From d69524143ba02388ff6248ee06624ab53b5bde1b Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Mon, 27 Dec 2021 16:58:14 +0100 Subject: [PATCH 1/2] flake: remove nonstandard top-level flake attrs Silences warnings in `nix flake check`. - Define `mkNbPkgs` under attr `lib`. `lib` still triggers a warning, but it is expected to be a standard flake attr in a future Nix release. - Define `nbPkgs` under attr `legacyPackages`. This also has the advantage to make its contents more easily accessible via the nix CLI. Example: nix eval nix-bitcoin#nbPkgs.modulesPkgs.clightning.version --- flake.nix | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/flake.nix b/flake.nix index b994e5f..4d0267d 100644 --- a/flake.nix +++ b/flake.nix @@ -15,22 +15,24 @@ supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; in rec { - mkNbPkgs = { - system - , pkgs ? import nixpkgs { inherit system; } - , pkgsUnstable ? import nixpkgsUnstable { inherit system; } - }: - import ./pkgs { inherit pkgs pkgsUnstable; }; + lib = { + mkNbPkgs = { + system + , pkgs ? import nixpkgs { inherit system; } + , pkgsUnstable ? import nixpkgsUnstable { inherit system; } + }: + import ./pkgs { inherit pkgs pkgsUnstable; }; + }; overlay = final: prev: let - nbPkgs = mkNbPkgs { inherit (final) system; pkgs = final; }; + nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; }; in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ]; nixosModules = { # Uses the default system pkgs for nix-bitcoin.pkgs withSystemPkgs = { pkgs, ... }: { imports = [ ./modules/modules.nix ]; - nix-bitcoin.pkgs = (mkNbPkgs { inherit (pkgs) system; inherit pkgs; }).modulesPkgs; + nix-bitcoin.pkgs = (lib.mkNbPkgs { inherit (pkgs) system; inherit pkgs; }).modulesPkgs; }; # Uses the nixpkgs version locked by this flake for nix-bitcoin.pkgs. @@ -38,7 +40,7 @@ # locked and the system nixpkgs versions differ. withLockedPkgs = { config, ... }: { imports = [ ./modules/modules.nix ]; - nix-bitcoin.pkgs = (mkNbPkgs { inherit (config.nixpkgs) system; }).modulesPkgs; + nix-bitcoin.pkgs = (lib.mkNbPkgs { inherit (config.nixpkgs) system; }).modulesPkgs; }; }; @@ -51,6 +53,8 @@ let pkgs = import nixpkgs { inherit system; }; + nbPkgs = self.lib.mkNbPkgs { inherit system pkgs; }; + mkVMScript = vm: pkgs.writers.writeBash "run-vm" '' set -euo pipefail export TMPDIR=$(mktemp -d /tmp/nix-bitcoin-vm.XXX) @@ -59,8 +63,6 @@ QEMU_OPTS="-smp $(nproc) -m 1500" ${vm}/bin/run-*-vm ''; in rec { - nbPkgs = self.mkNbPkgs { inherit system pkgs; }; - packages = flake-utils.lib.flattenTree (removeAttrs nbPkgs [ "pinned" "modulesPkgs" "nixops19_09" "krops" "generate-secrets" "netns-exec" ]) // { @@ -92,6 +94,11 @@ }).vm; }; + # Allow accessing the whole nested `nbPkgs` attrset (including `modulesPkgs`) + # via this flake. + # `packages` is not allowed to contain nested pkgs attrsets. + legacyPackages = { inherit nbPkgs; }; + defaultApp = apps.vm; apps = { From 6be3fb3e77e24773230227d76bad204decff3f77 Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Mon, 27 Dec 2021 16:58:15 +0100 Subject: [PATCH 2/2] flake: provide a single NixOS module Instead of providing two NixOS modules (one for using system pkgs, one for using locked pkgs), provide a single module with option `useVersionLockedPkgs`. This fixes that all nix-bitcoin options are displayed twice on search.nixos.org: https://search.nixos.org/flakes?type=options&query=clightning --- examples/flakes/flake.nix | 25 +++++++++++++------------ flake.nix | 38 ++++++++++++++++++++++++++------------ 2 files changed, 39 