Build with neoidiosyn flake

This commit is contained in:
Mikael 2024-11-16 17:03:21 +01:00
parent deb6dc6a26
commit 22fff6832b
Signed by: mikael
SSH key fingerprint: SHA256:21QyD2Meiot7jOUVitIR5YkGB/XuXdCvLW1hE6dsri0
3 changed files with 189 additions and 50 deletions

View file

@ -1,5 +1,99 @@
{ {
"nodes": { "nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
"owner": "lf-",
"repo": "flakey-profile",
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
"type": "github"
},
"original": {
"owner": "lf-",
"repo": "flakey-profile",
"type": "github"
}
},
"lix": {
"flake": false,
"locked": {
"lastModified": 1732112222,
"narHash": "sha256-H7GN4++a4vE49SUNojZx+FSk4mmpb2ifJUtJMJHProI=",
"rev": "66f6dbda32959dd5cf3a9aaba15af72d037ab7ff",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/66f6dbda32959dd5cf3a9aaba15af72d037ab7ff.tar.gz?rev=66f6dbda32959dd5cf3a9aaba15af72d037ab7ff"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"
}
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils",
"flakey-profile": "flakey-profile",
"lix": [
"neoidiosyn",
"lix"
],
"nixpkgs": [
"neoidiosyn",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731967274,
"narHash": "sha256-n6dPGRlMGdL8X5gviA6ZuRfUdbdD5KiNN/BpABA5YT0=",
"rev": "aa2846680fa9a2032939d720487942567fd9eb63",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/aa2846680fa9a2032939d720487942567fd9eb63.tar.gz?rev=aa2846680fa9a2032939d720487942567fd9eb63"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"
}
},
"neoidiosyn": {
"inputs": {
"lix": "lix",
"lix-module": "lix-module",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1732481879,
"narHash": "sha256-Tj9yPVOA2JlAAFhynX9MRkwOd8VYeilkoesn8zzQr2E=",
"ref": "refs/heads/main",
"rev": "b7171c109da4f52bf59ad5159ec13ee9246ec28d",
"revCount": 1,
"type": "git",
"url": "https://woof.rip/mikael/neoidiosyn.git"
},
"original": {
"type": "git",
"url": "https://woof.rip/mikael/neoidiosyn.git"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1731531548, "lastModified": 1731531548,
@ -18,8 +112,24 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"neoidiosyn": "neoidiosyn",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
} }
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

View file

@ -3,6 +3,10 @@
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
neoidiosyn = {
url = "git+https://woof.rip/mikael/neoidiosyn.git";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
nixConfig = { nixConfig = {
@ -11,43 +15,58 @@
extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ]; extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ];
}; };
outputs = { self, nixpkgs, ... }: let outputs = { self, nixpkgs, neoidiosyn, ... }: let
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
in { in {
packages = lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let packages = lib.mapAttrs (system: pkgs: let
pkgs = nixpkgs.legacyPackages.${system}.pkgsMusl;
mimalloc = pkgs.mimalloc.override { secureBuild = true; };
extraWrapper = prevAttrs: { extraWrapper = prevAttrs: {
buildCommand = prevAttrs.buildCommand + '' buildCommand = prevAttrs.buildCommand + ''
sed -i \ sed -i \
-e '$i export MIMALLOC_PURGE_DELAY=150' \ -e '$i export MIMALLOC_PURGE_DELAY=150' \
-e '$i export MIMALLOC_PURGE_DECOMMITS=0' \
-e '$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \ -e '$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \
"$out/bin/${prevAttrs.meta.mainProgram}" "$out/bin/${prevAttrs.meta.mainProgram}"
''; '';
}; };
wrapFirefox = pkgs.wrapFirefox.override {
ffmpeg = pkgs.ffmpeg.override {
ffmpegVariant = "headless";
withAlsa = false;
withAom = false;
withCodec2 = true;
withDrm = false;
withGnutls = false;
withSsh = false;
withV4l2 = false;
withNetwork = false;
withBin = false;
withLib = true;
withDocumentation = false;
withStripping = true;
};
};
in { in {
default = self.packages.${system}.firefox; default = self.packages.${system}.firefox;
firefox = (pkgs.wrapFirefox self.packages.${system}.firefox-unwrapped { firefox = (pkgs.wrapFirefox self.packages.${system}.firefox-unwrapped {
extraPoliciesFiles = [ ./policy.nix ]; extraPoliciesFiles =
import ./policy.nix { inherit lib; firefox = true; }
|> pkgs.writers.writeJSON "policy.json"
|> lib.singleton;
}).overrideAttrs extraWrapper; }).overrideAttrs extraWrapper;
firefox-unwrapped = ((pkgs.buildMozillaMach { firefox-unwrapped = ((pkgs.buildMozillaMach {
pname = "firefox"; pname = "firefox";
inherit (pkgs.firefox-beta-unwrapped) inherit (pkgs.firefox-beta-unwrapped)
src version meta tests; src version meta tests;
extraConfigureFlags = [ extraConfigureFlags = [ "--enable-default-toolkit=cairo-gtk3-wayland-only" ];
"--enable-default-toolkit=cairo-gtk3-wayland-only" }).overrideAttrs {
]; autoVarInit = "zero";
boundsCheck = true;
extraBuildInputs = [ mimalloc ]; }).override {
}).overrideAttrs (prevAttrs: {
env = prevAttrs.env or { } // {
LDFLAGS = lib.toList prevAttrs.env.LDFLAGS or [ ] ++ [ "-lmimalloc" ] |> toString;
};
})).override {
alsaSupport = false; alsaSupport = false;
ffmpegSupport = true; ffmpegSupport = true;
gssSupport = false; gssSupport = false;
@ -64,12 +83,19 @@
googleAPISupport = false; googleAPISupport = false;
}; };
thunderbird = (pkgs.wrapThunderbird self.packages.${system}.thunderbird-unwrapped { }).overrideAttrs extraWrapper; thunderbird = (pkgs.wrapThunderbird self.packages.${system}.thunderbird-unwrapped {
extraPoliciesFiles =
import ./policy.nix { inherit lib; thunderbird = true; }
|> pkgs.writers.writeJSON "policy.json"
|> lib.singleton;
}).overrideAttrs extraWrapper;
thunderbird-unwrapped = (pkgs.thunderbird-latest-unwrapped.overrideAttrs (prevAttrs: { thunderbird-unwrapped = (pkgs.thunderbird-latest-unwrapped.overrideAttrs (prevAttrs: {
configureFlags = prevAttrs.configureFlags or [ ] ++ [ autoVarInit = "zero";
"--enable-default-toolkit=cairo-gtk3-wayland-only" boundsCheck = true;
];
configureFlags = prevAttrs.configureFlags or [ ]
++ [ "--enable-default-toolkit=cairo-gtk3-wayland-only" ];
})).override { })).override {
alsaSupport = false; alsaSupport = false;
ffmpegSupport = false; ffmpegSupport = false;
@ -86,9 +112,9 @@
privacySupport = true; privacySupport = true;
drmSupport = false; drmSupport = false;
}; };
}); }) neoidiosyn.legacyPackages;
hydraJobs = self.packages |> lib.foldlAttrs (jobs: system: packages: lib.recursiveUpdate jobs hydraJobs = self.packages |> lib.foldlAttrs (jobs: system: packages: lib.recursiveUpdate jobs
(lib.mapAttrs (name: package: { ${system} = package; }) packages)) { }; (lib.mapAttrs (name: package: { ${system} = lib.hydraJob package; }) packages)) { };
}; };
} }

