summaryrefslogtreecommitdiff
path: root/3 Resources/Nix
diff options
context:
space:
mode:
Diffstat (limited to '3 Resources/Nix')
-rw-r--r--3 Resources/Nix/Apply custom patches.md17
-rw-r--r--3 Resources/Nix/Build images with Nix.md28
-rw-r--r--3 Resources/Nix/Flake.md22
-rw-r--r--3 Resources/Nix/How Nix works.md22
-rw-r--r--3 Resources/Nix/Import.md5
-rw-r--r--3 Resources/Nix/Nix build vm.md32
-rw-r--r--3 Resources/Nix/Overlays.md11
-rw-r--r--3 Resources/Nix/Package.md6
-rw-r--r--3 Resources/Nix/REPL.md5
-rw-r--r--3 Resources/Nix/Shell.nix.md42
10 files changed, 190 insertions, 0 deletions
diff --git a/3 Resources/Nix/Apply custom patches.md b/3 Resources/Nix/Apply custom patches.md
new file mode 100644
index 0000000..370c53a
--- /dev/null
+++ b/3 Resources/Nix/Apply custom patches.md
@@ -0,0 +1,17 @@
+#nix #packages #overlay
+
+---
+We can apply patches to existing packages using [[Overlays]]:
+```nix
+final: prev {
+ nova = prev.nova.overrideAttrs (old: {
+ patches = (old.patches or []) ++ [
+ prev.fetchpatch {
+ url = "https://github.com/owner/repo/commit/hash.patch";
+ hash = "somehash";
+ })
+ ./relative.patch
+ ]
+ })
+}
+```
diff --git a/3 Resources/Nix/Build images with Nix.md b/3 Resources/Nix/Build images with Nix.md
new file mode 100644
index 0000000..3a02a05
--- /dev/null
+++ b/3 Resources/Nix/Build images with Nix.md
@@ -0,0 +1,28 @@
+---
+tags:
+ - nix
+ - image
+---
+`nix-build '<nixpkgs/nixos/release.nix>' -A iso_minimal.x86_64-linux --arg configuration ./nginx-test.nix -o ./result`
+
+where nginx-test.nix is:
+```
+{ pkgs, ... }:
+{
+ security.acme.acceptTerms = true;
+ security.acme.email = "jaspert.ras@gmail.com";
+ services.nginx = {
+ enable = true;
+ recommendedGzipSettings = true;
+ recommendedOptimisation = true;
+ recommendedProxySettings = true;
+ recommendedTlsSettings = true;
+ virtualHosts."jras.nl" = {
+ enableACME = true;
+ forceSSL = true;
+ locations."/".root = "${pkgs.nginx}/html";
+ };
+ };
+}
+```
+
diff --git a/3 Resources/Nix/Flake.md b/3 Resources/Nix/Flake.md
new file mode 100644
index 0000000..754556f
--- /dev/null
+++ b/3 Resources/Nix/Flake.md
@@ -0,0 +1,22 @@
+#nix #flake
+
+---
+Nix flakes are source trees containing a file `flake.nix` at their root. The file `flake.nix` provides a standardized way to provide [[Zettelkast/Index/Nix]] artifacts. It's like a package manager for [[Zettelkast/Index/Nix]]. A flake can be dependent on other Flakes and it's possible to pin dependencies to exact revisions by using a `flake.lock` file.
+
+Nix flake evaluation is hermetic, meaning that it produces the same result wherever it's built.k
+
+The feature can be enabled in `~/.config/nix/nix.conf`:
+
+```
+experimental-features = nix-command flakes
+```
+
+To initialize in a repo: `nix flake init`.
+
+In flakes dependencies have to be specified explicitly and MUST be locked to specific versions therefore it's no longer allowed to use the nixpkgs found in `NIX_PATH` by referencing it like `<nixpkgs>`.
+
+Output of a Flake is an arbitrary [[Zettelkast/Index/Nix]] value such as a package, [[NixOS]] module or library function.
