✨🚧 working on the 'apple' system (might move to new refactored version)

+562

.devenv/bootstrap/bootstrapLib.nix

··· 1 + # Shared library functions for devenv evaluation 2 + { inputs }: 3 + 4 + rec { 5 + # Helper to get overlays for a given input 6 + getOverlays = 7 + inputName: inputAttrs: 8 + let 9 + lib = inputs.nixpkgs.lib; 10 + in 11 + map 12 + ( 13 + overlay: 14 + let 15 + input = 16 + inputs.${inputName} or (throw "No such input `${inputName}` while trying to configure overlays."); 17 + in 18 + input.overlays.${overlay} 19 + or (throw "Input `${inputName}` has no overlay called `${overlay}`. Supported overlays: ${lib.concatStringsSep ", " (builtins.attrNames input.overlays)}") 20 + ) inputAttrs.overlays or [ ]; 21 + 22 + # Main function to create devenv configuration for a specific system with profiles support 23 + # This is the full-featured version used by default.nix 24 + mkDevenvForSystem = 25 + { version 26 + , is_development_version ? false 27 + , system 28 + , devenv_root 29 + , git_root ? null 30 + , devenv_dotfile 31 + , devenv_dotfile_path 32 + , devenv_tmpdir 33 + , devenv_runtime 34 + , devenv_state ? null 35 + , devenv_istesting ? false 36 + , devenv_direnvrc_latest_version 37 + , container_name ? null 38 + , active_profiles ? [ ] 39 + , hostname 40 + , username 41 + , cli_options ? [ ] 42 + , skip_local_src ? false 43 + , secretspec ? null 44 + , devenv_inputs ? { } 45 + , devenv_imports ? [ ] 46 + , impure ? false 47 + , nixpkgs_config ? { } 48 + , lock_fingerprint ? null 49 + , primops ? { } 50 + }: 51 + let 52 + inherit (inputs) nixpkgs; 53 + lib = nixpkgs.lib; 54 + targetSystem = system; 55 + 56 + overlays = lib.flatten (lib.mapAttrsToList getOverlays devenv_inputs); 57 + 58 + # Helper to create pkgs for a given system with nixpkgs_config 59 + mkPkgsForSystem = 60 + evalSystem: 61 + import nixpkgs { 62 + system = evalSystem; 63 + config = nixpkgs_config // { 64 + allowUnfreePredicate = 65 + if nixpkgs_config.allowUnfree or false then 66 + (_: true) 67 + else if (nixpkgs_config.permittedUnfreePackages or [ ]) != [ ] then 68 + (pkg: builtins.elem (lib.getName pkg) (nixpkgs_config.permittedUnfreePackages or [ ])) 69 + else 70 + (_: false); 71 + }; 72 + inherit overlays; 73 + }; 74 + 75 + pkgsBootstrap = mkPkgsForSystem targetSystem; 76 + 77 + # Helper to import a path, trying .nix first then /devenv.nix 78 + # Returns a list of modules, including devenv.local.nix when present 79 + tryImport = 80 + resolvedPath: basePath: 81 + if lib.hasSuffix ".nix" basePath then 82 + [ (import resolvedPath) ] 83 + else 84 + let 85 + devenvpath = resolvedPath + "/devenv.nix"; 86 + localpath = resolvedPath + "/devenv.local.nix"; 87 + in 88 + if builtins.pathExists devenvpath then 89 + [ (import devenvpath) ] ++ lib.optional (builtins.pathExists localpath) (import localpath) 90 + else 91 + throw (basePath + "/devenv.nix file does not exist"); 92 + 93 + importModule = 94 + path: 95 + if lib.hasPrefix "path:" path then 96 + # path: prefix indicates a local filesystem path - strip it and import directly 97 + let 98 + actualPath = builtins.substring 5 999999 path; 99 + in 100 + tryImport (/. + actualPath) path 101 + else if lib.hasPrefix "/" path then 102 + # Absolute path - import directly (avoids input resolution and NAR hash computation) 103 + tryImport (/. + path) path 104 + else if lib.hasPrefix "./" path then 105 + # Relative paths are relative to devenv_root, not bootstrap directory 106 + let 107 + relPath = builtins.substring 1 255 path; 108 + in 109 + tryImport (/. + devenv_root + relPath) path 110 + else if lib.hasPrefix "../" path then 111 + # Parent relative paths also relative to devenv_root 112 + tryImport (/. + devenv_root + "/${path}") path 113 + else 114 + let 115 + paths = lib.splitString "/" path; 116 + name = builtins.head paths; 117 + input = inputs.${name} or (throw "Unknown input ${name}"); 118 + subpath = "/${lib.concatStringsSep "/" (builtins.tail paths)}"; 119 + devenvpath = input + subpath; 120 + in 121 + tryImport devenvpath path; 122 + 123 + # Common modules shared between main evaluation and cross-system evaluation 124 + mkCommonModules = 125 + evalPkgs: 126 + [ 127 + ( 128 + { config, ... }: 129 + { 130 + _module.args.pkgs = evalPkgs.appendOverlays (config.overlays or [ ]); 131 + _module.args.secretspec = secretspec; 132 + _module.args.devenvPrimops = primops; 133 + } 134 + ) 135 + (inputs.devenv.modules + /top-level.nix) 136 + ( 137 + { options, ... }: 138 + { 139 + config.devenv = lib.mkMerge [ 140 + { 141 + root = devenv_root; 142 + dotfile = devenv_dotfile; 143 + } 144 + ( 145 + if builtins.hasAttr "cli" options.devenv then 146 + { 147 + cli.version = version; 148 + cli.isDevelopment = is_development_version; 149 + } 150 + else 151 + { 152 + cliVersion = version; 153 + } 154 + ) 155 + (lib.optionalAttrs (builtins.hasAttr "tmpdir" options.devenv) { 156 + tmpdir = devenv_tmpdir; 157 + }) 158 + (lib.optionalAttrs (builtins.hasAttr "isTesting" options.devenv) { 159 + isTesting = devenv_istesting; 160 + }) 161 + (lib.optionalAttrs (builtins.hasAttr "runtime" options.devenv) { 162 + runtime = devenv_runtime; 163 + }) 164 + (lib.optionalAttrs (builtins.hasAttr "state" options.devenv && devenv_state != null) { 165 + state = lib.mkForce devenv_state; 166 + }) 167 + (lib.optionalAttrs (builtins.hasAttr "direnvrcLatestVersion" options.devenv) { 168 + direnvrcLatestVersion = devenv_direnvrc_latest_version; 169 + }) 170 + ]; 171 + } 172 + ) 173 + ( 174 + { options, ... }: 175 + { 176 + config = lib.mkMerge [ 177 + (lib.optionalAttrs (builtins.hasAttr "git" options) { 178 + git.root = git_root; 179 + }) 180 + ]; 181 + } 182 + ) 183 + (lib.optionalAttrs (container_name != null) { 184 + container.isBuilding = lib.mkForce true; 185 + containers.