diff options
-rw-r--r-- | default.nix | 18 | ||||
-rw-r--r-- | flake.lock | 93 | ||||
-rw-r--r-- | flake.nix | 44 | ||||
-rw-r--r-- | hosts/chaski/configuration.nix | 9 | ||||
-rw-r--r-- | hosts/chaski/services/uplcg.nix | 12 | ||||
-rw-r--r-- | hosts/chaski/services/woitb.nix | 10 | ||||
-rw-r--r-- | hosts/flora/configuration.nix | 4 | ||||
-rw-r--r-- | hosts/flora/hardware-configuration.nix | 4 | ||||
-rw-r--r-- | hosts/flora/services/blog.nix | 4 | ||||
-rw-r--r-- | hosts/flora/services/pleroma.nix | 5 | ||||
-rw-r--r-- | lib/deploy.nix | 23 | ||||
-rw-r--r-- | lib/hosts.nix | 80 | ||||
-rw-r--r-- | modules/default.nix | 9 | ||||
-rw-r--r-- | modules/deploy/default.nix | 50 | ||||
-rw-r--r-- | nix/sources.json | 50 | ||||
-rw-r--r-- | nix/sources.nix | 174 |
16 files changed, 144 insertions, 445 deletions
diff --git a/default.nix b/default.nix deleted file mode 100644 index f13eb77..0000000 --- a/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -let - sources = import ./nix/sources.nix; - pkgs = import ./pkgs {}; - - hosts = import ./lib/hosts.nix { - inherit pkgs; - hostsDir = ./hosts; - commonImports = [ ./common ]; - pkgsPath = ./pkgs; - }; -in -{ - inherit sources pkgs; - inherit (hosts) hosts groups; - deploy = import ./lib/deploy.nix { inherit pkgs; inherit (hosts) hosts groups; }; -} - - diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..2aac064 --- /dev/null +++ b/flake.lock @@ -0,0 +1,93 @@ +{ + "nodes": { + "blog": { + "flake": false, + "locked": { + "narHash": "sha256-vsj1iq/W5ofZhQ1MkpP3iSeBhYfSUj9RlEY2kiG07yA=", + "path": "/home/stuebinm/Dokumente/blog", + "type": "path" + }, + "original": { + "path": "/home/stuebinm/Dokumente/blog", + "type": "path" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1641687203, + "narHash": "sha256-W6Xrb/l1x+E+WMVLw4q5HUnNjt3x4WQFSYJtjJtopbU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "00acdb2aa817048fbe1f91ece18fe7de09762531", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1641671388, + "narHash": "sha256-aHoO6CpPLJK8hLkPJrpMnCRnj3YbfQZ7HNcXcnI83E0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "32356ce11b8cc5cc421b68138ae8c730cc8ad4a2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "blog": "blog", + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable", + "tracktrain": "tracktrain", + "uplcg": "uplcg" + } + }, + "tracktrain": { + "flake": false, + "locked": { + "lastModified": 1641709913, + "narHash": "sha256-zIc6Or0n2klhycD71d0T+FaB4asAevK5XkpnVQviO3A=", + "ref": "main", + "rev": "973f086e1882dfaa48f40a91b5f8c679076b6fb6", + "revCount": 5, + "type": "git", + "url": "https://stuebinm.eu/git/tracktrain" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://stuebinm.eu/git/tracktrain" + } + }, + "uplcg": { + "flake": false, + "locked": { + "lastModified": 1638532574, + "narHash": "sha256-diZaAMiqOUVeEyGujEY5tejbyKdpecR/dRPLcAlKLWw=", + "ref": "main", + "rev": "8c19e63eb67093f960be060f08a873a9d696d226", + "revCount": 121, + "type": "git", + "url": "https://stuebinm.eu/git/uplcg" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://stuebinm.eu/git/uplcg" + } + } + }, + "root": "root", + "version": 7 +} @@ -3,18 +3,42 @@ description = "testing nix flakes for server deployment"; inputs = { - nixpkgs = "github:NixOS/nixpkgs#release-21.11"; - nixpkgs-unstalbe = "github:NixOS/nixpkgs#nixpkgs-unstable"; - uplcg = "git:https//stuebinm.eu/git/uplcg"; - woitb = "git:https://stuebinm.eu/git/woitb"; - workadventure = "git:https://stuebinm.eu/git/workadventure-nix"; + nixpkgs.url = "github:NixOS/nixpkgs/release-21.11"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + uplcg = { + url = "git+https://stuebinm.eu/git/uplcg?ref=main"; + flake = false; + }; + # woitb = { + # url = "git+https://stuebinm.eu/git/woitb?ref=main"; + # flake = false; + # }; + # workadventure = { + # url = "git+https://stuebinm.eu/git/workadventure-nix"; + # flake = false; + # }; + tracktrain = { + url = "git+https://stuebinm.eu/git/tracktrain?ref=main"; + flake = false; + }; + blog = { + url = "path:/home/stuebinm/Dokumente/blog"; + flake = false; + }; }; - output = { self, nixpkgs, ... }@inputs: { + outputs = { self, nixpkgs, ... }@inputs: { - nixosConfigurations.chaski = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./hosts/chaski/configuration.nix ]; - }; + nixosConfigurations = + let mkConfig = config: nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ config ./common/default.nix ]; + + specialArgs = { inherit inputs; }; + }; + in { + chaski = mkConfig ./hosts/chaski/configuration.nix; + flora = mkConfig ./hosts/flora/configuration.nix; + }; }; } diff --git a/hosts/chaski/configuration.nix b/hosts/chaski/configuration.nix index 55289dd..ae422cf 100644 --- a/hosts/chaski/configuration.nix +++ b/hosts/chaski/configuration.nix @@ -17,9 +17,12 @@ ./services/gtfs.nix ]; - hexchen.deploy = { - ssh.host = "chaski"; - }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + services.nginx.appendHttpConfig = '' + access_log off; + add_header Permissions-Policy "interest-cohort=()"; + ''; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; diff --git a/hosts/chaski/services/uplcg.nix b/hosts/chaski/services/uplcg.nix index fa59528..5605046 100644 --- a/hosts/chaski/services/uplcg.nix +++ b/hosts/chaski/services/uplcg.nix @@ -1,15 +1,8 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: -let - #sources = import ../../../nix/sources.nix; - uplcg-nix = fetchGit { - url = "https://stuebinm.eu/git/uplcg"; - rev = "8c19e63eb67093f960be060f08a873a9d696d226"; - }; -in { imports = [ - "${uplcg-nix.outPath}/module.nix" + "${inputs.uplcg.outPath}/module.nix" ]; services.uplcg = { @@ -18,6 +11,7 @@ in domain = "0.0.0.0"; }; + services.nginx.enable = true; services.nginx.virtualHosts."cards.stuebinm.eu" = { locations."/" = { proxyPass = "http://localhost:9080"; diff --git a/hosts/chaski/services/woitb.nix b/hosts/chaski/services/woitb.nix index a2d64a0..0c50617 100644 --- a/hosts/chaski/services/woitb.nix +++ b/hosts/chaski/services/woitb.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: let #sources = ../../nix/sources.nix; @@ -26,13 +26,7 @@ in services.nginx.virtualHosts."track.ilztal.live" = { enableACME = true; forceSSL = true; - locations."/".root = pkgs.copyPathToStore /home/stuebinm/Dokumente/utils/tracktrain; + locations."/".root = inputs.tracktrain; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.nginx.appendHttpConfig = '' - access_log off; - add_header Permissions-Policy "interest-cohort=()"; - ''; } diff --git a/hosts/flora/configuration.nix b/hosts/flora/configuration.nix index 5bdc18a..b2699b7 100644 --- a/hosts/flora/configuration.nix +++ b/hosts/flora/configuration.nix @@ -19,10 +19,6 @@ boot.loader.grub.version = 2; boot.loader.grub.devices = [ "/dev/sda" ]; - hexchen.deploy = { - ssh.host = "flora"; - }; - networking = { hostName = "flora"; diff --git a/hosts/flora/hardware-configuration.nix b/hosts/flora/hardware-configuration.nix index faac1af..2ce21f4 100644 --- a/hosts/flora/hardware-configuration.nix +++ b/hosts/flora/hardware-configuration.nix @@ -1,11 +1,11 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: +{ modulesPath, config, lib, pkgs, inputs, ... }: { imports = - [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + [ "${modulesPath}/profiles/qemu-guest.nix" ]; boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ]; diff --git a/hosts/flora/services/blog.nix b/hosts/flora/services/blog.nix index 428b3fb..056a63b 100644 --- a/hosts/flora/services/blog.nix +++ b/hosts/flora/services/blog.nix @@ -1,9 +1,9 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: { services.nginx.virtualHosts."stuebinm.eu" = { enableACME = true; forceSSL = true; - locations."/".root = (import /home/stuebinm/Dokumente/blog); + locations."