From 80ccf68f55dbb70d7e5ed52ee95b3c9d1b6ce264 Mon Sep 17 00:00:00 2001 From: Jasper Ras Date: Thu, 20 Mar 2025 11:07:49 +0100 Subject: vault backup: 2025-03-20 11:07:48 --- 3 Resources/Nix/Adding things to the nix store.md | 12 ++++ 3 Resources/Nix/Cleaning the Nix store.md | 11 ++++ 3 Resources/Nix/Flake.md | 62 +++++++++++++++++++ .../Nix/Functional programming vs imperative.md | 26 ++++++++ 3 Resources/Nix/Generating Nix expressions.md | 7 +++ 3 Resources/Nix/Home-manager systemd.md | 35 +++++++++++ 3 Resources/Nix/Hostname changes.md | 6 ++ 3 Resources/Nix/Interpolation.md | 7 +++ 3 Resources/Nix/Nix Manual References.md | 7 +++ 3 Resources/Nix/Nix collect garbage.md | 10 +++ 3 Resources/Nix/NixOS Modules.md | 56 +++++++++++++++++ ...Remote nixos rebuild lacking valid signature.md | 13 ++++ 3 Resources/Nix/Shell.md | 71 ++++++++++++++++++++++ 3 Resources/Nix/Shell.nix.md | 42 ------------- 14 files changed, 323 insertions(+), 42 deletions(-) create mode 100644 3 Resources/Nix/Adding things to the nix store.md create mode 100644 3 Resources/Nix/Cleaning the Nix store.md create mode 100644 3 Resources/Nix/Functional programming vs imperative.md create mode 100644 3 Resources/Nix/Generating Nix expressions.md create mode 100644 3 Resources/Nix/Home-manager systemd.md create mode 100644 3 Resources/Nix/Hostname changes.md create mode 100644 3 Resources/Nix/Interpolation.md create mode 100644 3 Resources/Nix/Nix Manual References.md create mode 100644 3 Resources/Nix/Nix collect garbage.md create mode 100644 3 Resources/Nix/NixOS Modules.md create mode 100644 3 Resources/Nix/Remote nixos rebuild lacking valid signature.md create mode 100644 3 Resources/Nix/Shell.md delete mode 100644 3 Resources/Nix/Shell.nix.md (limited to '3 Resources/Nix') diff --git a/3 Resources/Nix/Adding things to the nix store.md b/3 Resources/Nix/Adding things to the nix store.md new file mode 100644 index 0000000..98b2c17 --- /dev/null +++ b/3 Resources/Nix/Adding things to the nix store.md @@ -0,0 +1,12 @@ +--- +tags: + - nix +--- +It's possible to use `nix-prefetch-url`: +``` +nixos main +❯ nix-prefetch-url --name displaylink-610.zip https://www.synaptics.com/sites/default/files/exe_files/2024-10/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.1-EXE.zip +path is '/nix/store/a10lxg1y9hc5ida4npg2mrmymc8932hl-displaylink-610.zip' +1b3w7gxz54lp0hglsfwm5ln93nrpppjqg5sfszrxpw4qgynib624 + +``` \ No newline at end of file diff --git a/3 Resources/Nix/Cleaning the Nix store.md b/3 Resources/Nix/Cleaning the Nix store.md new file mode 100644 index 0000000..4ec07c0 --- /dev/null +++ b/3 Resources/Nix/Cleaning the Nix store.md @@ -0,0 +1,11 @@ +--- +tags: + - nix +references: + - https://www.reddit.com/r/NixOS/comments/10107km/how_to_delete_old_generations_on_nixos/ + - https://nixos.org/manual/nixos/unstable/#sec-nix-gc +--- +``` +sudo nix-collect-garbage -d +sudo nixos-rebuild boot +``` \ No newline at end of file diff --git a/3 Resources/Nix/Flake.md b/3 Resources/Nix/Flake.md index 754556f..d191989 100644 --- a/3 Resources/Nix/Flake.md +++ b/3 Resources/Nix/Flake.md @@ -18,5 +18,67 @@ In flakes dependencies have to be specified explicitly and MUST be locked to spe Output of a Flake is an arbitrary [[Zettelkast/Index/Nix]] value such as a package, [[NixOS]] module or library function. Commands `nix build` and `nix shell` will build the output `packages..default` unless we specify another output, for example: `nix shell .