View file

@ -1,4 +1,6 @@
{ { lib, firefox ? false, thunderbird ? false }: let
inherit (lib) optionals optionalAttrs;
in assert (lib.xor firefox thunderbird); {
CaptivePortal = false; CaptivePortal = false;
Cookies = { Cookies = {
@ -23,29 +25,27 @@
EncryptedMediaExtensions.Enabled = true; EncryptedMediaExtensions.Enabled = true;
ExtensionSettings = [ ExtensionSettings = {
{ "uBlock0@raymondhill.net" = {
"@testpilot-containers" = { installation_mode = "normal_installed";
installation_mode = "normal_installed"; install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi"; };
}; } // optionalAttrs firefox {
"@testpilot-containers" = {
"uBlock0@raymondhill.net" = { installation_mode = "normal_installed";
installation_mode = "normal_installed"; install_url = "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; };
};
"gdpr@cavi.au.dk" = { "gdpr@cavi.au.dk" = {
installation_mode = "normal_installed"; installation_mode = "normal_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/consent-o-matic/latest.xpi"; install_url = "https://addons.mozilla.org/firefox/downloads/latest/consent-o-matic/latest.xpi";
} };
"jid1-BoFifL9Vbdl2zQ@jetpack" = { "jid1-BoFifL9Vbdl2zQ@jetpack" = {
installation_mode = "normal_installed"; installation_mode = "normal_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
}; };
} };
];
FirefoxHome = { FirefoxHome = {
SponsoredTopSites = false; SponsoredTopSites = false;
@ -62,7 +62,6 @@
HttpsOnlyMode = "force_enabled"; HttpsOnlyMode = "force_enabled";
NewTabPage = false; NewTabPage = false;
OverrideFirstRunPage = ""; OverrideFirstRunPage = "";
OverrideFirstRunPage = "";
PDFjs = { PDFjs = {
Enabled = true; Enabled = true;
@ -84,16 +83,16 @@
Value = value; Value = value;
}; };
in { in {
# date and time formats
"intl.date_time.pattern_override.date_short" = default "yyyy-MM-dd";
"intl.date_time.pattern_override.time_short" = default "HH:mm";
# cache # cache
"browser.cache.memory.enable" = default true; "browser.cache.memory.enable" = default true;
"browser.cache.memory.capacity" = default 262144; "browser.cache.memory.capacity" = default 262144;
"browser.cache.disk.enable" = default true; "browser.cache.disk.enable" = default true;
"browser.cache.disk.capacity" = default 16777216; "browser.cache.disk.capacity" = default 16777216;
# hardware acceleration
"gfx.webrender.all" = default true;
"media.ffmpeg.vaapi.enabled" = default true;
# disable WebGL by default # disable WebGL by default
"webgl.disabled" = default true; "webgl.disabled" = default true;
@ -136,6 +135,10 @@
# enable ECN # enable ECN
"network.http.http3.ecn" = default true; "network.http.http3.ecn" = default true;
} // optionalAttrs firefox {
# hardware acceleration
"gfx.webrender.all" = default true;
"media.ffmpeg.vaapi.enabled" = default true;
}; };
PromptForDownloadLocation = true; PromptForDownloadLocation = true;