/".root = (import inputs.blog); }; } diff --git a/hosts/flora/services/pleroma.nix b/hosts/flora/services/pleroma.nix index fca9d65..e93e553 100644 --- a/hosts/flora/services/pleroma.nix +++ b/hosts/flora/services/pleroma.nix @@ -1,8 +1,7 @@ -{config, pkgs, ...}: +{config, pkgs, inputs, ...}: let - sources = import ../../../nix/sources.nix; domain = "pleroma.stuebinm.eu"; in { @@ -30,7 +29,7 @@ in enable = true; - package = (import sources.nixpkgs-unstable {}).pleroma; + package = (import inputs.nixpkgs-unstable {}).pleroma; # this is barely necessary at this point — all that's # set in here is the default_signer for joken, and the diff --git a/lib/deploy.nix b/lib/deploy.nix deleted file mode 100644 index 1b8d1f2..0000000 --- a/lib/deploy.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, hosts, groups }: - -with pkgs.lib; - -( - mapAttrs (name: hosts: pkgs.writeScript "deploy-group-${name}" '' - #!${pkgs.runtimeShell} - export PATH= - ${concatMapStrings (host: '' - echo "deploying ${host.config.networking.hostName}..." - ${host.config.system.build.deployScript} $1 & - PID_LIST+=" $!" - '') hosts} - # FIXME: remove jobs from PIDLIST once they finish - trap "kill $PID_LIST" SIGINT - wait $PID_LIST - '') groups -) // ( - mapAttrs - (name: host: host.config.system.build.deployScript) - (filterAttrs (_: host: host.config.hexchen.deploy.enable) hosts) -) - diff --git a/lib/hosts.nix b/lib/hosts.nix deleted file mode 100644 index 91b6b40..0000000 --- a/lib/hosts.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - pkgs, - hostsDir ? ../hosts, - commonImports ? [], - pkgsPath ? ../pkgs, - modules ? {}, - overlays ? {}, - profiles ? {}, - users ? {}, - sources ? {} -}: - -with pkgs.lib; - -rec { - hostNames = attrNames ( - filterAttrs ( - name: type: type == "directory" - ) ( - builtins.readDir hostsDir - ) - ); - - hostConfig = hostName: { config, ... }: { - _module.args = { - inherit hosts groups; - }; - imports = [ - (import (hostsDir + "/${hostName}/configuration.nix")) - # urgh, yes, we still need to manually import the deploy module for now - # at least if i want to keep my thing reusable. - ../modules/deploy - ] ++ commonImports; - networking = { - inherit hostName; - }; - nixpkgs.pkgs = - let pkgs = import pkgsPath { - inherit (config.nixpkgs) config system; - }; - in if pkgs ? nixpkgs then pkgs.nixpkgs else pkgs; - }; - - hosts = listToAttrs ( - map ( - hostName: nameValuePair hostName ( - import (pkgs.path + "/nixos/lib/eval-config.nix") { - modules = [ - (hostConfig hostName) - (if sources ? home-manager then sources.home-manager + "/nixos" else {}) - ]; - specialArgs = { inherit modules overlays profiles users sources; }; - } - ) - ) hostNames - ); - - groupNames = unique ( - concatLists ( - mapAttrsToList ( - name: host: host.config.hexchen.deploy.groups - ) hosts - ) - ); - - groups = listToAttrs ( - map ( - groupName: nameValuePair groupName ( - filter ( - host: elem groupName host.config.hexchen.deploy.groups - ) ( - attrValues ( - filterAttrs (_: h: h.config.hexchen.deploy.enable) hosts - ) - ) - ) - ) groupNames - ); -} - diff --git a/modules/default.nix b/modules/default.nix deleted file mode 100644 index e512563..0000000 --- a/modules/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{...}: -let - sources = import ../nix/sources.nix {}; -in -{ - #imports = [ "${sources.nixpkgs-unstable}/nixos/modules/services/networking/pleroma.nix" ]; - - # to stop the manual breaking from the stable / unstable mix -} diff --git a/modules/deploy/default.nix b/modules/deploy/default.nix deleted file mode 100644 index e8bc827..0000000 --- a/modules/deploy/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, pkgs, lib, ... }: - -with lib; - -let - cfg = config.hexchen.deploy; - -in { - options = { - hexchen.deploy = { - enable = mkOption { - type = types.bool; - default = true; - }; - ssh.host = mkOption { - type = types.str; - default = "${config.networking.hostName}.