From b3b71304f4e6d340d0d7651522aa02a8c980e246 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Sun, 13 Jun 2021 12:27:20 -0500 Subject: [PATCH 1/4] add upstream issue report template --- .github/ISSUE_TEMPLATE/upstream_notice.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/upstream_notice.md diff --git a/.github/ISSUE_TEMPLATE/upstream_notice.md b/.github/ISSUE_TEMPLATE/upstream_notice.md new file mode 100644 index 000000000..4ada54e3b --- /dev/null +++ b/.github/ISSUE_TEMPLATE/upstream_notice.md @@ -0,0 +1,16 @@ +--- +name: Upstream notice (Issues or Changes) +about: Create an upstream notice to help our research +title: '[ ]: ' +labels: 'upstream' +assignees: '' + +--- + +## Link + + + +## Context + From ba689edb8925b5601d4f74f92272db994ffd9f17 Mon Sep 17 00:00:00 2001 From: GTrunSec Date: Sun, 13 Jun 2021 21:48:43 -0700 Subject: [PATCH 2/4] feature: Add pkgs fetch manager nvfetcher Co-authored-by: David Arnold --- .gitignore | 2 ++ README.md | 28 +++++++++++--------- flake.lock | 53 +++++++++++++++++++++++++++++++------ flake.nix | 18 ++++++++----- overlays/manix.nix | 5 ++++ overlays/overrides.nix | 1 - pkgs/_sources/generated.nix | 17 ++++++++++++ pkgs/default.nix | 6 ++++- pkgs/flake.lock | 25 ----------------- pkgs/flake.nix | 52 ------------------------------------ pkgs/sources.nix | 1 + pkgs/sources.toml | 4 +++ 12 files changed, 106 insertions(+), 106 deletions(-) create mode 100644 overlays/manix.nix create mode 100644 pkgs/_sources/generated.nix delete mode 100644 pkgs/flake.lock delete mode 100644 pkgs/flake.nix create mode 120000 pkgs/sources.nix create mode 100644 pkgs/sources.toml diff --git a/.gitignore b/.gitignore index e2486b12f..1721f0d9d 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,5 @@ doc/index.html vm iso doi + +pkgs/_sources/.shake* diff --git a/README.md b/README.md index f347f4a2f..78c30ea43 100644 --- a/README.md +++ b/README.md @@ -69,6 +69,7 @@ following giants][giants]: ### :family: — like family - [`numtide/devshell`][devshell] - [`serokell/deploy-rs`][deploy] +- [`berberman/nvfetcher`][nvfetcher] - [`NixOS/nixpkgs`][nixpkgs] :heart: @@ -94,22 +95,23 @@ goals are sufficiently upstreamed into "the Nix", dissolved. # License DevOS is licensed under the [MIT License][mit]. -[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake -[nixpkgs]: https://github.com/NixOS/nixpkgs +[community]: https://github.com/divnix/devos/tree/community +[core]: https://github.com/divnix/devos [deploy]: https://github.com/serokell/deploy-rs -[toc]: https://github.com/divnix/devos/blob/core/flake.nix -[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants +[devshell]: https://github.com/numtide/devshell [digga]: https://github.com/divnix/digga -[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus +[dotfiles]: https://github.com/hlissner/dotfiles +[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md +[flakes]: https://nixos.wiki/wiki/Flakes [fu]: https://github.com/numtide/flake-utils -[devshell]: https://github.com/numtide/devshell -[nix]: https://nixos.org/manual/nix/stable +[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus +[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants +[home-manager]: https://nix-community.github.io/home-manager [mit]: https://mit-license.org +[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake +[nix]: https://nixos.org/manual/nix/stable [nixos]: https://nixos.org/manual/nixos/stable -[home-manager]: https://nix-community.github.io/home-manager -[flakes]: https://nixos.wiki/wiki/Flakes -[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md -[core]: https://github.com/divnix/devos -[community]: https://github.com/divnix/devos/tree/community -[dotfiles]: https://github.com/hlissner/dotfiles +[nixpkgs]: https://github.com/NixOS/nixpkgs +[nvfetcher]: https://github.com/berberman/nvfetcher [please]: https://github.com/nrdxp/devos/tree/nrd +[toc]: https://github.com/divnix/devos/blob/core/flake.nix diff --git a/flake.lock b/flake.lock index e0411771d..d4f7ccb8d 100644 --- a/flake.lock +++ b/flake.lock @@ -159,6 +159,22 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1606424373, + "narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1620759905, @@ -174,6 +190,21 @@ "type": "github" } }, + "flake-utils_2": { + "locked": { + "lastModified": 1620759905, + "narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home": { "inputs": { "nixpkgs": [ @@ -339,20 +370,26 @@ "type": "indirect" } }, - "pkgs": { + "nvfetcher-flake": { "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_2", "nixpkgs": [ - "nixos" + "latest" ] }, "locked": { - "narHash": "sha256-Zs7dc0dNNa0Z3//+Gckxj7SKrMqVovY0xZZ1z8xWnEg=", - "path": "./pkgs", - "type": "path" + "lastModified": 1623767613, + "narHash": "sha256-dckkA2T0rxWXsVjip4nYpIY+9Ex/0CvWlGdOoR9nq2M=", + "owner": "berberman", + "repo": "nvfetcher", + "rev": "f02c9c0d4b7efa339f6f52bc5a0ea5c9ce209566", + "type": "github" }, "original": { - "path": "./pkgs", - "type": "path" + "owner": "berberman", + "repo": "nvfetcher", + "type": "github" } }, "pre-commit-hooks-nix": { @@ -383,7 +420,7 @@ "nixos": "nixos", "nixos-hardware": "nixos-hardware", "nur": "nur", - "pkgs": "pkgs" + "nvfetcher-flake": "nvfetcher-flake" } }, "utils": { diff --git a/flake.nix b/flake.nix index 359aa31ab..6ba53cef7 100644 --- a/flake.nix +++ b/flake.nix @@ -21,13 +21,12 @@ agenix.inputs.nixpkgs.follows = "latest"; nixos-hardware.url = "github:nixos/nixos-hardware"; - pkgs.url = "path:./pkgs"; - pkgs.inputs.nixpkgs.follows = "nixos"; + nvfetcher-flake.url = "github:berberman/nvfetcher"; + nvfetcher-flake.inputs.nixpkgs.follows = "latest"; }; outputs = { self - , pkgs , digga , nixos , ci-agent @@ -35,6 +34,7 @@ , nixos-hardware , nur , agenix + , nvfetcher-flake , ... } @ inputs: digga.lib.mkFlake { @@ -46,10 +46,10 @@ nixos = { imports = [ (digga.lib.importers.overlays ./overlays) ]; overlays = [ - ./pkgs/default.nix - pkgs.overlay # for `srcs` nur.overlay agenix.overlay + nvfetcher-flake.overlay + ./pkgs/default.nix ]; }; latest = { }; @@ -106,7 +106,13 @@ }; devshell.externalModules = { pkgs, ... }: { - packages = [ pkgs.agenix ]; + commands = [ + { package = pkgs.agenix; category = "secrets"; } + { + name = pkgs.nvfetcher-bin.pname; + help = pkgs.nvfetcher-bin.meta.description; + command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml $@"; } + ]; }; homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; diff --git a/overlays/manix.nix b/overlays/manix.nix new file mode 100644 index 000000000..d39baa746 --- /dev/null +++ b/overlays/manix.nix @@ -0,0 +1,5 @@ +final: prev: { + manix = prev.manix.overrideAttrs (o: rec{ + inherit (prev.sources.manix) pname version src; + }); +} diff --git a/overlays/overrides.nix b/overlays/overrides.nix index 629f44b16..da1f0ee0d 100644 --- a/overlays/overrides.nix +++ b/overlays/overrides.nix @@ -7,7 +7,6 @@ channels: final: prev: { dhall discord element-desktop - manix rage nixpkgs-fmt qutebrowser diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix new file mode 100644 index 000000000..e7f73dd61 --- /dev/null +++ b/pkgs/_sources/generated.nix @@ -0,0 +1,17 @@ +# This file was generated by nvfetcher, please do not modify it manually. +{ fetchgit, fetchurl }: +{ + manix = { + pname = "manix"; + version = "v0.6.3"; + src = fetchgit { + url = "https://github.com/mlvzk/manix"; + rev = "v0.6.3"; + fetchSubmodules = false; + deepClone = false; + leaveDotGit = false; + sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs"; + }; + + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index ce1687071..4358bcac9 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1 +1,5 @@ -final: prev: { } +final: prev: { + # keep sources this first + sources = prev.callPackage (import ./sources.nix) { }; + # then, call packages with `final.callPackage` +} diff --git a/pkgs/flake.lock b/pkgs/flake.lock deleted file mode 100644 index ef3f5a9a4..000000000 --- a/pkgs/flake.lock +++ /dev/null @@ -1,25 +0,0 @@ -{ - "nodes": { - "nixpkgs": { - "locked": { - "lastModified": 1615926763, - "narHash": "sha256-yeq8A3EPNuQVlsxlEQrIRsklfJwJK0Us6jtcG/u8wNs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b702a56d417647de4090ac56c0f18bdc7e646610", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "root": { - "inputs": { - "nixpkgs": "nixpkgs" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/pkgs/flake.nix b/pkgs/flake.nix deleted file mode 100644 index 1b6cc0a2d..000000000 --- a/pkgs/flake.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - description = "Package Sources"; - - inputs = { }; - - outputs = { self, nixpkgs, ... }: { - overlay = final: prev: { - inherit (self) srcs; - }; - - srcs = - let - inherit (nixpkgs) lib; - - mkVersion = name: input: - let - inputs = (builtins.fromJSON - (builtins.readFile ./flake.lock)).nodes; - - ref = - if lib.hasAttrByPath [ name "original" "ref" ] inputs - then inputs.${name}.original.ref - else ""; - - version = - let version' = builtins.match - "[[:alpha:]]*[-._]?([0-9]+(\.[0-9]+)*)+" - ref; - in - if lib.isList version' - then lib.head version' - else if input ? lastModifiedDate && input ? shortRev - then "${lib.substring 0 8 input.lastModifiedDate}_${input.shortRev}" - else null; - in - version; - in - lib.mapAttrs - (pname: input: - let - version = mkVersion pname input; - in - input // { inherit pname; } - // lib.optionalAttrs (! isNull version) - { - inherit version; - } - ) - (lib.filterAttrs (n: _: n != "nixpkgs") - self.inputs); - }; -} diff --git a/pkgs/sources.nix b/pkgs/sources.nix new file mode 120000 index 000000000..cfc2c575d --- /dev/null +++ b/pkgs/sources.nix @@ -0,0 +1 @@ +_sources/generated.nix \ No newline at end of file diff --git a/pkgs/sources.toml b/pkgs/sources.toml new file mode 100644 index 000000000..f7af168e0 --- /dev/null +++ b/pkgs/sources.toml @@ -0,0 +1,4 @@ +# nvfetcher.toml +[manix] +src.git = "https://github.com/mlvzk/manix" +fetch.github = "mlvzk/manix" From d80f6aabe08e213ba16ca9cb484603f23427e868 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Wed, 16 Jun 2021 17:25:37 -0500 Subject: [PATCH 3/4] doc: nvfetcher --- doc/SUMMARY.md | 1 + doc/integrations/nvfetcher.md | 43 +++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 doc/integrations/nvfetcher.md diff --git a/doc/SUMMARY.md b/doc/SUMMARY.md index e2b6e9a4e..4378683f6 100644 --- a/doc/SUMMARY.md +++ b/doc/SUMMARY.md @@ -31,5 +31,6 @@ - [Integrations](./integrations/index.md) - [Cachix](./integrations/cachix.md) - [Deploy RS](./integrations/deploy.md) + - [NvFetcher](./integrations/nvfetcher.md) - [Hercules CI](./integrations/hercules.md) - [Contributing](./CONTRIBUTING.md) diff --git a/doc/integrations/nvfetcher.md b/doc/integrations/nvfetcher.md new file mode 100644 index 000000000..2bfaa0296 --- /dev/null +++ b/doc/integrations/nvfetcher.md @@ -0,0 +1,43 @@ +# nvfetcher +[NvFetcher][nvf] is a workflow companion for updating nix sources. + +You can specify an origin source and an update configuration, and +nvfetcher can for example track updates to a specific branch and +automatically update your nix sources configuration on each run +to the tip of that branch. + +All package source declaration is done in [sources.toml][sources.toml]. + +From within the devshell of this repo, run `nvfetcher`, a wrapped +version of `nvfetcher` that knows where to find and place its files +and commit the results. + +## Usage + +Statically fetching (not tracking) a particular tag from a