insertions(+), 24 deletions(-) diff --git a/examples/flakes/flake.nix b/examples/flakes/flake.nix index 9b8f6a9..6e030a8 100644 --- a/examples/flakes/flake.nix +++ b/examples/flakes/flake.nix @@ -8,19 +8,11 @@ nixosConfigurations.mynode = nix-bitcoin.inputs.nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ - ## Note: - ## If you use a custom nixpkgs version for evaluating your system, - ## consider using `withLockedPkgs` instead of `withSystemPkgs` to use the exact - ## pkgs versions for nix-bitcoin services that are tested by nix-bitcoin. - ## The downsides are increased evaluation times and increased system - ## closure size. - # - # nix-bitcoin.nixosModules.withLockedPkgs - nix-bitcoin.nixosModules.withSystemPkgs + nix-bitcoin.nixosModule - ## Optional: - ## Import the secure-node preset, an opinionated config to enhance security - ## and privacy. + # Optional: + # Import the secure-node preset, an opinionated config to enhance security + # and privacy. # # "${nix-bitcoin}/modules/presets/secure-node.nix" @@ -46,6 +38,15 @@ isNormalUser = true; password = "a"; }; + + # If you use a custom nixpkgs version for evaluating your system + # (instead of `nix-bitcoin.inputs.nixpkgs` like in this example), + # consider setting `useVersionLockedPkgs = true` to use the exact pkgs + # versions for nix-bitcoin services that are tested by nix-bitcoin. + # The downsides are increased evaluation times and increased system + # closure size. + # + # nix-bitcoin.useVersionLockedPkgs = true; } ]; }; diff --git a/flake.nix b/flake.nix index 4d0267d..96fb8a5 100644 --- a/flake.nix +++ b/flake.nix @@ -28,19 +28,33 @@ nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; }; in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ]; - nixosModules = { - # Uses the default system pkgs for nix-bitcoin.pkgs - withSystemPkgs = { pkgs, ... }: { - imports = [ ./modules/modules.nix ]; - nix-bitcoin.pkgs = (lib.mkNbPkgs { inherit (pkgs) system; inherit pkgs; }).modulesPkgs; + nixosModule = { config, pkgs, lib, ... }: { + imports = [ ./modules/modules.nix ]; + + options = with lib; { + nix-bitcoin.useVersionLockedPkgs = mkOption { + type = types.bool; + default = false; + description = '' + Use the nixpkgs version locked by this flake for `nix-bitcoin.pkgs`. + Only relevant if you are using a nixpkgs version for evaluating your system + that differs from the one that is locked by this flake (via input `nixpkgs`). + If this is the case, enabling this option may result in a more stable system + because the nix-bitcoin services use the exact pkgs versions that are tested + by nix-bitcoin. + The downsides are increased evaluation times and increased system + closure size. + + If `false`, the default system pkgs are used. + ''; + }; }; - # Uses the nixpkgs version locked by this flake for nix-bitcoin.pkgs. - # More stable, but slightly slower to evaluate and needs more space if the - # locked and the system nixpkgs versions differ. - withLockedPkgs = { config, ... }: { - imports = [ ./modules/modules.nix ]; - nix-bitcoin.pkgs = (lib.mkNbPkgs { inherit (config.nixpkgs) system; }).modulesPkgs; + config = { + nix-bitcoin.pkgs = + if config.nix-bitcoin.useVersionLockedPkgs + then (self.lib.mkNbPkgs { inherit (config.nixpkgs) system; }).modulesPkgs + else (self.lib.mkNbPkgs { inherit (pkgs) system; inherit pkgs; }).modulesPkgs; }; }; @@ -77,7 +91,7 @@ inherit system; configuration = { imports = [ - nix-bitcoin.nixosModules.withSystemPkgs + nix-bitcoin.nixosModule "${nix-bitcoin}/modules/presets/secure-node.nix" ];