${container_name}.isBuilding = true; 186 + }) 187 + ] 188 + ++ (lib.flatten (map importModule devenv_imports)) 189 + ++ (if !skip_local_src then (importModule (devenv_root + "/devenv.nix")) else [ ]) 190 + ++ [ 191 + ( 192 + let 193 + localPath = devenv_root + "/devenv.local.nix"; 194 + in 195 + if builtins.pathExists localPath then import localPath else { } 196 + ) 197 + cli_options 198 + ]; 199 + 200 + # Phase 1: Base evaluation to extract profile definitions 201 + baseProject = lib.evalModules { 202 + specialArgs = inputs // { 203 + inherit inputs secretspec primops; 204 + }; 205 + modules = mkCommonModules pkgsBootstrap; 206 + }; 207 + 208 + # Phase 2: Extract and apply profiles using extendModules with priority overrides 209 + project = 210 + let 211 + # Build ordered list of profile names: hostname -> user -> manual 212 + manualProfiles = active_profiles; 213 + currentHostname = hostname; 214 + currentUsername = username; 215 + hostnameProfiles = lib.optional 216 + ( 217 + currentHostname != null 218 + && currentHostname != "" 219 + && builtins.hasAttr currentHostname (baseProject.config.profiles.hostname or { }) 220 + ) "hostname.${currentHostname}"; 221 + userProfiles = lib.optional 222 + ( 223 + currentUsername != null 224 + && currentUsername != "" 225 + && builtins.hasAttr currentUsername (baseProject.config.profiles.user or { }) 226 + ) "user.${currentUsername}"; 227 + 228 + # Ordered list of profiles to activate 229 + orderedProfiles = hostnameProfiles ++ userProfiles ++ manualProfiles; 230 + 231 + # Resolve profile extends with cycle detection 232 + resolveProfileExtends = 233 + profileName: visited: 234 + if builtins.elem profileName visited then 235 + throw "Circular dependency detected in profile extends: ${lib.concatStringsSep " -> " visited} -> ${profileName}" 236 + else 237 + let 238 + profile = getProfileConfig profileName; 239 + extends = profile.extends or [ ]; 240 + newVisited = visited ++ [ profileName ]; 241 + extendedProfiles = lib.flatten (map (name: resolveProfileExtends name newVisited) extends); 242 + in 243 + extendedProfiles ++ [ profileName ]; 244 + 245 + # Get profile configuration by name from baseProject 246 + getProfileConfig = 247 + profileName: 248 + if lib.hasPrefix "hostname." profileName then 249 + let 250 + name = lib.removePrefix "hostname." profileName; 251 + in 252 + baseProject.config.profiles.hostname.${name} 253 + else if lib.hasPrefix "user." profileName then 254 + let 255 + name = lib.removePrefix "user." profileName; 256 + in 257 + baseProject.config.profiles.user.${name} 258 + else 259 + let 260 + availableProfiles = builtins.attrNames (baseProject.config.profiles or { }); 261 + hostnameProfiles = map (n: "hostname.${n}") ( 262 + builtins.attrNames (baseProject.config.profiles.hostname or { }) 263 + ); 264 + userProfiles = map (n: "user.${n}") (builtins.attrNames (baseProject.config.profiles.user or { })); 265 + allAvailableProfiles = availableProfiles ++ hostnameProfiles ++ userProfiles; 266 + in 267 + baseProject.config.profiles.${profileName} 268 + or (throw "Profile '${profileName}' not found. Available profiles: ${lib.concatStringsSep ", " allAvailableProfiles}"); 269 + 270 + # Fold over ordered profiles to build final list with extends 271 + expandedProfiles = lib.foldl' 272 + ( 273 + acc: profileName: 274 + let 275 + allProfileNames = resolveProfileExtends profileName [ ]; 276 + in 277 + acc ++ allProfileNames 278 + ) [ ] 279 + orderedProfiles; 280 + 281 + # Map over expanded profiles and apply priorities 282 + allPrioritizedModules = lib.imap0 283 + ( 284 + index: profileName: 285 + let 286 + profilePriority = (lib.modules.defaultOverridePriority - 1) - index; 287 + profileConfig = getProfileConfig profileName; 288 + 289 + typeNeedsOverride = 290 + type: 291 + if type == null then 292 + false 293 + else 294 + let 295 + typeName = type.name or type._type or ""; 296 + 297 + isLeafType = builtins.elem typeName [ 298 + "str" 299 + "int" 300 + "bool" 301 + "enum" 302 + "path" 303 + "package" 304 + "float" 305 + "anything" 306 + ]; 307 + in 308 + if isLeafType then 309 + true 310 + else if typeName == "nullOr" then 311 + let 312 + innerType = 313 + type.elemType 314 + or (if type ? nestedTypes && type.nestedTypes ? elemType then type.nestedTypes.elemType else null); 315 + in 316 + if innerType != null then typeNeedsOverride innerType else false 317 + else 318 + false; 319 + 320 + pathNeedsOverride = 321 + optionPath: 322 + let 323 + directOption = lib.attrByPath optionPath null baseProject.options; 324 + in 325 + if directOption != null && lib.isOption directOption then 326 + typeNeedsOverride directOption.type 327 + else if optionPath != [ ] then 328 + let 329 + parentPath = lib.init optionPath; 330 + parentOption = lib.attrByPath parentPath null baseProject.options; 331 + in 332 + if parentOption != null && lib.isOption parentOption then 333 + let 334 + freeformType = parentOption.type.freeformType or parentOption.type.nestedTypes.freeformType or null; 335 + elementType = 336 + if freeformType ? elemType then 337 + freeformType.elemType 338 + else if freeformType ? nestedTypes && freeformType.nestedTypes ? elemType then 339 + freeformType.nestedTypes.elemType 340 + else 341 + freeformType; 342 + in 343 + typeNeedsOverride elementType 344 + else 345 + false 346 + else 347 + false; 