+Commands `nix build` and `nix shell` will build the output `packages.<system>.default` unless we specify another output, for example: `nix shell .#checks.aarch64-linux.build`.
+
+---
+[Flakes Wiki](https://nixos.wiki/wiki/Flakes) \ No newline at end of file
diff --git a/3 Resources/Nix/How Nix works.md b/3 Resources/Nix/How Nix works.md
new file mode 100644
index 0000000..07b8623
--- /dev/null
+++ b/3 Resources/Nix/How Nix works.md
@@ -0,0 +1,22 @@
+---
+tags:
+ - nix
+references:
+ - https://github.com/NixOS/nixpkgs
+---
+The hash in the store path is a hash of the package's dependency graph. Thus it changes if even one dependency changes. This enables many versions of the same package be present in the store, which might be dependencies to other packages..
+
+Atomicity -> Packages are never overwritten, only new paths are ever added.
+ V
+ Enables rollbacking
+
+Source deployment model -> Build program + dependencies from source upon installation.
+Binary cache -> a web server that provided pre-built binaries.
+
+Nixpkgs[1] is a set of Nix expressions for building existing UNIX packages.
+
+NixOS extends Nix by also building configuration, thus enabling the same features for config.
+
+"NixOS has a _transactional_ approach to configuration management: configuration changes such as upgrades are _atomic_. This means that if the upgrade to a new configuration is interrupted — say, the power fails half-way through — the system will still be in a consistent state: it will either boot in the old or the new configuration. In most other systems, you’ll end up in an inconsistent state, and your machine may not even boot anymore."
+
+Presumably this means that in some way they make it so the system config is only changed by updating a single point. \ No newline at end of file
diff --git a/3 Resources/Nix/Import.md b/3 Resources/Nix/Import.md
new file mode 100644
index 0000000..d201c74
--- /dev/null
+++ b/3 Resources/Nix/Import.md
@@ -0,0 +1,5 @@
+#nix #keyword
+
+---
+The import keyword brings a Nix expression from another source into scope such that we can reference it. For example, we can `import <nixpkgs>` and it would bring the entire attribute set that is Nixpkgs into scope and allows us to reference any of its attributes.
+
diff --git a/3 Resources/Nix/Nix build vm.md b/3 Resources/Nix/Nix build vm.md
new file mode 100644
index 0000000..24849a2
--- /dev/null
+++ b/3 Resources/Nix/Nix build vm.md
@@ -0,0 +1,32 @@
+---
+tags:
+ - nix
+ - qemu
+---
+`nixos-buildvm` dumps a shell script that:
+
+Creates an empty filesystem image (qcow2) using qemu-img
+
+A qemu KVM VM is started
+```
+exec /nix/store/5v70rrpzv3jwcg7ixa5k9zk0j0lai3nd-qemu-host-cpu-only-9.1.2/bin/qemu-kvm -cpu max \
+ -name tarrel \
+ -m 1024 \
+ -smp 1 \
+ -device virtio-rng-pci \
+ -net nic,netdev=user.0,model=virtio -netdev user,id=user.0,"$QEMU_NET_OPTS" \
+ -virtfs local,path=/nix/store,security_model=none,mount_tag=nix-store \
+ -virtfs local,path="${SHARED_DIR:-$TMPDIR/xchg}",security_model=none,mount_tag=shared \
+ -virtfs local,path="$TMPDIR"/xchg,security_model=none,mount_tag=xchg \
+ -drive cache=writeback,file="$NIX_DISK_IMAGE",id=drive1,if=none,index=1,werror=report -device virtio-blk-pci,bootindex=1,drive=drive1,serial=root \
+ -device virtio-keyboard \
+ -usb \
+ -device usb-tablet,bus=usb-bus.0 \
+ -kernel ${NIXPKGS_QEMU_KERNEL_tarrel:-/nix/store/47zad70cn0qi0pkvv21b43qwiis50lis-nixos-system-tarrel-24.11pre-git/kernel} \
+ -initrd /nix/store/aqbxrnk7jg7piy7g85npm9xysmrvlihw-initrd-linux-6.6.71/initrd \
+ -append "$(cat /nix/store/47zad70cn0qi0pkvv21b43qwiis50lis-nixos-system-tarrel-24.11pre-git/kernel-params) init=/nix/store/47zad70cn0qi0pkvv21b43qwiis50lis-nixos-system-tarrel-24.11pre-git/init regInfo=/nix/store/fii757n9q5f603hmqfdni49lskni93cb-closure-info/registration console=ttyS0,115200n8 console=tty0 $QEMU_KERNEL_PARAMS" \
+ $QEMU_OPTS \
+ "$@"
+```
+
+It shared 3 dirs from the host with the guest most notably the nix store. The disk image is used as a [[Wri]] \ No newline at end of file
diff --git a/3 Resources/Nix/Overlays.md b/3 Resources/Nix/Overlays.md
new file mode 100644
index 0000000..8ee33f3
--- /dev/null
+++ b/3 Resources/Nix/Overlays.md
@@ -0,0 +1,11 @@
+#nix #overlay
+
+---
+Functions that accept two args (conventionally: final, prev) and return a set of [[Package]]s.
