nix-plugins built for a newer nix versions than pkgs.nix makes using
pkgs.nix impossible, and overriding pkgs.nix globally breaks some
derivations, so I have to do per-app overrides (couldn't find a way to
revert it for a single app for some reason). This reverts a nix-plugins
update to 2.16 so I can build it for 2.15 and escape the "symbol not
found" hell.
also override nixVersions.unstable to be 2.15 as well
finally, use custom code for atuin integration because I hate the way it
normally hijacks my up key
This uses a native plugin (pkgs.nix-plugins) to avoid using --impure,
other options involving secret files are too limited for my use case as
I need eval-time access to secrets. Moving it to a private flake is
another option, but Nix flakes are poorly suited for non-monorepos.
Previously I just renamed .git to .git.bak to make sure Nix pulls the
"private" subdir into store as well, but this new system may be more
robust and can be extended to way be more secure in the future (e.g.
right now I copy the secret .nix files to store, but in general there's
no need to do that).
Of course the main drawback is that now I require a plugin for this
flake to work.
chayleaf