348 + 349 + applyModuleOverride = 350 + config: 351 + if builtins.isFunction config then 352 + let 353 + wrapper = args: applyOverrideRecursive (config args) [ ]; 354 + in 355 + lib.mirrorFunctionArgs config wrapper 356 + else 357 + applyOverrideRecursive config [ ]; 358 + 359 + applyOverrideRecursive = 360 + config: optionPath: 361 + if lib.isAttrs config && config ? _type then 362 + config 363 + else if lib.isAttrs config then 364 + lib.mapAttrs (name: value: applyOverrideRecursive value (optionPath ++ [ name ])) config 365 + else if pathNeedsOverride optionPath then 366 + lib.mkOverride profilePriority config 367 + else 368 + config; 369 + 370 + prioritizedConfig = ( 371 + profileConfig.module 372 + // { 373 + imports = lib.map 374 + ( 375 + importItem: 376 + importItem 377 + // { 378 + imports = lib.map (nestedImport: applyModuleOverride nestedImport) (importItem.imports or [ ]); 379 + } 380 + ) 381 + (profileConfig.module.imports or [ ]); 382 + } 383 + ); 384 + in 385 + prioritizedConfig 386 + ) 387 + expandedProfiles; 388 + in 389 + if allPrioritizedModules == [ ] then 390 + baseProject 391 + else 392 + baseProject.extendModules { modules = allPrioritizedModules; }; 393 + 394 + config = project.config; 395 + 396 + # Apply config overlays to pkgs 397 + pkgs = pkgsBootstrap.appendOverlays (config.overlays or [ ]); 398 + 399 + options = pkgs.nixosOptionsDoc { 400 + options = builtins.removeAttrs project.options [ "_module" ]; 401 + warningsAreErrors = false; 402 + transformOptions = 403 + let 404 + isDocType = 405 + v: 406 + builtins.elem v [ 407 + "literalDocBook" 408 + "literalExpression" 409 + "literalMD" 410 + "mdDoc" 411 + ]; 412 + in 413 + lib.attrsets.mapAttrs ( 414 + _: v: 415 + if v ? _type && isDocType v._type then 416 + v.text 417 + else if v ? _type && v._type == "derivation" then 418 + v.name 419 + else 420 + v 421 + ); 422 + }; 423 + 424 + build = 425 + options: config: 426 + lib.concatMapAttrs 427 + ( 428 + name: option: 429 + if lib.isOption option then 430 + let 431 + typeName = option.type.name or ""; 432 + in 433 + if 434 + builtins.elem typeName [ 435 + "output" 436 + "outputOf" 437 + ] 438 + then 439 + { 440 + ${name} = config.${name}; 441 + } 442 + else 443 + { } 444 + else if builtins.isAttrs option && !lib.isDerivation option then 445 + let 446 + v = build option config.${name}; 447 + in 448 + if v != { } then { ${name} = v; } else { } 449 + else 450 + { } 451 + ) 452 + options; 453 + 454 + # Helper to evaluate devenv for a specific system (for cross-compilation, e.g. macOS building Linux containers) 455 + evalForSystem = 456 + evalSystem: 457 + let 458 + evalPkgs = mkPkgsForSystem evalSystem; 459 + evalProject = lib.evalModules { 460 + specialArgs = inputs // { 461 + inherit inputs secretspec primops; 462 + }; 463 + modules = mkCommonModules evalPkgs; 464 + }; 465 + in 466 + { 467 + config = evalProject.config; 468 + }; 469 + 470 + # All supported systems for cross-compilation (lazily evaluated) 471 + allSystems = [ 472 + "x86_64-linux" 473 + "aarch64-linux" 474 + "x86_64-darwin" 475 + "aarch64-darwin" 476 + ]; 477 + 478 + # Generate perSystem entries for all systems (only evaluated when accessed) 479 + perSystemConfigs = lib.genAttrs allSystems ( 480 + perSystem: if perSystem == targetSystem then { config = config; } else evalForSystem perSystem 481 + ); 482 + in 483 + { 484 + inherit 485 + pkgs 486 + config 487 + options 488 + project 489 + ; 490 + bash = pkgs.bash; 491 + shell = config.shell; 492 + optionsJSON = options.optionsJSON; 493 + info = config.info; 494 + ci = config.ciDerivation; 495 + build = build project.options config; 496 + devenv = { 497 + # Backwards compatibility: wrap config in devenv attribute for code expecting devenv.config.* 498 + config = config; 499 + # perSystem structure for cross-compilation (e.g. macOS building Linux containers) 500 + perSystem = perSystemConfigs; 501 + }; 502 + }; 503 + 504 + # Simplified devenv evaluation for inputs 505 + # This is a lightweight version suitable for evaluating an input's devenv.nix 506 + mkDevenvForInput = 507 + { 508 + # The input to evaluate (must have outPath and sourceInfo) 509 + input 510 + , # All resolved inputs (for specialArgs) 511 + allInputs 512 + , # System to evaluate for 513 + system ? builtins.currentSystem 514 + , # Nixpkgs to use (defaults to allInputs.nixpkgs) 515 + nixpkgs ? allInputs.nixpkgs or (throw "nixpkgs input required") 516 + , # Devenv modules (defaults to allInputs.devenv) 517 + devenv ? allInputs.devenv or (throw "devenv input required") 518 + , 519 + }: 520 + let 521 + devenvPath = input.outPath + "/devenv.nix"; 522 + hasDevenv = builtins.pathExists devenvPath; 523 + in 524 + if !hasDevenv then 525 + throw '' 526 + Input does not have a devenv.nix file. 527 + Expected file at: ${devenvPath} 528 + 529 + To use this input's devenv configuration, the input must provide a devenv.nix file. 530 + '' 531 + else 532 + let 533 + pkgs = import nixpkgs { 534 + inherit system; 535 + config = { }; 536 + }; 537 + lib = pkgs.lib; 538 + 539 + project = lib.evalModules { 540 + specialArgs = allInputs // { 541 + inputs = allInputs; 542 + secretspec = null; 543 + }; 544 + modules = [ 545 + ( 546 + { config, ... }: 547 + { 548 + _module.args.pkgs = pkgs.appendOverlays (config.overlays or [ ]); 549 + } 550 + ) 551 + (devenv.outPath + "/src/modules/top-level.nix") 552 + (import devenvPath) 553 + ]; 554 + }; 555 + in 556 + { 557 + inherit pkgs; 558 + config = project.config; 559 + options = project.options; 560 + inherit project; 561 + }; 562 + }