${config.networking.domain}"; - }; - ssh.port = mkOption { - type = types.int; - default = head config.services.openssh.ports; - }; - substitute = mkOption { - type = types.bool; - default = true; - }; - groups = mkOption { - type = with types; listOf str; - default = []; - }; - }; - }; - - config = mkIf cfg.enable { - hexchen.deploy.groups = [ "all" ]; - - system.build.deployScript = let - superuser = if config.security.sudo.enable then "sudo" else ""; - in pkgs.writeScript "deploy-${config.networking.hostName}" '' - #!${pkgs.runtimeShell} - set -xeo pipefail - export PATH=${with pkgs; lib.makeBinPath [ coreutils openssh nix ]} - export NIX_SSHOPTS="$NIX_SSHOPTS -p${toString cfg.ssh.port}" - nix copy ${if cfg.substitute then "-s" else ""} --no-check-sigs --to ssh://${cfg.ssh.host} ${config.system.build.toplevel} - ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} nix-env -p /nix/var/nix/profiles/system -i ${config.system.build.toplevel}" - ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} /nix/var/nix/profiles/system/bin/switch-to-configuration $1" - ''; - }; -} - diff --git a/nix/sources.json b/nix/sources.json deleted file mode 100644 index 6dbaacf..0000000 --- a/nix/sources.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "niv": { - "branch": "master", - "description": "Easy dependency management for Nix projects", - "homepage": "https://github.com/nmattia/niv", - "owner": "nmattia", - "repo": "niv", - "rev": "5830a4dd348d77e39a0f3c4c762ff2663b602d4c", - "sha256": "1d3lsrqvci4qz2hwjrcnd8h5vfkg8aypq3sjd4g3izbc8frwz5sm", - "type": "tarball", - "url": "https://github.com/nmattia/niv/archive/5830a4dd348d77e39a0f3c4c762ff2663b602d4c.tar.gz", - "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" - }, - "nixpkgs": { - "branch": "release-21.11", - "description": "Nix Packages collection", - "homepage": "", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "dc6b93f729ddd8cc1222279162ef05ec7eee80e7", - "sha256": "0fvdwgpsfghmdc1wx1wvqpapy7n9655jj6z1zcxfn97s93xqsxb9", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/dc6b93f729ddd8cc1222279162ef05ec7eee80e7.tar.gz", - "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" - }, - "nixpkgs-unstable": { - "branch": "nixpkgs-unstable", - "description": "Nix Packages collection", - "homepage": "", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "391f93a83c3a486475d60eb4a569bb6afbf306ad", - "sha256": "0s5f7j2akh3g0013880jfbigdaac1z76r9dv46yw6k254ba2r6nq", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/391f93a83c3a486475d60eb4a569bb6afbf306ad.tar.gz", - "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" - }, - "woitb": { - "branch": "main", - "repo": "https://stuebinm.eu/git/woitb", - "rev": "e0d8ced7f417032a9d28f025b93a41dbe8303e05", - "type": "git" - }, - "workadventure": { - "branch": "master", - "repo": "https://stuebinm.eu/git/workadventure-nix", - "rev": "8db4bbc5eccaac218c68fb0853f1972dadd7a40c", - "type": "git" - } -} diff --git a/nix/sources.nix b/nix/sources.nix deleted file mode 100644 index 1938409..0000000 --- a/nix/sources.nix +++ /dev/null @@ -1,174 +0,0 @@ -# This file has been generated by Niv. - -let - - # - # The fetchers. fetch_<type> fetches specs of type <type>. - # - - fetch_file = pkgs: name: spec: - let - name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchurl { inherit (spec) url sha256; name = name'; } - else - pkgs.fetchurl { inherit (spec) url sha256; name = name'; }; - - fetch_tarball = pkgs: name: spec: - let - name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchTarball { name = name'; inherit (spec) url sha256; } - else - pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; - - fetch_git = name: spec: - let - ref = - if spec ? ref then spec.ref else - if spec ? branch then "refs/heads/${spec.branch}" else - if spec ? tag then "refs/tags/${spec.tag}" else - abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; - in - builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; }; - - fetch_local = spec: spec.path; - - fetch_builtin-tarball = name: throw - ''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=tarball -a builtin=true''; - - fetch_builtin-url = name: throw - ''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=file -a builtin=true''; - - # - # Various helpers - # - - # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 - sanitizeName = name: - ( - concatMapStrings (s: if builtins.isList s then "-" else s) - ( - builtins.split "[^[:alnum:]+._?