From 5acae2cf42d14abbf6839a17b36be9f1de3ae641 Mon Sep 17 00:00:00 2001 From: Mikael Voss Date: Sat, 16 Nov 2024 21:05:58 +0100 Subject: [PATCH] Initial import --- .gitignore | 7 ++ configuration.nix | 47 +++++++++ flake.lock | 114 +++++++++++++++++++++ flake.nix | 96 ++++++++++++++++++ module.nix | 24 +++++ overlay.nix | 253 ++++++++++++++++++++++++++++++++++++++++++++++ stdenv.nix | 48 +++++++++ xvfb-run.nix | 20 ++++ zlib.nix | 31 ++++++ 9 files changed, 640 insertions(+) create mode 100644 .gitignore create mode 100644 configuration.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 module.nix create mode 100644 overlay.nix create mode 100644 stdenv.nix create mode 100644 xvfb-run.nix create mode 100644 zlib.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a3d6222 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +# Hidden files +.* +!.git* + +# Nix +/result +/result-* diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..407dab9 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,47 @@ +{ config, lib, pkgs, ... }: { + system.stateVersion = "25.05"; + + boot = { + enableContainers = false; + loader.grub.enable = false; + }; + + documentation = { + enable = false; + doc.enable = false; + info.enable = false; + man.enable = false; + nixos.enable = false; + }; + + environment.defaultPackages = [ ]; + fileSystems."/".device = "nodev"; + + networking = { + nftables = { + enable = true; + checkRuleset = false; + }; + + useNetworkd = true; + }; + + programs = { + command-not-found.enable = false; + less.lessopen = null; + }; + + security = { + sudo.enable = false; + sudo-rs.enable = true; + }; + + services.dbus.implementation = "broker"; + + xdg = { + autostart.enable = false; + icons.enable = false; + mime.enable = false; + sounds.enable = false; + }; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..b35f0ed --- /dev/null +++ b/flake.lock @@ -0,0 +1,114 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1731683711, + "narHash": "sha256-bq21I1EjXJa/s5Rra9J9ot2NkPCnI0F5uNPurwYLdpE=", + "rev": "c859d03013712b349d82ee6223948d6d03e63a8d", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/c859d03013712b349d82ee6223948d6d03e63a8d.tar.gz?rev=c859d03013712b349d82ee6223948d6d03e63a8d" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils", + "flakey-profile": "flakey-profile", + "lix": [ + "lix" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731185731, + "narHash": "sha256-RNaIu43b9PoXEhW4OqXUNZKY/jezQyCYWwdv1M0VjsA=", + "rev": "691193879d96bdfd1e6ab5ebcca2fadc7604cf34", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/691193879d96bdfd1e6ab5ebcca2fadc7604cf34.tar.gz?rev=691193879d96bdfd1e6ab5ebcca2fadc7604cf34" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1731890469, + "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5083ec887760adfe12af64830a66807423a859a7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "lix": "lix", + "lix-module": "lix-module", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..8d70995 --- /dev/null +++ b/flake.nix @@ -0,0 +1,96 @@ +{ + description = "I do not have to explain myself"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + + lix = { + url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"; + flake = false; + }; + + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.lix.follows = "lix"; + }; + }; + + nixConfig = { + extra-experimental-features = [ "pipe-operator" "pipe-operators" ]; + extra-substituters = [ "https://cache.kyouma.net" ]; + extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ]; + }; + + outputs = { self, nixpkgs, lix-module, ... }: let + lib = nixpkgs.lib.extend (final: prev: { + neoidiosyn = { + systems = { + riscv64 = "rv64gc"; + aarch64 = "armv8.2-a"; + x86_64 = "x86-64-v3"; + } |> final.mapAttrs' (cpu: arch: { + name = "${cpu}-linux"; + value = { + config = "${cpu}-unknown-linux-musl"; + useLLVM = true; + linker = "lld"; + gcc = { inherit arch; }; + }; + }); + }; + }); + in { + inherit lib; + + overlays.default = lib.composeExtensions + lix-module.overlays.default + (import ./overlay.nix { inherit lib; }); + + legacyPackages = lib.neoidiosyn.systems + |> lib.mapAttrs (system: crossSystem: let + pkgs = import nixpkgs { + localSystem.config = { + riscv64-linux = "riscv64-unknown-linux-gnu"; + aarch64-linux = "aarch64-unknown-linux-musl"; + x86_64-linux = "x86_64-unknown-linux-musl"; + }.${system}; + + inherit crossSystem; + overlays = [ self.overlays.default ]; + }; + in pkgs // { + config = let + stdenv = import ./stdenv.nix { inherit lib pkgs; }; + in pkgs.config or { } // { + replaceStdenv = stdenv; + replaceCrossStdenv = stdenv; + }; + }); + + nixosModules = { + default = import ./module.nix; + } // lib.mapAttrs (system: pkgs: { + nixpkgs = { + inherit (pkgs) + buildPlatform + hostPlatform + overlays + config; + }; + }) self.legacyPackages; + + hydraJobs = lib.mapAttrs (system: pkgs: { + inherit (pkgs) stdenv; + nixos = let + nixos = lib.nixosSystem { + modules = [ + self.nixosModules.default + self.nixosModules.${system} + ./configuration.nix + ]; + }; + in nixos.config.system.build.toplevel; + }) self.legacyPackages; + }; +} diff --git a/module.nix b/module.nix new file mode 100644 index 0000000..6d47c64 --- /dev/null +++ b/module.nix @@ -0,0 +1,24 @@ +{ modulesPath, config, lib, pkgs, ... }: { + disabledModules = map (path: modulesPath + path) [ + "/config/ldso.nix" + "/config/stub-ld.nix" + "/programs/nix-ld.nix" + ]; + + config = { + i18n.glibcLocales = pkgs.stdenvNoCC.mkDerivation { + pname = "locale-archive-stub"; + version = "0"; + + buildCommand = '' + mkdir -p "$out/lib/locale" + touch "$out/lib/locale/locale-archive" + ''; + } |> lib.mkDefault; + + i18n.supportedLocales = lib.mkDefault [ ]; + security.pam.services.login.updateWtmp = lib.mkForce false; + services.nscd.enable = lib.mkForce false; + system.nssModules = lib.mkForce [ ]; + }; +} diff --git a/overlay.nix b/overlay.nix new file mode 100644 index 0000000..14fad0c --- /dev/null +++ b/overlay.nix @@ -0,0 +1,253 @@ +{ lib, ... }: final: prev: let + final' = final; + prev' = prev; + + alias = target: pkg: final.runCommand target { } '' + mkdir -p "$out/bin" + ln -s "${lib.getExe pkg}" "$out/bin/${target}" + ''; + + fetchFromGitHub = let + fetchzip = final.buildPackages.fetchzip.override { withUnzip = false; }; + in lib.makeOverridable ({ owner, repo, rev, hash, ... }: fetchzip { + url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; + inherit