+19

.devenv/bootstrap/default.nix

··· 1 + args@{ system 2 + , # The project root (location of devenv.nix) 3 + devenv_root 4 + , ... 5 + }: 6 + 7 + let 8 + inherit 9 + (import ./resolve-lock.nix { 10 + src = devenv_root; 11 + inherit system; 12 + }) 13 + inputs 14 + ; 15 + 16 + bootstrapLib = import ./bootstrapLib.nix { inherit inputs; }; 17 + in 18 + 19 + bootstrapLib.mkDevenvForSystem args

+157

.devenv/bootstrap/resolve-lock.nix

··· 1 + # Adapted from https://git.lix.systems/lix-project/flake-compat/src/branch/main/default.nix 2 + { src 3 + , system ? builtins.currentSystem or "unknown-system" 4 + , 5 + }: 6 + 7 + let 8 + lockFilePath = src + "/devenv.lock"; 9 + 10 + lockFile = builtins.fromJSON (builtins.readFile lockFilePath); 11 + 12 + rootSrc = { 13 + lastModified = 0; 14 + lastModifiedDate = formatSecondsSinceEpoch 0; 15 + # *hacker voice*: it's definitely a store path, I promise (actually a 16 + # nixlang path value, likely not pointing at the store). 17 + outPath = src; 18 + }; 19 + 20 + # Format number of seconds in the Unix epoch as %Y%m%d%H%M%S. 21 + formatSecondsSinceEpoch = 22 + t: 23 + let 24 + rem = x: y: x - x / y * y; 25 + days = t / 86400; 26 + secondsInDay = rem t 86400; 27 + hours = secondsInDay / 3600; 28 + minutes = (rem secondsInDay 3600) / 60; 29 + seconds = rem t 60; 30 + 31 + # Courtesy of https://stackoverflow.com/a/32158604. 32 + z = days + 719468; 33 + era = (if z >= 0 then z else z - 146096) / 146097; 34 + doe = z - era * 146097; 35 + yoe = (doe - doe / 1460 + doe / 36524 - doe / 146096) / 365; 36 + y = yoe + era * 400; 37 + doy = doe - (365 * yoe + yoe / 4 - yoe / 100); 38 + mp = (5 * doy + 2) / 153; 39 + d = doy - (153 * mp + 2) / 5 + 1; 40 + m = mp + (if mp < 10 then 3 else -9); 41 + y' = y + (if m <= 2 then 1 else 0); 42 + 43 + pad = s: if builtins.stringLength s < 2 then "0" + s else s; 44 + in 45 + "${toString y'}${pad (toString m)}${pad (toString d)}${pad (toString hours)}${pad (toString minutes)}${pad (toString seconds)}"; 46 + 47 + allNodes = builtins.mapAttrs 48 + ( 49 + key: node: 50 + let 51 + sourceInfo = 52 + if key == lockFile.root then 53 + rootSrc 54 + # Path inputs pointing to project root (path = ".") should use rootSrc 55 + # to avoid fetchTree hashing the entire project directory 56 + else if node.locked.type or null == "path" && node.locked.path or null == "." then 57 + rootSrc 58 + else 59 + let 60 + locked = node.locked; 61 + isRelativePath = p: p != null && (builtins.substring 0 2 p == "./" || builtins.substring 0 3 p == "../"); 62 + # Resolve relative paths against src 63 + resolvedLocked = locked 64 + // (if locked.type or null == "path" && isRelativePath (locked.path or null) 65 + then { path = toString src + "/${locked.path}"; } 66 + else { }) 67 + // (if locked.type or null == "git" && isRelativePath (locked.url or null) 68 + then { url = toString src + "/${locked.url}"; } 69 + else { }); 70 + in 71 + builtins.fetchTree (node.info or { } // removeAttrs resolvedLocked [ "dir" ]); 72 + 73 + subdir = if key == lockFile.root then "" else node.locked.dir or ""; 74 + 75 + outPath = sourceInfo + ((if subdir == "" then "" else "/") + subdir); 76 + 77 + # Resolve a input spec into a node name. An input spec is 78 + # either a node name, or a 'follows' path from the root 79 + # node. 80 + resolveInput = 81 + inputSpec: if builtins.isList inputSpec then getInputByPath lockFile.root inputSpec else inputSpec; 82 + 83 + # Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the 84 + # root node, returning the final node. 85 + getInputByPath = 86 + nodeName: path: 87 + if path == [ ] then 88 + nodeName 89 + else 90 + getInputByPath 91 + # Since this could be a 'follows' input, call resolveInput. 92 + (resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path}) 93 + (builtins.tail path); 94 + 95 + inputs = builtins.mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) ( 96 + node.inputs or { } 97 + ); 98 + 99 + # Only import flake.nix for non-root nodes (root doesn't need it) 100 + flake = if key == lockFile.root then null else import (outPath + "/flake.nix"); 101 + 102 + outputs = if key == lockFile.root then { } else flake.outputs (inputs // { self = result; }); 103 + 104 + # Lazy devenv evaluation for this input 105 + devenvEval = 106 + let 107 + bootstrapLib = import ./bootstrapLib.nix { inputs = inputs; }; 108 + in 109 + bootstrapLib.mkDevenvForInput { 110 + input = { inherit outPath sourceInfo; }; 111 + allInputs = inputs; 112 + inherit system; 113 + }; 114 + 115 + result = 116 + outputs 117 + // sourceInfo 118 + // { 119 + inherit outPath; 120 + inherit inputs; 121 + inherit outputs; 122 + inherit sourceInfo; 123 + _type = "flake"; 124 + devenv = devenvEval; 125 + }; 126 + 127 + nonFlakeResult = sourceInfo // { 128 + inherit outPath; 129 + inherit inputs; 130 + inherit sourceInfo; 131 + _type = "flake"; 132 + devenv = devenvEval; 133 + }; 134 + 135 + in 136 + if node.flake or true && key != lockFile.root then 137 + assert builtins.isFunction flake.outputs; 138 + result 139 + else 140 + nonFlakeResult 141 + ) 142 + lockFile.nodes; 143 + 144 + result = 145 + if !(builtins.pathExists lockFilePath) then 146 + throw "${lockFilePath} does not exist" 147 + else if lockFile.version >= 5 && lockFile.version <= 7 then 148 + allNodes.${lockFile.root} 149 + else 150 + throw "lock file '${lockFilePath}' has unsupported version ${toString lockFile.version}"; 151 + 152 + in 153 + { 154 + inputs = result.inputs or { } // { 155 + self = result; 156 + }; 157 + }

+9

.devenv/nixpkgs-config-c7c9559ef5bdea25.nix

··· 1 + let cfg = {}; in cfg // { 2 + allowUnfreePredicate = 3 + if cfg.allowUnfree or false then 4 + (_: true) 5 + else if (cfg.permittedUnfreePackages or []) != [] then 6 + (pkg: builtins.elem ((builtins.parseDrvName (pkg.name or pkg.pname or pkg)).name) (cfg.permittedUnfreePackages or [])) 7 + else 8 + (_: false); 9 + }