=-]+" - ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name) - ) - ); - - # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: system: - let - sourcesNixpkgs = - import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; }; - hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; - hasThisAsNixpkgsPath = <nixpkgs> == ./.; - in - if builtins.hasAttr "nixpkgs" sources - then sourcesNixpkgs - else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then - import <nixpkgs> {} - else - abort - '' - Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or - add a package called "nixpkgs" to your sources.json. - ''; - - # The actual fetching function. - fetch = pkgs: name: spec: - - if ! builtins.hasAttr "type" spec then - abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then fetch_file pkgs name spec - else if spec.type == "tarball" then fetch_tarball pkgs name spec - else if spec.type == "git" then fetch_git name spec - else if spec.type == "local" then fetch_local spec - else if spec.type == "builtin-tarball" then fetch_builtin-tarball name - else if spec.type == "builtin-url" then fetch_builtin-url name - else - abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; - - # If the environment variable NIV_OVERRIDE_${name} is set, then use - # the path directly as opposed to the fetched source. - replace = name: drv: - let - saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; - ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in - if ersatz == "" then drv else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}"; - - # Ports of functions for older nix versions - - # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or ( - f: set: with builtins; - listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)) - ); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 - stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); - concatMapStrings = f: list: concatStrings (map f list); - concatStrings = builtins.concatStringsSep ""; - - # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 - optionalAttrs = cond: as: if cond then as else {}; - - # fetchTarball version that is compatible between all the versions of Nix - builtins_fetchTarball = { url, name ? null, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchTarball; - in - if lessThan nixVersion "1.12" then - fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchTarball attrs; - - # fetchurl version that is compatible between all the versions of Nix - builtins_fetchurl = { url, name ? null, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchurl; - in - if lessThan nixVersion "1.12" then - fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchurl attrs; - - # Create the final "sources" from the config - mkSources = config: - mapAttrs ( - name: spec: - if builtins.hasAttr "outPath" spec - then abort - "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); } - ) config.sources; - - # The "config" used by the fetchers - mkConfig = - { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) - , system ? builtins.currentSystem - , pkgs ? mkPkgs sources system - }: rec { - # The sources, i.e. the attribute set of spec name to spec - inherit sources; - - # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers - inherit pkgs; - }; - -in -mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } |