ci: bump DeterminateSystems/magic-nix-cache-action from 8 to 9 (#33)

Bumps [DeterminateSystems/magic-nix-cache-action](https://github.com/determinatesystems/magic-nix-cache-action) from 8 to 9.
- [Release notes](https://github.com/determinatesystems/magic-nix-cache-action/releases)
- [Commits](https://github.com/determinatesystems/magic-nix-cache-action/compare/v8...v9)

---
updated-dependencies:
- dependency-name: DeterminateSystems/magic-nix-cache-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/build-devcontainers.yml

@@ -10,7 +10,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@v16
-      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - uses: DeterminateSystems/magic-nix-cache-action@v9
         with:
           extra-conf: |
             keep-going = true

.github/workflows/build.yml

@@ -10,7 +10,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@v16
-      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - uses: DeterminateSystems/magic-nix-cache-action@v9
         with:
           extra-conf: |
             keep-going = true

.github/workflows/iso.yml

@@ -15,10 +15,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@v16
-      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - uses: DeterminateSystems/magic-nix-cache-action@v9
       - name: Build ISO
         run: |
-          nix build .#images.${{ matrix.arch }}.bootstrap-install-iso --impure --out-link build-iso-result
+          nix build .#images.${{ matrix.arch }}.bootstrap-install-iso --out-link build-iso-result
         env:
           NIXPKGS_ALLOW_BROKEN: "1"
           NIXPKGS_ALLOW_UNFREE: "1"

.github/workflows/site.yml

@@ -10,7 +10,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@v16
-      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - uses: DeterminateSystems/magic-nix-cache-action@v9
       - env:
           NIXPKGS_ALLOW_UNFREE: "1"
         run: nix build .#devPackages.x86_64-linux.website

Justfile

@@ -10,6 +10,10 @@ update:
 host-build HOST *ARGS:
     nixos-rebuild --flake '.#{{HOST}}-{{arch()}}-{{os()}}' {{ARGS}}
 
+# Small wrapper for installing NixOS systems.
+nixos-install HOST *ARGS:
+    disko-install --flake '.#{{HOST}}-{{arch()}}-{{os()}}' {{ARGS}}
+
 # Update a package with nix-update.
 pkg-update PKG *ARGS:
     nix-update -f pkgs {{PKG}} {{ARGS}}

README.adoc

@@ -82,6 +82,12 @@ nix-shell -p disko git
 # Run the following commands as root.
 disko --mode disko [--arg disk "/dev/sda"] --flake {canonical_flake_url}#external-hdd
 nixos-install --no-root-passwd --root /mnt --flake {canonical_flake_url}#graphical-installer-x86_64-linux
+
+# As an alternative, you can also run the following command.
+disko-install --mode disko --flake {canonical_flake_url}#graphical-installer-x86_64-linux
+
+# Or this...
+just nixos-install graphical-installer
 ----
 
 Also, the installer configuration also includes Guix which means it's also a Guix System installer.
@@ -96,6 +102,12 @@ NO ADDITIONAL `mount` COMMANDS NEEDED!
 # Also run these as root.
 disko --mode disko [--arg disk "/dev/nvme0n1"] --flake {canonical_flake_url}#ni-x86_64-linux
 nixos-install --flake {canonical_flake_url}#ni-x86_64-linux
+
+# Or just run this.
+disko-install --mode disko --flake {canonical_flake_url}#ni-x86_64-linux
+
+# Or this...
+just nixos-install ni
 ----
 
 And voilà!

configs/flake-parts/nixos.nix

@@ -98,8 +98,10 @@ in {
       # The barely customized non-graphical installer.
       bootstrap = {
         nixpkgs.branch = "nixos-unstable-small";
+        home-manager.branch = "home-manager-unstable";
         systems = [ "aarch64-linux" "x86_64-linux" ];
         formats = [ "install-iso" ];
+        shouldBePartOfNixOSConfigurations = true;
       };
 
       # The barely customized graphical installer.

configs/nixos/bootstrap/default.nix

@@ -10,7 +10,7 @@
 
   config = lib.mkMerge [
     {
-      boot.kernelPackages = pkgs.linuxPackages_6_6;
+      boot.kernelPackages = pkgs.linuxPackages_6_12;
 