github repo: +```toml +[manix] +src.manual = "v0.6.3" +fetch.github = "mlvzk/manix" +``` + +Tracking the latest github _release_ from a github repo: +```toml +[manix] +src.github = "mlvzk/manix" # responsible for tracking +fetch.github = "mlvzk/manix" # responsible for fetching +``` + +Tracking the latest commit of a git repository and fetch from a git repo: +```toml +[manix] +src.git = "https://github.com/mlvzk/manix.git" # responsible for tracking +fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching +``` + +> ##### _Note:_ +> Please refer to the [NvFetcher Readme][nvf-readme] for more options. + +[nvf: https://github.com/berberman/nvfetcher +[nvf-readme]: https://github.com/berberman/nvfetcher#readme +[sources.toml]: https://github.com/divnix/devos/tree/core/pkgs/sources.toml From f536ba073677a4686e20060f447ef7bc9ffc2fe6 Mon Sep 17 00:00:00 2001 From: Pacman99 Date: Wed, 16 Jun 2021 17:22:50 -0700 Subject: [PATCH 4/4] flake: switch digga input to develop --- flake.lock | 57 +++++++++++++++++++++++++++++++++++++++++++----------- flake.nix | 2 +- 2 files changed, 47 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index d4f7ccb8d..f5d2c443d 100644 --- a/flake.lock +++ b/flake.lock @@ -109,20 +109,21 @@ "deploy": "deploy", "devshell": "devshell", "nixlib": "nixlib", - "nixpkgs": "nixpkgs_2", + "nixos-generators": "nixos-generators", + "nixpkgs": "nixpkgs_3", "utils": "utils_2" }, "locked": { - "lastModified": 1623197477, - "narHash": "sha256-2Qk/uIHb1nXre2rRlGonAJmpuamBs7RRfgXhMmS5JkU=", + "lastModified": 1623887085, + "narHash": "sha256-cITw+jFKJ/k77wq4UPxkXJwIPEKO8wQlH1YlT2mYy+A=", "owner": "divnix", "repo": "digga", - "rev": "f69703abc33f221b676966a8435c4f09ef70ff49", + "rev": "0bc7729d22e81407823a9877b720ffc4d7cfa154", "type": "github" }, "original": { "owner": "divnix", - "ref": "master", + "ref": "develop", "repo": "digga", "type": "github" } @@ -177,11 +178,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1620759905, - "narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=", + "lastModified": 1623660459, + "narHash": "sha256-OTmOsh43po7r5F9s9H6lVCBQ2b0FikWbmiwLbMAGRdw=", "owner": "numtide", "repo": "flake-utils", - "rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8", + "rev": "98c8d36b1828009b20f12544214683c7489935a1", "type": "github" }, "original": { @@ -310,6 +311,24 @@ "type": "indirect" } }, + "nixos-generators": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1623670987, + "narHash": "sha256-0RT49gps46pgvEmF15ruq95S9X8RK7K59f5UXJvne+I=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "4235c308078f4961f22ba471cf14c2f2623e9bd6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1615652054, @@ -342,6 +361,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1619285658, + "narHash": "sha256-GKbj/KKo8Z2WsEURFtWHbPI917NrUnD4H2J4lKUsSWI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "118485230c02d13f62133bce43177ffd49495694", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1620962350, "narHash": "sha256-9ASW4d4/Z8HmRvuJI8rxbEOTbXTBpQ8y+CmFYBwtXzE=", @@ -443,11 +478,11 @@ "flake-utils": "flake-utils" }, "locked": { - "lastModified": 1622583383, - "narHash": "sha256-2DFx619SNfjzYwqx1ryae8zHnTh+N7VsZkbtAbrYIIA=", + "lastModified": 1623776596, + "narHash": "sha256-+5+fx76ucxUffw3AtzG56U/xTFk65RV+qIsBzBHjXzg=", "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", - "rev": "6b2ea4b02cad77fac581c6a9ec4f822ba87dce5c", + "rev": "e9cfad74a79430bfdd391a6073cc581c1b1504c8", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6ba53cef7..c2d861e4a 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ { nixos.url = "nixpkgs/nixos-unstable"; latest.url = "nixpkgs"; - digga.url = "github:divnix/digga/master"; + digga.url = "github:divnix/digga/develop"; ci-agent = { url = "github:hercules-ci/hercules-ci-agent";