From bfe2079b258db4ecb6fca3ef663a8453acd80ae4 Mon Sep 17 00:00:00 2001 From: Sam Date: Wed, 8 Jan 2025 13:02:55 +0000 Subject: [PATCH] update nixos flake to 24.11 --- flake.lock | 313 ++++++++++++------ flake.nix | 8 +- .../distributed_builds/local-machine.nix | 24 ++ .../remote-builder-machine.nix | 31 +- hosts/semita/default.nix | 4 + 5 files changed, 266 insertions(+), 114 deletions(-) diff --git a/flake.lock b/flake.lock index b638e66..cf33190 100644 --- a/flake.lock +++ b/flake.lock @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1728330715, - "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=", + "lastModified": 1735644329, + "narHash": "sha256-tO3HrHriyLvipc4xr+Ewtdlo7wM1OjXNjlWRgmM7peY=", "owner": "numtide", "repo": "devshell", - "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef", + "rev": "f7795ede5b02664b57035b3b757876703e2c3eac", "type": "github" }, "original": { @@ -92,15 +92,16 @@ ] }, "locked": { - "lastModified": 1722175938, - "narHash": "sha256-HKyB4HD+NdX3T233bY31hm76v3/tdQBNeLLvopKbZeY=", + "lastModified": 1734005403, + "narHash": "sha256-vgh3TqfkFdnPxREBedw4MQehIDc3N8YyxBOB45n+AvU=", "owner": "erikarvstedt", "repo": "extra-container", - "rev": "37e7207ac9f857eedb58b208b9dc91cd6b24e651", + "rev": "f4de6c329b306a9d3a9798a30e060c166f781baa", "type": "github" }, "original": { "owner": "erikarvstedt", + "ref": "0.13", "repo": "extra-container", "type": "github" } @@ -119,22 +120,6 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -185,11 +170,32 @@ ] }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1735774679, + "narHash": "sha256-soePLBazJk0qQdDVhdbM98vYdssfs3WFedcq+raipRI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "f2f7418ce0ab4a5309a4596161d154cfc877af66", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": [ + "nur", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "type": "github" }, "original": { @@ -221,11 +227,29 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -236,23 +260,22 @@ }, "git-hooks": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": [ + "nixvim", + "flake-compat" + ], "gitignore": "gitignore", "nixpkgs": [ "nixvim", "nixpkgs" - ], - "nixpkgs-stable": [ - "nixvim", - "nixpkgs" ] }, "locked": { - "lastModified": 1729104314, - "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", + "lastModified": 1735882644, + "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", + "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656", "type": "github" }, "original": { @@ -328,16 +351,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -350,27 +373,27 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } }, "impermanence": { "locked": { - "lastModified": 1730403150, - "narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=", + "lastModified": 1734945620, + "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=", "owner": "nix-community", "repo": "impermanence", - "rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f", + "rev": "d000479f4f41390ff7cf9204979660ad5dd16176", "type": "github" }, "original": { @@ -379,6 +402,34 @@ "type": "github" } }, + "ixx": { + "inputs": { + "flake-utils": [ + "nixvim", + "nuschtosSearch", + "flake-utils" + ], + "nixpkgs": [ + "nixvim", + "nuschtosSearch", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729958008, + "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.0.6", + "repo": "ixx", + "type": "github" + } + }, "lnbits": { "inputs": { "nixpkgs": "nixpkgs_2", @@ -409,16 +460,16 @@ "nixpkgs-unstable": "nixpkgs-unstable" }, "locked": { - "lastModified": 1727247704, - "narHash": "sha256-Jl1CYXNIdJ4Ac0MK15e8+vflFOgPxZZNw24CKfLC6QY=", + "lastModified": 1734508046, + "narHash": "sha256-JN/PFBOVqWKc76zSdOunYoG5Q0m8W4zfrEh3V4EOIuk=", "owner": "fort-nix", "repo": "nix-bitcoin", - "rev": "a0d36d59248ac54f1b42a668326346a77640c7f5", + "rev": "33dbb41d581b86decf421cb3835c426d557e0e9c", "type": "github" }, "original": { "owner": "fort-nix", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nix-bitcoin", "type": "github" } @@ -450,11 +501,11 @@ ] }, "locked": { - "lastModified": 1729826725, - "narHash": "sha256-w3WNlYxqWYsuzm/jgFPyhncduoDNjot28aC8j39TW0U=", + "lastModified": 