       # Assume that this will be used for remote installations.
       services.openssh = {
@@ -23,7 +23,7 @@
 
     (lib.mkIf (foodogsquaredLib.nixos.isFormat config "isoImage") {
       isoImage = {
-        isoBaseName = config.networking.hostName;
+        isoBaseName = lib.mkForce "${config.networking.hostName}-${config.isoImage.edition}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}";
         edition = "minimal";
 
         squashfsCompression = "zstd -Xcompression-level 11";

configs/nixos/graphical-installer/default.nix

@@ -59,7 +59,7 @@
 
     (lib.mkIf (foodogsquaredLib.nixos.isFormat config "isoImage") {
       isoImage = {
-        isoBaseName = config.networking.hostName;
+        isoBaseName = lib.mkForce "${config.networking.hostName}-${config.isoImage.edition}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}";
         edition = "a-happy-gnome";
 
         squashfsCompression = "zstd -Xcompression-level 12";

devcontainers/README.adoc

@@ -0,0 +1,19 @@
+= devcontainers
+:toc:
+
+
+Docker/OCI containers that are entirely built with Nix ecosystem.
+For now, it is required to have `flakes` experimental feature enabled since some of the containers make use of them. footnote:[Ideally, it shouldn't but importing other Nix projects is pretty painful unless we go with either flakes and a dedicated pinning tool all the way.]
+
+You can build this set of containers with the following command:
+
+[source, shell]
+----
+# Either by referring to the files (which is easier IMO)...
+nix build -f ./devcontainers [NAME] # or no name at all to build all of them.
+
+# ...or by referring to the flake output.
+nix build .#devContainers.$SYSTEM.$NAME
+----
+
+This set of containers should also be published at GitHub Container Registry at `ghcr.io/foo-dogsquared/nixos-config/$NAME`

devcontainers/default.nix

@@ -4,4 +4,7 @@ let inherit (pkgs) callPackage;
 in {
   rustBackend = callPackage ./rust-backend.nix { };
   jsBackend = callPackage ./js-backend.nix { };
+  ruby_3_2 = callPackage ./ruby-on-rails.nix { ruby = pkgs.ruby_3_2; };
+  ruby_3_3 = callPackage ./ruby-on-rails.nix { ruby = pkgs.ruby_3_3; };
+  ruby_3_4 = callPackage ./ruby-on-rails.nix { ruby = pkgs.ruby_3_4; };
 }

devcontainers/js-backend.nix

@@ -1,20 +1,6 @@
 { dockerTools, foodogsquaredLib, nodejs, bun, pnpm }:
 
-dockerTools.buildImage {
-  name = "fds-js-backend";
-
-  copyToRoot = foodogsquaredLib.buildFDSEnv {
-    name = "fds-js-backend-root";
-    paths = [ nodejs bun pnpm ];
-  };
-
-  runAsRoot = ''
-    mkdir -p /data
-  '';
-
-  config = {
-    Cmd = [ "/bin/bash" ];
-    WorkingDir = "/data";
-    Volumes."/data" = { };
-  };
+foodogsquaredLib.buildDockerImage {
+  name = "js-backend";
+  contents = [ nodejs bun pnpm ];
 }

devcontainers/ruby-on-rails.nix

@@ -1,21 +1,6 @@
-{ dockerTools, ruby, bundix, foodogsquaredLib }:
+{ dockerTools, ruby, bundix, mruby, rails-new, foodogsquaredLib }:
 
-let name = s: "fds-ruby-on-rails-${ruby.version}${s}";
-in dockerTools.buildImage {
-  name = name "";
-
-  copyToRoot = foodogsquaredLib.buildFDSEnv {
-    name = name "root";
-    paths = [ ruby bundix ];
-  };
-
-  runAsRoot = ''
-    mkdir -p /data
-  '';
-
-  config = {
-    Cmd = [ "/bin/bash" ];
-    WorkingDir = "/data";
-    Volumes."/data" = { };
-  };
+foodogsquaredLib.buildDockerImage {
+  name = "ruby-on-rails";
+  contents = [ ruby bundix mruby rails-new ];
 }

devcontainers/rust-backend.nix

@@ -1,21 +1,7 @@
 { dockerTools, foodogsquaredLib, rustc, cargo, rust-bindgen, rust-analyzer
 , nodejs }:
 
