foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-07 06:19:00 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

config: make configurable nixpkgs channel for images

Browse Source 
Now we can finally easily declare the nixpkgs channel for individual
images. This is nice once I've expanded the images for other purposes
such as physical hosts (for homelabbing).

Unfortunately, this is where I realized that stable channels are not
exactly "Debian-stable" and the best way to handle security is to have
an update cadence that is relatively quick.
This commit is contained in:
Gabriel Arazas 2023-06-22 11:01:41 +08:00
parent a0219f6260
commit 241e2080f2
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
4 changed files with 62 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
flake.lock generated
View File

@ -687,6 +687,54 @@
"type": "github" "type": "github"
} }
}, },
"nixos-stable": {
"locked": {
"lastModified": 1687288566,
"narHash": "sha256-VckkiJ88Gzdc2cstm0z5eFcrHbvkm4VjxavHBGssvZI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b6c73c5fe53bb3afbf65e870541e0645e9145171",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixos-unstable": {
"locked": {
"lastModified": 1686960236,
"narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "04af42f3b31dba0ef742d254456dc4c14eedac86",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixos-unstable-small": {
"locked": {
"lastModified": 1687369486,
"narHash": "sha256-BFXrDo7yuLamfbi53voC2TrHHTKEr/LJ0P+qSP51xkg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8b0f22dc5155e8a6d329520c27751dfb0f821d63",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1665763903, "lastModified": 1665763903,
@ -771,22 +819,6 @@
} }
}, },
"nixpkgs-stable_2": { "nixpkgs-stable_2": {
"locked": {
"lastModified": 1686921029,
"narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_3": {
"locked": { "locked": {
"lastModified": 1687031877, "lastModified": 1687031877,
"narHash": "sha256-yMFcVeI+kZ6KD2QBrFPNsvBrLq2Gt//D0baHByMrjFY=", "narHash": "sha256-yMFcVeI+kZ6KD2QBrFPNsvBrLq2Gt//D0baHByMrjFY=",
@ -933,8 +965,10 @@
"nix-colors": "nix-colors", "nix-colors": "nix-colors",
"nix-ld": "nix-ld", "nix-ld": "nix-ld",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixos-stable": "nixos-stable",
"nixos-unstable": "nixos-unstable",
"nixos-unstable-small": "nixos-unstable-small",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable_2",
"nur": "nur", "nur": "nur",
"rust-overlay": "rust-overlay_2", "rust-overlay": "rust-overlay_2",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
@ -988,7 +1022,7 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": "nixpkgs-stable_3" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1687058111, "lastModified": 1687058111,

8
flake.nix
View File

@ -13,7 +13,12 @@
# `nixpkgs-unstable` branch could be faster delivering updates, it is # `nixpkgs-unstable` branch could be faster delivering updates, it is
# looser when it comes to stability for the entirety of this configuration. # looser when it comes to stability for the entirety of this configuration.
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
# Here are the nixpkgs variants used for creating the system configuration
# in `mkHost`.
nixos-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixos-unstable-small.url = "github:NixOS/nixpkgs/nixos-unstable-small";
# We're using these libraries for other functions. # We're using these libraries for other functions.
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
@ -297,6 +302,7 @@
mkHost { mkHost {
inherit extraModules extraArgs; inherit extraModules extraArgs;
system = metadata.system or defaultSystem; system = metadata.system or defaultSystem;
nixpkgs-channel = metadata.nixpkgs-channel or "nixpkgs";
}) })
images; images;

1
images.toml
View File

@ -25,6 +25,7 @@ format = "vm"
[bootstrap] [bootstrap]
system = "x86_64-linux" system = "x86_64-linux"
format = "install-iso" format = "install-iso"
nixpkgs-channel = "nixos-unstable-small"
[graphical-installer] [graphical-installer]
system = "x86_64-linux" system = "x86_64-linux"

4
lib/images.nix
View File

@ -7,8 +7,8 @@ let
in in
{ {
# A wrapper around the NixOS configuration function. # A wrapper around the NixOS configuration function.
mkHost = { system, extraModules ? [ ], extraArgs ? { } }: mkHost = { system, extraModules ? [ ], extraArgs ? { }, nixpkgs-channel ? "nixpkgs" }:
(lib.makeOverridable inputs.nixpkgs.lib.nixosSystem) { (lib.makeOverridable inputs."${nixpkgs-channel}".lib.nixosSystem) {
# The system of the NixOS system. # The system of the NixOS system.
inherit system lib; inherit system lib;
specialArgs = extraArgs; specialArgs = extraArgs;