1735956190, + "narHash": "sha256-svzx3yVXD5tbBJZCn3Lt1RriH8GHo6CyVUPTHejf7sU=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "7840909b00fbd5a183008a6eb251ea307fe4a76e", + "rev": "3feaf376d75d3d58ebf7e9a4f584d00628548ad9", "type": "github" }, "original": { @@ -487,11 +538,11 @@ }, "nix-secrets": { "locked": { - "lastModified": 1736337009, - "narHash": "sha256-5seeOYCOJrvhbKIj64bAzeSJN80hdVp08ufArlBf+qg=", + "lastModified": 1736339437, + "narHash": "sha256-Em8E6Ml2whMU1IoEB3OI3eKhjSu2J/xbXdlIt+8x61U=", "ref": "refs/heads/master", - "rev": "bd63772717581b787f1f2aaac3fb909eaae2c2b7", - "revCount": 193, + "rev": "7c6042a975808186934e012ad32ae0e03ab60bff", + "revCount": 194, "type": "git", "url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git" }, @@ -531,29 +582,13 @@ "type": "github" } }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { - "lastModified": 1726871744, - "narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=", + "lastModified": 1734126203, + "narHash": "sha256-0XovF7BYP50rTD2v4r55tR5MuBLet7q4xIz6Rgh3BBU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2", + "rev": "71a6392e367b08525ee710a93af2e80083b5b3e2", "type": "github" }, "original": { @@ -565,11 +600,11 @@ }, "nixpkgs-unstable_2": { "locked": { - "lastModified": 1730200266, - "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", + "lastModified": 1736012469, + "narHash": "sha256-/qlNWm/IEVVH7GfgAIyP6EsVZI6zjAx1cV5zNyrs+rI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", + "rev": "8f3e1f807051e32d8c95cd12b9b421623850a34d", "type": "github" }, "original": { @@ -597,16 +632,32 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1730481737, - "narHash": "sha256-HaUCfqLIFX/4wiSKkKKSTwUNmZd1EMy+lGB+faadQXU=", + "lastModified": 1736326617, + "narHash": "sha256-FkhJpO0sDDJwrme4faEevh8Dbhw/Qj1qGrgPgLHaZ7w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f18ab3b08f56abc54bcc2ef9bbca627d45926fee", + "rev": "aedc34a0abc375a413d16802ee5172b4247d20db", "type": "github" }, "original": { "owner": "nixos", - "ref": "release-24.05", + "ref": "release-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1736012469, + "narHash": "sha256-/qlNWm/IEVVH7GfgAIyP6EsVZI6zjAx1cV5zNyrs+rI=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8f3e1f807051e32d8c95cd12b9b421623850a34d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -622,30 +673,36 @@ "nixpkgs": [ "nixpkgs" ], + "nuschtosSearch": "nuschtosSearch", "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1729945968, - "narHash": "sha256-4u+nbBSMuXWGCtXxUPPEflRm54+y/HLIbhIep9do8Ew=", + "lastModified": 1735993984, + "narHash": "sha256-Syew+5yuzysUr07SrGD+GRfZjE11h36TSYbxzEHYyyc=", "owner": "nix-community", "repo": "nixvim", - "rev": "c05ac01070425ed0797b1ff678dc690c333cea74", + "rev": "6bd1c7c5927fa9fdfdfd68f5aa772e6a62b9d779", "type": "github" }, "original": { "owner": "nix-community", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixvim", "type": "github" } }, "nur": { + "inputs": { + "flake-parts": "flake-parts_4", + "nixpkgs": "nixpkgs_4", + "treefmt-nix": "treefmt-nix_3" + }, "locked": { - "lastModified": 1730472538, - "narHash": "sha256-3m4OVGKsbPzMlnS0gVptIZBRlxgqQz+WhfwT+rT823Y=", + "lastModified": 1736340431, + "narHash": "sha256-LGvxsz2CbXU7ro6wD5vutBDYR/OEe+3RowzeHvyt6YE=", "owner": "nix-community", "repo": "NUR", - "rev": "52c21ec8fde46366b1a5555e18d854ee18012ac8", + "rev": "ffd92de0a9e5c1812b00d4e21c8d3b9461409b98", "type": "github" }, "original": { @@ -654,6 +711,29 @@ "type": "github" } }, + "nuschtosSearch": { + "inputs": { + "flake-utils": "flake-utils_3", + "ixx": "ixx", + "nixpkgs": [ + "nixvim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735854821, + "narHash": "sha256-Iv59gMDZajNfezTO0Fw6LHE7uKAShxbvMidmZREit7c=", + "owner": "NuschtOS", + "repo": "search", + "rev": "836908e3bddd837ae0f13e215dd48767aee355f0", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "repo": "search", + "type": "github" + } + }, "poetry2nix": { "inputs": { "flake-utils": "flake-utils", @@ -700,15 +780,14 @@ "inputs": { "nixpkgs": [ "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable" + ] }, "locked": { - "lastModified": 1729999681, - "narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", + "lastModified": 