#checks.aarch64-linux.build`. + +**Inputs** +``` +{ + inputs = { + # GitHub repository as the data source, specifying the master branch. + # This is the most common input format. + nixpkgs.url = "github:Mic92/nixpkgs/master"; + # Git URL, applicable to any Git repository using the https/ssh protocol. + git-example.url = "git+https://git.somehost.tld/user/path?ref=branch"; + # Git URL by tag, applicable to any Git repository using the https/ssh protocol. + git-example-tag.url = "git+https://git.somehost.tld/user/path?tag=x.y.x"; + # Github URL by pull request. + git-pr.url = "github:NixOS/nixpkgs?ref=pull/349351/head"; + # Git URL with submodules, applicable to any Git repository using the https/ssh protocol. + git-example-submodule.url = "git+https://git.somehost.tld/user/path?submodules=1"; + # Archive File URL, needed in case your input use LFS. + # Regular git input doesn't support LFS yet. + git-example-lfs.url = "https://codeberg.org/solver-orgz/treedome/archive/master.tar.gz"; + # Similar to fetching a Git repository, but using the ssh protocol + # with key authentication. Also uses the shallow=1 parameter + # to avoid copying the .git directory. + ssh-git-example.url = "git+ssh://git@github.com/ryan4yin/nix-secrets.git?shallow=1"; + # It's also possible to directly depend on a local Git repository. + git-directory-example.url = "git+file:/path/to/repo?shallow=1"; + # Using the `dir` parameter to specify a subdirectory. + nixpkgs.url = "github:foo/bar?dir=shu"; + # Local folder (if using an absolute path, the 'path:' prefix can be omitted). + directory-example.url = "path:/path/to/repo"; + + # If the data source is not a flake, set flake=false. + # `flake=false` is usually used to include additional source code, + # configuration files, etc. + # In Nix code, you can directly reference files within + # it using "${inputs.bar}/xxx/xxx" notation. + # For example, import "${inputs.bar}/xxx/xxx.nix" to import a specific nix file, + # or use "${inputs.bar}/xx/xx" as a path parameter for certain options. + bar = { + url = "github:foo/bar/branch"; + flake = false; + }; + + sops-nix = { + url = "github:Mic92/sops-nix"; + # `follows` is the inheritance syntax within inputs. + # Here, it ensures that sops-nix's `inputs.nixpkgs` aligns with + # the current flake's inputs.nixpkgs, + # avoiding inconsistencies in the dependency's nixpkgs version. + inputs.nixpkgs.follows = "nixpkgs"; + }; + + # Lock the flake to a specific commit. + nix-doom-emacs = { + url = "github:vlaci/nix-doom-emacs?rev=238b18d7b2c8239f676358634bfb32693d3706f3"; + flake = false; + }; + }; + + outputs = { self, ... }@inputs: { ... }; +} +``` + --- [Flakes Wiki](https://nixos.wiki/wiki/Flakes) \ No newline at end of file diff --git a/3 Resources/Nix/Functional programming vs imperative.md b/3 Resources/Nix/Functional programming vs imperative.md new file mode 100644 index 0000000..8c2619a --- /dev/null +++ b/3 Resources/Nix/Functional programming vs imperative.md @@ -0,0 +1,26 @@ +--- +tags: + - programming + - nix +--- +While working on a NixOS module I made a realisation on the difference between functional and imperative programming. +I was trying to configure `systemd.tmpfiles.rules` to create directories for git repositories. After looking a bit how to iterate; i tried the following: +```nix +let + paths = ["abs_paths" ...] +in +{ + map(p: systemd.tmpfiles.rules = ["d {$p} ..."];); +} +``` +This is very much originating from the imperative mindset; we loop over a list and then do stuff like setting variables and calling other functions. However in functional programming we do not! This is the correct version in functional programming: +```nix +let + paths = [ "abs_paths" ... ]; +in +{ + systemd.tmpfiles.rules = map(p: "d ${p} ..") paths; +} +``` + +Functions are pure, we can't assign stuff inside of their bodies because that would make them impure. Instead we can just return a value; in this case an array and *then* assign it. \ No newline at end of file diff --git a/3 Resources/Nix/Generating Nix expressions.md b/3 Resources/Nix/Generating Nix expressions.md new file mode 100644 index 0000000..347a7af --- /dev/null +++ b/3 Resources/Nix/Generating Nix expressions.md @@ -0,0 +1,7 @@ +--- +tags: + - nix +--- +From this repo it looks like we can convert