+60 -60

flake.lock

··· 9 9 "rust-overlay": "rust-overlay" 10 10 }, 11 11 "locked": { 12 - "lastModified": 1772290697, 13 - "narHash": "sha256-MyLNx13P+pv1RszO1rMd3144NEeU/oU4iL+xOTpRoaU=", 12 + "lastModified": 1774186997, 13 + "narHash": "sha256-hyNVlhAqmwcBPl7XRkxbGcMt1BfCOdvuEfBDUf0k8Oo=", 14 14 "owner": "ezKEa", 15 15 "repo": "aagl-gtk-on-nix", 16 - "rev": "dcb53a4cb4cb09ef7f08328428ba559be5b9f01b", 16 + "rev": "546e95f7ec74892a31f883a10b1723c35f2c2edd", 17 17 "type": "github" 18 18 }, 19 19 "original": { ··· 72 72 "treefmt-nix": "treefmt-nix" 73 73 }, 74 74 "locked": { 75 - "lastModified": 1772478757, 76 - "narHash": "sha256-OZ/rD87JVagLiHCz5M/kfu5n3+32G+kvoZ3F5xmzVng=", 75 + "lastModified": 1774522439, 76 + "narHash": "sha256-GvINrdGznE7mGlDNjW0/PMgOJlC+Nl9MkfxALB4QvWs=", 77 77 "owner": "oddlama", 78 78 "repo": "agenix-rekey", 79 - "rev": "4b0b511675cc368956a3917f0710dd62ba7b4043", 79 + "rev": "8b9c179bc1300ab130c90f2d25426bf0e7a2b58d", 80 80 "type": "github" 81 81 }, 82 82 "original": { ··· 90 90 "nixpkgs": "nixpkgs_2" 91 91 }, 92 92 "locked": { 93 - "lastModified": 1773403535, 94 - "narHash": "sha256-47MZaFrHxNO8tVUAmtVnerXUw2WWVluBOiU9MulN/yM=", 93 + "lastModified": 1774616169, 94 + "narHash": "sha256-fP4bU3SOH5sefSl6EagqULFs+bXoo3h3VLQCCyJplo4=", 95 95 "owner": "catppuccin", 96 96 "repo": "nix", 97 - "rev": "d45b5665cc638bad1b794350de02f4dd41b0bb47", 97 + "rev": "e616c61cd9f7b05b32af266bc005fa266860dacf", 98 98 "type": "github" 99 99 }, 100 100 "original": { ··· 435 435 ] 436 436 }, 437 437 "locked": { 438 - "lastModified": 1772893680, 439 - "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", 438 + "lastModified": 1774104215, 439 + "narHash": "sha256-EAtviqz0sEAxdHS4crqu7JGR5oI3BwaqG0mw7CmXkO8=", 440 440 "owner": "cachix", 441 441 "repo": "git-hooks.nix", 442 - "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", 442 + "rev": "f799ae951fde0627157f40aec28dec27b22076d0", 443 443 "type": "github" 444 444 }, 445 445 "original": { ··· 540 540 "nixpkgs": "nixpkgs_3" 541 541 }, 542 542 "locked": { 543 - "lastModified": 1773681856, 544 - "narHash": "sha256-+bRqxoFCJFO9ZTFhcCkzNXbDT3b8AEk88fyjB7Is6eo=", 543 + "lastModified": 1774647770, 544 + "narHash": "sha256-UNNi14XiqRWWjO8ykbFwA5wRwx7EscsC+GItOVpuGjc=", 545 545 "owner": "nix-community", 546 546 "repo": "home-manager", 547 - "rev": "57d5560ee92a424fb71fde800acd6ed2c725dfce", 547 + "rev": "02371c05a04a2876cf92e2d67a259e8f87399068", 548 548 "type": "github" 549 549 }, 550 550 "original": { ··· 631 631 "pre-commit-hooks": "pre-commit-hooks_2" 632 632 }, 633 633 "locked": { 634 - "lastModified": 1773731400, 635 - "narHash": "sha256-cHoNqN9+QypmqSq+ht0jbHGVdeKyR6nz9BsZK3CnDXY=", 636 - "rev": "f87d753987bf19553bab6e94db7356e80cdd8259", 634 + "lastModified": 1774608105, 635 + "narHash": "sha256-JBiiKbsJ0Mtq7AKJuQGD8V2jRRVeThwiIIDTGdh+rr4=", 636 + "rev": "001e3fde8f5d3e81ede2c95eab414fcaf83a9233", 637 637 "type": "tarball", 638 - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/f87d753987bf19553bab6e94db7356e80cdd8259.tar.gz?rev=f87d753987bf19553bab6e94db7356e80cdd8259" 638 + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/001e3fde8f5d3e81ede2c95eab414fcaf83a9233.tar.gz?rev=001e3fde8f5d3e81ede2c95eab414fcaf83a9233" 639 639 }, 640 640 "original": { 641 641 "type": "tarball", ··· 692 692 ] 693 693 }, 694 694 "locked": { 695 - "lastModified": 1773715019, 696 - "narHash": "sha256-bJ2f57E9rEMdNc6hFIVvtWFF/WpIRCGJvT7HTnls/rg=", 695 + "lastModified": 1774665675, 696 + "narHash": "sha256-GT3cOq5rmmjIqUDGj3vo7sVjyF8rJ2y7+bhMPVakAXY=", 697 697 "owner": "fufexan", 698 698 "repo": "nix-gaming", 699 - "rev": "25efde53dc1b554e912bda2be1dc2508850dbe68", 699 + "rev": "f2644f0aebb5805ca0ff778f9241ab8f69cd6675", 700 700 "type": "github" 701 701 }, 702 702 "original": { ··· 713 713 "rust-overlay": "rust-overlay_3" 714 714 }, 715 715 "locked": { 716 - "lastModified": 1773729530, 717 - "narHash": "sha256-JdUZr+5F/eVZNSiu9Ysu9MDeahf01sqTVgG+WeBs9+k=", 716 + "lastModified": 1774680845, 717 + "narHash": "sha256-Rkkp/6kTbrM2GSCRKzdy3sYvLyaCQPAbnGR+icvfA+A=", 718 718 "owner": "Janrupf", 719 719 "repo": "nix-jetbrains-plugin-repository", 720 - "rev": "45265243222d9939f877bc64a4c60fba163a2bc3", 720 + "rev": "f7821c097e718a93b35b3f5b533c0408ccdbf18b", 721 721 "type": "github" 722 722 }, 723 723 "original": { ··· 803 803 "nixpkgs-nixcord": "nixpkgs-nixcord" 804 804 }, 805 805 "locked": { 806 - "lastModified": 1773707837, 807 - "narHash": "sha256-TFK0EXOTihtOiqdipVuUWnA3O+2XALosoFGXgMmnRM0=", 806 + "lastModified": 1774685703, 807 + "narHash": "sha256-MQhm3HEVv9xHWQNIx/xp++q2+SUeH8hLohKZFIO7DZM=", 808 808 "owner": "KaylorBen", 809 809 "repo": "nixcord", 810 - "rev": "a917a4b7ddd13539ecc0a4b5094f015ba7b192dc", 810 + "rev": "60c5476d52d668dc5b8f89eddb687d988921fc93", 811 811 "type": "github" 812 812 }, 813 813 "original": { ··· 818 818 }, 819 819 "nixos-hardware": { 820 820 "locked": { 821 - "lastModified": 1773533765, 822 - "narHash": "sha256-qonGfS2lzCgCl59Zl63jF6dIRRpvW3AJooBGMaXjHiY=", 821 + "lastModified": 1774567711, 822 + "narHash": "sha256-uVlOHBvt6Vc/iYNJXLPa4c3cLXwMllOCVfAaLAcphIo=", 823 823 "owner": "NixOS", 824 824 "repo": "nixos-hardware", 825 - "rev": "f8e82243fd601afb9f59ad230958bd073795cbfe", 825 + "rev": "3f6f874dfc34d386d10e434c48ad966c4832243e", 826 826 "type": "github" 827 827 }, 828 828 "original": { ··· 912 912 }, 913 913 "nixpkgs_2": { 914 914 "locked": { 915 - "lastModified": 1773122722, 916 - "narHash": "sha256-FIqHByVqxCprNjor1NqF80F2QQoiiyqanNNefdlvOg4=", 915 + "lastModified": 1773821835, 916 + "narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=", 917 917 "owner": "NixOS", 918 918 "repo": "nixpkgs", 919 - "rev": "62dc67aa6a52b4364dd75994ec00b51fbf474e50", 919 + "rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0", 920 920 "type": "github" 921 921 }, 922 922 "original": { ··· 928 928 }, 929 929 "nixpkgs_3": { 930 930 "locked": { 931 - "lastModified": 1773389992, 932 - "narHash": "sha256-wvfdLLWJ2I9oEpDd9PfMA8osfIZicoQ5MT1jIwNs9Tk=", 931 + "lastModified": 1774106199, 932 + "narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", 933 933 "owner": "NixOS", 934 934 "repo": "nixpkgs", 935 - "rev": "c06b4ae3d6599a672a6210b7021d699c351eebda", 935 + "rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", 936 936 "type": "github" 937 937 }, 938 938 "original": { ··· 976 976 }, 977 977 "nixpkgs_6": { 978 978 "locked": { 979 - "lastModified": 1773646010, 980 - "narHash": "sha256-iYrs97hS7p5u4lQzuNWzuALGIOdkPXvjz7bviiBjUu8=", 979 + "lastModified": 1774386573, 980 + "narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=", 981 981 "owner": "NixOS", 982 982 "repo": "nixpkgs", 983 - "rev": "5b2c2d84341b2afb5647081c1386a80d7a8d8605", 983 + "rev": "46db2e09e1d3f113a13c0d7b81e2f221c63b8ce9", 984 984 "type": "github" 985 985 }, 986 986 "original": { ··· 1008 1008 }, 1009 1009 "nixpkgs_8": { 1010 1010 "locked": { 1011 - "lastModified": 