1736203741, + "narHash": "sha256-eSjkBwBdQk+TZWFlLbclF2rAh4JxbGg8az4w/Lfe7f4=", "owner": "mic92", "repo": "sops-nix", - "rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", + "rev": "c9c88f08e3ee495e888b8d7c8624a0b2519cb773", "type": "github" }, "original": { @@ -761,6 +840,21 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ @@ -791,11 +885,32 @@ ] }, "locked": { - "lastModified": 1729613947, - "narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=", + "lastModified": 1735905407, + "narHash": "sha256-1hKMRIT+QZNWX46e4gIovoQ7H8QRb7803ZH4qSKI45o=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "aac86347fb5063960eccb19493e0cadcdb4205ca", + "rev": "29806abab803e498df96d82dd6f34b32eb8dd2c8", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_3": { + "inputs": { + "nixpkgs": [ + "nur", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733222881, + "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "49717b5af6f80172275d47a418c9719a31a78b53", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a57fd50..d067ef9 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { # Nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/release-24.05"; + nixpkgs.url = "github:nixos/nixpkgs/release-24.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # NUR @@ -11,13 +11,13 @@ # Home manager home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; # Nixvim nixvim = { - url = "github:nix-community/nixvim/nixos-24.05"; + url = "github:nix-community/nixvim/nixos-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -28,7 +28,7 @@ # nix-bitcoin nix-bitcoin = { - url = "github:fort-nix/nix-bitcoin/nixos-24.05"; + url = "github:fort-nix/nix-bitcoin/nixos-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/hosts/common/optional/distributed_builds/local-machine.nix b/hosts/common/optional/distributed_builds/local-machine.nix index 6849490..277a223 100644 --- a/hosts/common/optional/distributed_builds/local-machine.nix +++ b/hosts/common/optional/distributed_builds/local-machine.nix @@ -1,4 +1,28 @@ +{ pkgs, configVars, ... }: +let + remoteMachineIp = configVars.networking.addresses.remote-builder.ip; +in { + nix.distributedBuilds = true; + nix.settings.builders-use-substitutes = true; + + nix.buildMachines = [ + { + hostName = remoteMachineIp; + sshUser = "remotebuild"; + sshKey = "/root/.ssh/remotebuild"; + system = pkgs.stdenv.hostPlatform.system; + supportedFeatures = [ "nixos-test" "big-parallel" "kvm" ]; + } + ]; + + # TODO: set known host here when have static ip on main server + # programs.ssh.knownHosts = { + # "merlin" = { + # publicKey = "server pubkey"; + # }; + # }; + sops.secrets = { "ssh_keys/root/remotebuild" = { path = "/root/.ssh/remotebuild"; diff --git a/hosts/common/optional/distributed_builds/remote-builder-machine.nix b/hosts/common/optional/distributed_builds/remote-builder-machine.nix index 74a33cf..5174962 100644 --- a/hosts/common/optional/distributed_builds/remote-builder-machine.nix +++ b/hosts/common/optional/distributed_builds/remote-builder-machine.nix @@ -1,15 +1,24 @@ +{ pkgs, configVars, ... }: +let + remoteBuilderIp = configVars.networking.addresses.remote-builder.ip; +in { - users.users.remotebuild = { - isNormalUser = true; - createHome = false; - group = "remotebuild"; + nix.distributedBuilds = true; + nix.settings.builders-use-substitutes = true; - openssh.authorizedKeys.keyFiles = [ - ./remotebuild.pub - ]; + nix.buildMachines = [ + { + hostName = remoteBuilderIp; + sshUser = "remotebuild"; + sshKey = "/root/.ssh/remotebuild"; + system = pkgs.stdenv.hostPlatform.system; + supportedFeatures = [ "nixos-test" "big-parallel" "kvm" ]; + } + ]; + + sops.secrets = { + "ssh_keys/root/remotebuild" = { + path = "/root/.ssh/remotebuild"; + }; }; - - users.groups.remotebuild = {}; - - nix.settings.trusted-users = ["remotebuild"]; } diff --git a/hosts/semita/default.nix b/hosts/semita/default.nix index 5031bb9..02e0ee5 100644 --- a/hosts/semita/default.nix +++ b/hosts/semita/default.nix @@ -59,6 +59,10 @@ in { ../common/optional/restic-backup.nix ../common/optional/nixos-containers/backup-server.nix + + # Build nix derivations on remote machine + ../common/optional/distributed_builds/local-machine.nix + ]; fileSystems."/media/main-ssd" = {