hash; + }); +in { + # compilers + llvmPackages = final.llvmPackages_latest; + gcc = final.gcc_latest; + + # memory allocation + mimalloc = prev.mimalloc.override { secureBuild = true; }; + + jemalloc = throw "jemalloc is not supported"; + bind = prev.bind.override { jemalloc = null; }; + + # zlib + zlib = final.callPackage ./zlib.nix { }; + + # cURL + curl = prev.curl.override { + gssSupport = false; + http3Support = true; + scpSupport = false; + zstdSupport = true; + + openssl = final.quictls; + }; + + # cURL HTTP3 dependencies + ngtcp2 = prev.ngtcp2.override { inherit fetchFromGitHub; }; + nghttp3 = prev.nghttp3.override { inherit fetchFromGitHub; }; + + # scopes + netbsd = prev.netbsd.overrideScope (final: prev: { + compatIfNeeded = [ final.compat ]; + + compat = prev.compat.overrideAttrs (prevAttrs: { + makeFlags = prevAttrs.makeFlags ++ [ "OBJCOPY=:" ]; + }); + }); + + # Perl + perlPackages = prev.perlPackages.overrideScope (final: prev: { + DBI = prev.DBI.overrideAttrs (prevAttrs: { + nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ + final'.stdenv.cc + final'.stdenv.cc.bintools + ]; + + makeMakerFlags = prevAttrs.makeMakerFlags or [ ] ++ [ + "CC=${final'.stdenv.cc.targetPrefix}cc" + "LD=${final'.stdenv.cc.targetPrefix}cc" + "CCFLAGS=-Doff64_t=off_t" + ]; + }); + }); + + # Python + python313 = (prev.python313.overrideAttrs (prevAttrs: { + env = prevAttrs.env or { } // { + LD = "${final.stdenv.cc.bintools}/bin/${final.stdenv.cc.targetPrefix}ld"; + }; + })).override { + packageOverrides = final: prev: { + pyflakes = prev.pyflakes.overrideAttrs { + doCheck = false; + doInstallCheck = false; + }; + }; + }; + + python313Packages = final.python313.pkgs; + + python3 = final.python313; + python3Packages = final.python313Packages; + + # individual packages + beam = prev.beam_nox; + + cairo = prev.cairo.override { x11Support = false; }; + dbus = prev.dbus.override { x11Support = false; }; + + diffutils = prev.diffutils.overrideAttrs (prevAttrs: { + configureFlags = prevAttrs.configureFlags or [ ] ++ [ "--disable-nls" ]; + + postPatch = '' + sed -E -i 's/test-(getopt-(gnu|posix)|(c|m|re)alloc-gnu)//g' gnulib-tests/Makefile.in + ''; + }); + + electron = prev.electron.override { + electron-unwrapped = prev.electron.unwrapped.overrideAttrs (prevAttrs: { + gnFlags = prevAttrs.gnFlags or "" + '' + # Disable X11 + ozone_platform_x11 = false + + # Disable internal memory allocator + use_partition_alloc_as_malloc = false + enable_backup_ref_ptr_support = false + enable_pointer_compression_support = false + ''; + }); + }; + + ffmpeg = final.ffmpeg-headless; + ffmpeg-headless = prev.ffmpeg-headless.override { + withAlsa = false; + withSsh = false; + }; + + gd = prev.gd.override { withXorg = false; }; + ghostscript = prev.ghostscript.override { x11Support = false; }; + gobject-introspection = prev.gobject-introspection.override { x11Support = false; }; + graphviz = prev.graphviz-nox; + + gtk3 = prev.gtk3.override { + x11Support = false; + xineramaSupport = false; + }; + + gtk4 = prev.gtk4.override { + x11Support = false; + xineramaSupport = false; + }; + + imagemagick = prev.imagemagick.override { + libX11Support = false; + libXtSupport = false; + }; + + imlib2 = prev.imlib2.override { x11Support = false; }; + + iproute2 = prev.iproute2.overrideAttrs (prevAttrs: { + patches = prevAttrs.patches or [ ] ++ [ + (final.fetchpatch { + url = "https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/patch/?id=043ef90e2fa94397eb5c85330889ca4146a6d58a"; + hash = "sha256-6q4NcdT2YXhhbMgLaiAjO2WFUcM9Pv8+J34rGzJqU5Q="; + }) + ]; + }); + + jdk8 = prev.jdk8_headless; + jre8 = prev.jre8_headless; + jq = alias "jq" final.jaq; + #kexec-tools = prev.kexec-tools.override { stdenv = final.gccStdenv; }; + libdrm = prev.libdrm.override { withValgrind = false; }; + + libepoxy = prev.libepoxy.overrideAttrs (prevAttrs: { + buildInputs = prevAttrs.buildInputs or [ ] ++ [ final.libGL ]; + mesonFlags = prevAttrs.mesonFlags or [ ] ++ [ "-Degl=yes" ]; + }); + + libjpeg = prev.libjpeg.overrideAttrs (prevAttrs: { + cmakeFlags = prevAttrs.cmakeFlags or [ ] ++ [ "-DFLOATTEST12=fp-contract" ]; + }); + + libpng = prev.libpng.overrideAttrs (prevAttrs: { + postPatch = prevAttrs.postPatch or "" + '' + substituteInPlace tests/pngtest-all \ + --replace-warn --strict --relaxed + ''; + }); + + libpng-apng = final.libpng.override { apngSupport = true; }; + libpulseaudio = prev.libpulseaudio.override { fftwFloat = null; }; + mercurial = prev.mercurial.override { re2Support = false; }; + + mesa = (prev.mesa.overrideAttrs (prevAttrs: { + outputs = prevAttrs.outputs |> lib.remove "spirv2dxil"; + })).override { + galliumDrivers = [ + "llvmpipe" + "nouveau" + "radeonsi" + "virgl" + "zink" + ]; + + vulkanDrivers = [ + "amd" + "intel" + "nouveau" + "swrast" + "virtio" + ]; + }; + + mpv = final.mpv-unwrapped.wrapper { mpv = final.mpv-unwrapped; }; + mpv-unwrapped = prev.mpv-unwrapped.override { + alsaSupport = false; + cacaSupport = false; + openalSupport = false; + sdl2Support = false; + vdpauSupport = false; + x11Support = false; + }; + + nlohmann_json = prev.nlohmann_json.override { stdenv = final.gccStdenv; }; + nodejs = prev.nodejs.overrideAttrs { doCheck = false; }; + openjdk8 = prev.openjdk_headless; + pango = prev.pango.override { x11Support = false; }; + pipewire = prev.pipewire.override { x11Support = false; }; + + systemd = prev.systemd.override { + withApparmor = false; + withIptables = false; + }; + + vim-full = prev.vim-full.override { guiSupport = false; }; + wayland = prev.wayland.override { withDocumentation = false; }; + + w3m = prev.w3m.override { + x11Support = false; + imlib2 = final.imlib2; + }; + + wasilibc = prev.wasilibc.overrideAttrs (finalAttrs: prevAttrs: { + version = "24"; + + src = prevAttrs.src.override { + rev = "refs/tags/wasi-sdk-${finalAttrs.version}"; + hash = "sha256-wfOvOWVJDH5+tC5pSTLV5FUPqf25W+A2N/vXlq4nSmk="; + }; + }); + + wlroots = prev.wlroots.override { enableXWayland = false; }; + xvfb-run = final.callPackage ./xvfb-run.nix { }; +} // lib.optionalAttrs (!prev.stdenv.buildPlatform.isx86) { + writeShellApplication = { ... }@args: prev.writeShellApplication (args // { + checkPhase = args.checkPhase or '' + runHook preCheck + ${final.stdenv.shellDryRun} "$target" + runHook postCheck + ''; + }); + + sudo-rs = (prev.sudo-rs.overrideAttrs { + postInstall = ""; + }).override { + pandoc = null; + }; +} diff --git a/stdenv.nix b/stdenv.nix new file mode 100644 index 0000000..689e66d --- /dev/null +++ b/stdenv.nix @@ -0,0 +1,48 @@ +{ lib, pkgs, ... }: { ... }@attrs: let + stdenv = attrs.stdenv or attrs.baseStdenv; + inherit (let pkgs = attrs.pkgs or attrs.buildPackages; in pkgs.stdenv.cc.bintools) isLLVM; +in pkgs.addAttrsToDerivation (prevAttrs: let + inherit (lib) optionals optionalAttrs toList; + inherit (stdenv) targetPlatform; + + overrideAlloc = prevAttrs.overrideAlloc or true; + inputs = optionals overrideAlloc [ pkgs.mimalloc ]; + + cflags = [ + "-pipe" + ] ++ optionals isLLVM [ + "-flto" + ]; + + ldflags = [ + "-O2" + "--hash-style=gnu" + ] ++ optionals isLLVM [ + "--icf=safe" + "--lto-O2" + ] ++ optionals overrideAlloc [ "-lmimalloc" ]; + + rustflags = [ + "-C" "opt-level=2" + "-C" "linker-flavor=ld.lld" + "-C" "lto" + "-C" "linker-plugin-lto" + "-C" "target-cpu=${targetPlatform.gcc.arch}" + ] ++ (map (flag: [ "-C" "link-arg=${flag}" ]) ldflags |> lib.flatten); + + goflags = [ "-ldflags=-linkmode=external" ]; +in { + buildInputs = prevAttrs.buildInputs or [ ] ++ inputs; + env = prevAttrs.env or { } // optionalAttrs (!prevAttrs ? NIX_CFLAGS_COMPILE) { + NIX_CFLAGS_COMPILE = toList prevAttrs.env.NIX_CFLAGS_COMPILE or [ ] ++ cflags |> toString; + } // optionalAttrs (prevAttrs ? env.NIX_LDFLAGS) { + NIX_LDFLAGS = toList prevAttrs.env.NIX_LDFLAGS or [ ] ++ ldflags |> toString; + }; + + NIX_RUSTFLAGS = prevAttrs.NIX_RUSTFLAGS or [ ] ++ rustflags; + GOFLAGS = prevAttrs.GOFLAGS or [ ] ++ goflags; +} // optionalAttrs (prevAttrs ? NIX_CFLAGS_COMPILE) { + NIX_CFLAGS_COMPILE = toList prevAttrs.NIX_CFLAGS_COMPILE or [ ] ++ cflags; +} // optionalAttrs (!prevAttrs ? env.NIX_LDFLAGS) { + NIX_LDFLAGS = lib.toList prevAttrs.NIX_LDFLAGS or [ ] ++ ldflags; +}) stdenv diff --git a/xvfb-run.nix b/xvfb-run.nix new file mode 100644 index 0000000..4bba2f1 --- /dev/null +++ b/xvfb-run.nix @@ -0,0 +1,20 @@ +{ lib, writeShellApplication, cage }: + +writeShellApplication { + name = "xvfb-run"; + text = '' + # Discard all options + while [[ "$1" =~ ^- ]]; do + case "$1" in + (-e|-f|-n|-p|-s|-w) shift ;& + (*) shift ;; + esac + done + + WLR_BACKENDS=headless \ + WLR_LIBINPUT_NO_DEVICES=1 \ + WLR_RENDERER=pixman \ + XDG_RUNTIME_DIR="$(mktemp -d)" \ + exec '${lib.getExe cage}' -- "$@" + ''; +} diff --git a/zlib.nix b/zlib.nix new file mode 100644 index 0000000..e51d2bf --- /dev/null +++ b/zlib.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchurl, zlib-ng, ... }: + +assert zlib-ng.version == "2.2.2"; + +stdenv.mkDerivation (finalAttrs: { + inherit (zlib-ng) pname version; + + src = fetchurl { + url = "https://github.com/zlib-ng/zlib-ng/archive/refs/tags/${finalAttrs.version}.tar.gz"; + hash = "sha256-/LQd1Zo/FwAq6xuyHwRpbJtyFASJC7lFxas50stpZUw="; + }; + + outputs = [ "out" "dev" "man" ]; + + env = { + CROSS_PREFIX = stdenv.cc.targetPrefix; + }; + + setOutputFlags = false; + dontAddDisableDepTrack = true; + configurePlatforms = false; + + configureFlags = [ + "--libdir=${placeholder "dev"}/lib" + "--sharedlibdir=${placeholder "out"}/lib" + "--includedir=${placeholder "dev"}/include" + "--zlib-compat" + ]; + + makeFlags = [ "mandir=$(man)/share/man" ]; +})