+
+The `prev` arguments holds the set of packages of the "parent" overlay while the `final` argument holds the end result of **all** overlays applied. This means that overlays depend on each other. It is unclear how we can tell on which overlay an overlay depends.
+
+We can use it to override existing packages or add new packages.
+
+---
+https://nixos.wiki/wiki/Overlays
diff --git a/3 Resources/Nix/Package.md b/3 Resources/Nix/Package.md
new file mode 100644
index 0000000..32c6bd4
--- /dev/null
+++ b/3 Resources/Nix/Package.md
@@ -0,0 +1,6 @@
+#nix #packages
+
+---
+Packages != NixOS Modules
+
+Packages come from Nixpkgs. \ No newline at end of file
diff --git a/3 Resources/Nix/REPL.md b/3 Resources/Nix/REPL.md
new file mode 100644
index 0000000..210b980
--- /dev/null
+++ b/3 Resources/Nix/REPL.md
@@ -0,0 +1,5 @@
+#nix #repl
+
+---
+`nix repl` to interactively evaluate Nix expressions. `:p` if output is not full.
+ `nix-instantiate --eval <file>.nix` to evaluate a Nix expression from a file. `--strict`. \ No newline at end of file
diff --git a/3 Resources/Nix/Shell.nix.md b/3 Resources/Nix/Shell.nix.md
new file mode 100644
index 0000000..13715c2
--- /dev/null
+++ b/3 Resources/Nix/Shell.nix.md
@@ -0,0 +1,42 @@
+#nix #shell
+
+---
+Can be used to set up per dir environments, e.g using direnv to automatically activate them.
+## Python
+https://nixos.org/manual/nixpkgs/stable/#python
+
+```nix
+{ pkgs ? import <nixpkgs> {}}:
+
+pkgs.mkShell {
+ packages = [ pkgs.virtualenv ];
+}
+```
+
+```nix
+with import <nixpkgs> {};
+let
+ my_toolz = python311.pkgs.buildPythonPackage rec {
+ pname = "toolz";
+ version = "0.10.0";
+ pyproject = true;
+ src = fetchPypi {
+ inherit pname version;
+ hash = "sha256-CP3V73yWSArRHBLUct4hrNMjWZlvaaUlkpm1QP66RWA=";
+ };
+ nativeBuildInputs = [
+ python311.pkgs.setuptools
+ python311.pkgs.wheel
+ ]; # has no tests
+ doCheck = false;
+ meta = {
+ homepage = "https://github.com/pytoolz/toolz/";
+ description = "List processing tools and functional utilities";
+ # [...]
+ };
+ };
+in python311.withPackages (ps: with ps; [ numpy my_toolz ]) ).env
+```
+
+The [[Import]] is required here because imports a nix expression from another source, in this case nixpkgs.
+It is not required at line two, because python310Packages itself is already in the local scope. \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 23:30:11 +0000