1773597492, 1012 - "narHash": "sha256-hfwXTZODckRv5CdezNotB9NgF/6y7j2K0DRoPwMXpFQ=", 1013 - "rev": "a07d4ce6bee67d7c838a8a5796e75dff9caa21ef", 1011 + "lastModified": 1774273680, 1012 + "narHash": "sha256-WLxi1vfcykjq9Yb2umqBJs6lVM6MpV2tXfcrAjroxUk=", 1013 + "rev": "fdc7b8f7b30fdbedec91b71ed82f36e1637483ed", 1014 1014 "type": "tarball", 1015 - "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre963717.a07d4ce6bee6/nixexprs.tar.xz?lastModified=1773597492&rev=a07d4ce6bee67d7c838a8a5796e75dff9caa21ef" 1015 + "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre968305.fdc7b8f7b30f/nixexprs.tar.xz?lastModified=1774273680&rev=fdc7b8f7b30fdbedec91b71ed82f36e1637483ed" 1016 1016 }, 1017 1017 "original": { 1018 1018 "type": "tarball", ··· 1042 1042 "systems": "systems_4" 1043 1043 }, 1044 1044 "locked": { 1045 - "lastModified": 1772402258, 1046 - "narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=", 1045 + "lastModified": 1774612943, 1046 + "narHash": "sha256-hRhq5cpDyBm/ZQyuzI+/YzQEVt35d/M6ko7ADfodw9s=", 1047 1047 "owner": "nix-community", 1048 1048 "repo": "nixvim", 1049 - "rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10", 1049 + "rev": "2b9f8e1d659d1c7664e1b85ab1620c219672696c", 1050 1050 "type": "github" 1051 1051 }, 1052 1052 "original": { ··· 1333 1333 "sqlite-lib-src": "sqlite-lib-src" 1334 1334 }, 1335 1335 "locked": { 1336 - "lastModified": 1773741732, 1337 - "narHash": "sha256-tx954p87D99JB9Xju6ye9Gwfsak84A+fvq0ceLmP2XI=", 1336 + "lastModified": 1774691944, 1337 + "narHash": "sha256-oZS+XQlxOHSmey93fd9q7F64bYDEG2Uxeivae1Vcjms=", 1338 1338 "ref": "refs/heads/master", 1339 - "rev": "2302ce917997e532c1db5b913d5820383156ac26", 1340 - "revCount": 2070, 1339 + "rev": "2677d2b115aceea71bc759f6f391972e34579e80", 1340 + "revCount": 2121, 1341 1341 "type": "git", 1342 1342 "url": "https://tangled.org/@tangled.org/core" 1343 1343 }, ··· 1351 1351 "nixpkgs": "nixpkgs_8" 1352 1352 }, 1353 1353 "locked": { 1354 - "lastModified": 1773740618, 1355 - "narHash": "sha256-gjfCl+KAEjpbDsN6bFYIp5KvGSDqhbxFb8jwHy+36ug=", 1354 + "lastModified": 1774574103, 1355 + "narHash": "sha256-tV82vKeyilWo95hfZ97Fx3mf//mEf3d28E987FlOjkQ=", 1356 1356 "owner": "tgirlcloud", 1357 1357 "repo": "pkgs", 1358 - "rev": "9b1d470a3c164d3d572b109bba892540d9df4df2", 1358 + "rev": "d6b5a263845e9c28ae30f378c673fc4a0843ea9e", 1359 1359 "type": "github" 1360 1360 }, 1361 1361 "original": { ··· 1369 1369 "nixpkgs": "nixpkgs_9" 1370 1370 }, 1371 1371 "locked": { 1372 - "lastModified": 1773139928, 1373 - "narHash": "sha256-N6B+pB2VDkHbFn9xCmR0MnTbG/jWQyNj0Ad49JbP2lQ=", 1372 + "lastModified": 1774686616, 1373 + "narHash": "sha256-lq5hR4DGZBPpm6u8yC9KfbAqTGYfdb6+gESlBevvC7s=", 1374 1374 "owner": "Inrixia", 1375 1375 "repo": "TidaLuna", 1376 - "rev": "e5ee58c6a79e54aa914d95e774e551ee295f2cc4", 1376 + "rev": "a7cca8269d1ae95f8e8ed24732e0bf247f250fa4", 1377 1377 "type": "github" 1378 1378 }, 1379 1379 "original": { ··· 1427 1427 "systems": "systems_7" 1428 1428 }, 1429 1429 "locked": { 1430 - "lastModified": 1773692852, 1431 - "narHash": "sha256-rVzZeR2gsPCgft+SHbxlxldejpOBI6bwj6gC24XpEIk=", 1430 + "lastModified": 1774616856, 1431 + "narHash": "sha256-ztKS2b29Lp0tJ29KxSir2GYhhJexGROzz6sIFsmfh4Y=", 1432 1432 "owner": "vicinaehq", 1433 1433 "repo": "vicinae", 1434 - "rev": "f3dc9cb4696dda1218f00f2756cf25882fa5df9b", 1434 + "rev": "9947898ef0a87feb257c6f8254ed96f7321abf3a", 1435 1435 "type": "github" 1436 1436 }, 1437 1437 "original": {