JSON into Nix using `nix-instantiate --expr --eval builtins.fromJSON ` + +https://github.com/Janik-Haag/nm2nix/blob/main/nm2nix.py \ No newline at end of file diff --git a/3 Resources/Nix/Home-manager systemd.md b/3 Resources/Nix/Home-manager systemd.md new file mode 100644 index 0000000..d4a1460 --- /dev/null +++ b/3 Resources/Nix/Home-manager systemd.md @@ -0,0 +1,35 @@ +--- +tags: + - nix + - home-manager + - systemd +--- +Config options start with `systemd.user` + +Home-manager manages the enabling and such based on the dependencies of the unit. +So we can something like +``` +Install = { + WantedBy = [ "default.target" ]; +}; +``` + +And it will enable it. + +Another example +```nix +systemd.user.services.astal = { + Unit = { + Description = "Runs the astal bar instance"; + After = [ "graphical-session-pre.target" ]; + }; + Service = { + Type = "exec"; + ExecStart = "some-bin"; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; +}; +``` \ No newline at end of file diff --git a/3 Resources/Nix/Hostname changes.md b/3 Resources/Nix/Hostname changes.md new file mode 100644 index 0000000..0aaa324 --- /dev/null +++ b/3 Resources/Nix/Hostname changes.md @@ -0,0 +1,6 @@ +--- +tags: + - nixos + - nixos-anywhere +--- +When using nixos-anywhere and passing it a hostname; it changes during kexec to nixos-anywhere. But the script will continue attempting to connect to whatever we gave it. Therefore we should pass it an IP address instead. \ No newline at end of file diff --git a/3 Resources/Nix/Interpolation.md b/3 Resources/Nix/Interpolation.md new file mode 100644 index 0000000..bbdb457 --- /dev/null +++ b/3 Resources/Nix/Interpolation.md @@ -0,0 +1,7 @@ +--- +tags: + - nix +references: + - https://nix.dev/manual/nix/2.24/language/syntax#string-literal +--- +In a normal string we can use backslash to escape. In indented strings we should use double backticks. \ No newline at end of file diff --git a/3 Resources/Nix/Nix Manual References.md b/3 Resources/Nix/Nix Manual References.md new file mode 100644 index 0000000..486a2fe --- /dev/null +++ b/3 Resources/Nix/Nix Manual References.md @@ -0,0 +1,7 @@ +--- +tags: + - nix +references: + - https://nix.dev/manual/nix/2.24/language/builtins.html + - https://nixos.org/manual/nixpkgs/stable +--- diff --git a/3 Resources/Nix/Nix collect garbage.md b/3 Resources/Nix/Nix collect garbage.md new file mode 100644 index 0000000..65e6aad --- /dev/null +++ b/3 Resources/Nix/Nix collect garbage.md @@ -0,0 +1,10 @@ +--- +tags: + - nix +references: + - https://www.reddit.com/r/NixOS/comments/10107km/how_to_delete_old_generations_on_nixos/ +--- +``` +sudo nix-collect-garbage -d +sudo nixos-rebuild boot +``` \ No newline at end of file diff --git a/3 Resources/Nix/NixOS Modules.md b/3 Resources/Nix/NixOS Modules.md new file mode 100644 index 0000000..1ab4c25 --- /dev/null +++ b/3 Resources/Nix/NixOS Modules.md @@ -0,0 +1,56 @@ +--- +tags: + - nix + - nixos +references: + - https://nixos.org/manual/nixos/unstable/#sec-writing-modules + - https://nixos.org/manual/nixpkgs/stable/#module-system-lib-evalModules + - https://nix.dev/tutorials/module-system/ + - llk +--- +Extra care must be taken when writing systemd services using Exec* due to interpolation and such. `utils.escapeSystemdExecArg` and `utils.escapeSystemdExecArg` exist. + +```nix +{ + options = { + name = mkOption { + type = type specification; + default = default value; + example = example value; + description = "Description for use in the NixOS manual."; + }; + }; +} +``` + +**A list of submodules** +```nix +{ + options.mod = mkOption { + description = "submodule example"; + type = with types; listOf (submodule { + options = { + foo = mkOption { + type = int; + }; + bar = mkOption { + type = str; + }; + }; + }); + }; +} +``` + + +**Testing** +```nix eval.nix +let + pkgs = import {}; + res = pkgs.lib.evalModules { + modules = [./git-repos.nix]; + }; +in +res.config +``` +`nix-instantiate --eval eval.nix` \ No newline at end of file diff --git a/3 Resources/Nix/Remote nixos rebuild lacking valid signature.md b/3 Resources/Nix/Remote nixos rebuild lacking valid signature.md new file mode 100644 index 0000000..82e03b2 --- /dev/null +++ b/3 Resources/Nix/Remote nixos rebuild lacking valid signature.md @@ -0,0 +1,13 @@ +--- +tags: + - nix + - nixos +references: + - https://nixos.wiki/wiki/Nixos-rebuild +--- +When rebuilding on a remote it might spew an error containing: "is lacking a valid signature". To remedy this we need to add our non-root user as a trusted user; +``` +nix.extraOptions = '' + trusted-users jras +''; +``` \ No newline at end of file diff --git a/3 Resources/Nix/Shell.md b/3 Resources/Nix/Shell.md new file mode 100644 index 0000000..08e7c53 --- /dev/null +++ b/3 Resources/Nix/Shell.md @@ -0,0 +1,71 @@ +--- +tags: + - nix + - shell +--- +Basic invocation: `nix-shell -p [ pkgs ... ]` + +# Shebang +``` +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p bash + +do stuff +``` + +Different interpreters can be set with the `-i` option such as python +``` +#! /usr/bin/env nix-shell +#! nix-shell -i python3 -p python3 + +print("hello world") +``` + +The `-I` option can be used to pin nixpkgs +``` +#! /usr/bin/env nix-shell +#! nix-shell -i bash +#! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/aed4b19d312525ae7ca9bceb4e1efe3357d0e2eb.tar.gz + +echo hello world +``` +# Shell.nix +Can be used to set up per dir environments, e.g using direnv to automatically activate them. +## Python +https://nixos.org/manual/nixpkgs/stable/#python + +```nix +{ pkgs ? import {}}: + +pkgs.mkShell { + packages = [ pkgs.virtualenv ]; +} +``` + +```nix +with import {}; +let + my_toolz = python311.pkgs.buildPythonPackage rec { + pname = "toolz"; + version = "0.10.0"; + pyproject = true; + src = fetchPypi { + inherit pname version; + hash = "sha256-CP3V73yWSArRHBLUct4hrNMjWZlvaaUlkpm1QP66RWA="; + }; + nativeBuildInputs = [ + python311.pkgs.setuptools + python311.pkgs.wheel + ]; # has no tests + doCheck = false; + meta = { + homepage = "https://github.com/pytoolz/toolz/"; + description = "List processing tools and functional utilities"; + # [...] + }; + }; +in python311.withPackages (ps: with ps; [ numpy my_toolz ]) ).env +``` + + The [[Import]] is required here because imports a nix expression from another source, in this case nixpkgs. +It is not required at line two, because python310Packages itself is already in the local scope. \ No newline at end of file diff --git a/3 Resources/Nix/Shell.nix.md b/3 Resources/Nix/Shell.nix.md deleted file mode 100644 index 13715c2..0000000 --- a/3 Resources/Nix/Shell.nix.md +++ /dev/null @@ -1,42 +0,0 @@ -#nix #shell - ---- -Can be used to set up per dir environments, e.g using direnv to automatically activate them. -## Python -https://nixos.org/manual/nixpkgs/stable/#python - -```nix -{ pkgs ? import {}}: - -pkgs.mkShell { - packages = [ pkgs.virtualenv ]; -} -``` - -```nix -with import {}; -let - my_toolz = python311.pkgs.buildPythonPackage rec { - pname = "toolz"; - version = "0.10.0"; - pyproject = true; - src = fetchPypi { - inherit pname version; - hash = "sha256-CP3V73yWSArRHBLUct4hrNMjWZlvaaUlkpm1QP66RWA="; - }; - nativeBuildInputs = [ - python311.pkgs.setuptools - python311.pkgs.wheel - ]; # has no tests - doCheck = false; - meta = { - homepage = "https://github.com/pytoolz/toolz/"; - description = "List processing tools and functional utilities"; - # [...] - }; - }; -in python311.withPackages (ps: with ps; [ numpy my_toolz ]) ).env -``` - -The [[Import]] is required here because imports a nix expression from another source, in this case nixpkgs. -It is not required at line two, because python310Packages itself is already in the local scope. \ No newline at end of file -- cgit v1.2.3