-dockerTools.buildImage {
-  name = "fds-rust-backend";
-
-  copyToRoot = foodogsquaredLib.buildFDSEnv {
-    name = "fds-rust-backend-root";
-    paths = [ cargo rust-bindgen rust-analyzer rustc nodejs ];
-  };
-
-  runAsRoot = ''
-    mkdir -p /data
-  '';
-
-  config = {
-    Cmd = [ "/bin/bash" ];
-    WorkingDir = "/data";
-    Volumes."/data" = { };
-  };
+foodogsquaredLib.buildDockerImage {
+  name = "rust-backend";
+  contents = [ cargo rust-bindgen rust-analyzer rustc nodejs ];
 }

lib/builders/build-docker-image.nix

@@ -0,0 +1,33 @@
+{ dockerTools, foodogsquaredLib }:
+
+{ name, contents ? [ ], pathsToLink ? [ ], enableTypicalSetup ? true, ... }@attrs:
+
+dockerTools.buildImage (attrs // {
+  name = "fds-${name}";
+
+  copyToRoot = foodogsquaredLib.buildFDSEnv {
+    inherit pathsToLink;
+    name = "fds-${name}-root";
+    paths =
+      contents
+      ++ lib.optionals enableTypicalSetup (with dockerTools; [
+        usrBinEnv
+        binSh
+        caCertificates
+        fakeNss
+      ]);
+  };
+
+  runAsRoot = ''
+    ${lib.optionalString enableTypicalSetup ''
+      mkdir -p /data
+    ''}
+    ${attrs.runAsRoot}
+  '';
+
+  config = attrs.config // lib.optionalAttrs enableTypicalSetup {
+    Cmd = [ "/bin/bash" ];
+    WorkingDir = "/data";
+    Volumes."/data" = { };
+  };
+})

lib/builders/default.nix

@@ -224,4 +224,50 @@
     ```
   */
   buildDconfDb = pkgs.callPackage ./build-dconf-db.nix { };
+
+  /**
+    A wrapper for building Docker images.
+
+    # Arguments
+
+    A sole attribute set with the following attributes:
+
+    name
+    : Name of the container.
+
+    contents
+    : The contents of the FDS environment to be built with.
+
+    pathsToLink
+    : A list of directories to be shared with all of the derivations listed
+    from `contents`.
+
+    enableTypicalSetup
+    : Enable typical configuration.
+
+    The rest of the attributes are considered as part of the
+    `dockerTools.buildImage` argument.
+
+    # Type
+
+    ```
+    buildDockerImage :: Attr -> Derivation
+    ```
+
+    # Example
+
+    ```nix
+    buildDockerImage {
+      name = "typical-webdev";
+      contents = with pkgs; [
+        hello
+        ruby
+        npm
+        pnpm
+      ];
+      enableTypicalSetup = true;
+    }
+    ```
+  */
+  buildDockerImage = pkgs.callPackage ./build-docker-image.nix { foodogsquaredLib = self; };
 }

lib/default.nix

@@ -39,7 +39,7 @@ in pkgs.lib.makeExtensible (self:
 
     inherit (self.builders)
       makeXDGMimeAssociationList makeXDGPortalConfiguration makeXDGDesktopEntry
-      buildHugoSite buildFDSEnv buildDconfDb;
+      buildHugoSite buildFDSEnv buildDconfDb buildDockerImage;
     inherit (self.trivial) countAttrs filterAttrs';
     inherit (self.data) importYAML renderTeraTemplate renderMustacheTemplate;
     inherit (self.fetchers) fetchInternetArchive fetchUgeeDriver;

modules/flake-parts/setups/nixos.nix

@@ -37,11 +37,11 @@ let
   in inputs.nixos-generators.nixosModules // customFormats;
 
   # A very very thin wrapper around `mkHost` to build with the given format.
-  mkImage = { pkgs, system, extraModules ? [ ], format ? "iso", }:
+  mkImage = { pkgs, system, extraModules ? [ ], format ? "iso", specialArgs ? { } }:
     let
       extraModules' = extraModules ++ [ nixosGeneratorsModulesSet.${format} ];
       image = mkHost {
-        inherit pkgs system;
+        inherit pkgs system specialArgs;
         extraModules = extraModules';
       };
     in image.config.system.build.${image.config.formatAttr};
@@ -336,6 +336,7 @@ in {
               buildImage = format:
                 lib.nameValuePair "${name}-${format}" (mkImage {
                   inherit format system;
+                  inherit (metadata) specialArgs;
                   pkgs = import inputs.${metadata.nixpkgs.branch} {
                     inherit system;
                     inherit (metadata.nixpkgs) config;