+2 -2

modules/nixos/services/nextcloud.nix

··· 19 19 config = (mkMerge [ 20 20 (mkIf cfg.enable { 21 21 # Create secrets 22 - #age.secrets."nextcloud-adminpass".rekeyFile = "${self}/secrets/nextcloud-adminpass.age"; 22 + age.secrets."nextcloud-adminpass".rekeyFile = "${self}/secrets/nextcloud-adminpass.age"; 23 23 24 24 services = { 25 25 nextcloud = { ··· 30 30 database.createLocally = true; 31 31 32 32 config = { 33 - #adminpassFile = config.age.secrets."nextcloud-adminpass".path; 33 + adminpassFile = config.age.secrets."nextcloud-adminpass".path; 34 34 35 35 dbhost = "postgresql://nextcloud?host=/run/postgresql"; 36 36 };

+1 -1

systems/apple/default.nix

··· 6 6 }: 7 7 { 8 8 imports = [ 9 - # ./fileSystem.nix TODO 9 + ./fileSystem.nix 10 10 ]; 11 11 12 12 networking.hostName = "apple";

+16

systems/apple/fileSystem.nix

··· 1 + { 2 + fileSystems."/" = 3 + { device = "/dev/disk/by-uuid/bd81acdf-e2c7-41bb-92e1-ddcdd46e2da9"; 4 + fsType = "ext4"; 5 + }; 6 + 7 + fileSystems."/boot" = 8 + { device = "/dev/disk/by-uuid/6023-7222"; 9 + fsType = "vfat"; 10 + options = [ "fmask=0077" "dmask=0077" ]; 11 + }; 12 + 13 + swapDevices = 14 + [ { device = "/dev/disk/by-uuid/358f4ce3-9e14-4cf8-ab79-435ebb109db6"; } 15 + ]; 16 + }

+1 -1

systems/apple/key.pub

··· 1 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5sgA7jPn0E2tPCBhrIZqliItfVloJzUyUuRdXa34bi root@apricot 1 + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5FxHEqMMrhRolSjbas5LnKO6aAzR2tjDPvPCzianb5 root@nixos

+1

systems/apricot/key.pub

··· 1 + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5sgA7jPn0E2tPCBhrIZqliItfVloJzUyUuRdXa34bi root@apricot

-7

systems/apricot/secrets/316fdabd78add2a2906fbabe7f0de2b0-semiko-passwd.age

··· 1 - age-encryption.org/v1 2 - -> ssh-ed25519 1a/qJw LyTQvqCwraMVTYkCfh5x7IMHv/X5GmPefz0caCQXyy0 3 - /glNOsQ4F+FkCJMtM9Hg68FByhPIsbAmK8cVX5TsAHA 4 - -> (o;~}U-grease L\ %Hv^' vZ/ N|CSJ 5 - votex75SRJfS8BjM7+w 6 - --- Pcn8JzlSGwWcEwiQMoAWFmmuSiVGihSrgLOEGqJhEh4 7 - �f"�چM��<��N�m�\�1��L��_��v�t*�dqDT�8W~��d!�Qer��F��^"T��IT?��4��k뼸�m^g��wm��

systems/apricot/secrets/3e39efda0181232455826164aeba13fc-ssh-tangled.age