0750"; }
      ]) ++ lib.optionals config.networking.wireless.iwd.enable [
        { directory = /var/lib/iwd; user = "root"; group = "root"; mode = "0700"; }
-      ] ++ lib.optionals (builtins.any (x: x.useDHCP != false) (builtins.attrValues config.networking.interfaces) && config.networking.useDHCP) [
+      ] ++ lib.optionals (builtins.any (x: x.useDHCP != false) (builtins.attrValues config.networking.interfaces) || config.networking.useDHCP) [
        { directory = /var/db/dhcpcd; user = "root"; group = "root"; mode = "0755"; }
      ] ++ lib.optionals config.services.gitea.enable [
        { directory = /var/lib/gitea; user = "gitea"; group = "gitea"; mode = "0755"; }
@ -121,8 +118,9 @@ in {
      ] ++ cfg.directories);
      files = map (x:
        if builtins.isPath x then toString x
-        else if builtins.isAttrs x && x?file && builtins.isPath x.file then x // { file = toString x.file; }
-        else x) ([
+        else if builtins.isPath (x.file or null) then x // { file = toString x.file; }
+        else x
+      ) ([
        # hardware-related
        /etc/adjtime
        # needed at least for /var/log
--- a/system/modules/vfio.nix
+++ b/system/modules/vfio.nix
@ -132,7 +132,6 @@ in {
      ];
      # kvmfrOverlay is defined in pkgs/default.nix
      # I use it to keep looking-glass and kvmfr's version pinned
-      # (and in this case also to keep linux 6.4 compatibility)
      extraModulePackages =
        lib.mkIf enableIvshmem [ ((pkgs.kvmfrOverlay or lib.id) config.boot.kernelPackages.kvmfr) ];
      extraModprobeConfig = ''