From dd12035604a70318f4dc75a64ab8ceb08fa75096 Mon Sep 17 00:00:00 2001 From: Mikael Voss Date: Sat, 16 Nov 2024 21:05:58 +0100 Subject: [PATCH] Initial import --- .gitignore | 7 ++ configuration.nix | 47 +++++++++ flake.lock | 114 +++++++++++++++++++++ flake.nix | 96 +++++++++++++++++ module.nix | 24 +++++ overlay.nix | 255 ++++++++++++++++++++++++++++++++++++++++++++++ stdenv.nix | 48 +++++++++ xvfb-run.nix | 20 ++++ 8 files changed, 611 insertions(+) create mode 100644 .gitignore create mode 100644 configuration.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 module.nix create mode 100644 overlay.nix create mode 100644 stdenv.nix create mode 100644 xvfb-run.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a3d6222 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +# Hidden files +.* +!.git* + +# Nix +/result +/result-* diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..407dab9 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,47 @@ +{ config, lib, pkgs, ... }: { + system.stateVersion = "25.05"; + + boot = { + enableContainers = false; + loader.grub.enable = false; + }; + + documentation = { + enable = false; + doc.enable = false; + info.enable = false; + man.enable = false; + nixos.enable = false; + }; + + environment.defaultPackages = [ ]; + fileSystems."/".device = "nodev"; + + networking = { + nftables = { + enable = true; + checkRuleset = false; + }; + + useNetworkd = true; + }; + + programs = { + command-not-found.enable = false; + less.lessopen = null; + }; + + security = { + sudo.enable = false; + sudo-rs.enable = true; + }; + + services.dbus.implementation = "broker"; + + xdg = { + autostart.enable = false; + icons.enable = false; + mime.enable = false; + sounds.enable = false; + }; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..b35f0ed --- /dev/null +++ b/flake.lock @@ -0,0 +1,114 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1731683711, + "narHash": "sha256-bq21I1EjXJa/s5Rra9J9ot2NkPCnI0F5uNPurwYLdpE=", + "rev": "c859d03013712b349d82ee6223948d6d03e63a8d", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/c859d03013712b349d82ee6223948d6d03e63a8d.tar.gz?rev=c859d03013712b349d82ee6223948d6d03e63a8d" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils", + "flakey-profile": "flakey-profile", + "lix": [ + "lix" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731185731, + "narHash": "sha256-RNaIu43b9PoXEhW4OqXUNZKY/jezQyCYWwdv1M0VjsA=", + "rev": "691193879d96bdfd1e6ab5ebcca2fadc7604cf34", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/691193879d96bdfd1e6ab5ebcca2fadc7604cf34.tar.gz?rev=691193879d96bdfd1e6ab5ebcca2fadc7604cf34" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1731890469, + "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5083ec887760adfe12af64830a66807423a859a7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "lix": "lix", + "lix-module": "lix-module", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..8d70995 --- /dev/null +++ b/flake.nix @@ -0,0 +1,96 @@ +{ + description = "I do not have to explain myself"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + + lix = { + url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"; + flake = false; + }; + + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.lix.follows = "lix"; + }; + }; + + nixConfig = { + extra-experimental-features = [ "pipe-operator" "pipe-operators" ]; + extra-substituters = [ "https://cache.kyouma.net" ]; + extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ]; + }; + + outputs = { self, nixpkgs, lix-module, ... }: let + lib = nixpkgs.lib.extend (final: prev: { + neoidiosyn = { + systems = { + riscv64 = "rv64gc"; + aarch64 = "armv8.2-a"; + x86_64 = "x86-64-v3"; + } |> final.mapAttrs' (cpu: arch: { + name = "${cpu}-linux"; + value = { + config = "${cpu}-unknown-linux-musl"; + useLLVM = true; + linker = "lld"; + gcc = { inherit arch; }; + }; + }); + }; + }); + in { + inherit lib; + + overlays.default = lib.composeExtensions + lix-module.overlays.default + (import ./overlay.nix { inherit lib; }); + + legacyPackages = lib.neoidiosyn.systems + |> lib.mapAttrs (system: crossSystem: let + pkgs = import nixpkgs { + localSystem.config = { + riscv64-linux = "riscv64-unknown-linux-gnu"; + aarch64-linux = "aarch64-unknown-linux-musl"; + x86_64-linux = "x86_64-unknown-linux-musl"; + }.${system}; + + inherit crossSystem; + overlays = [ self.overlays.default ]; + }; + in pkgs // { + config = let + stdenv = import ./stdenv.nix { inherit lib pkgs; }; + in pkgs.config or { } // { + replaceStdenv = stdenv; + replaceCrossStdenv = stdenv; + }; + }); + + nixosModules = { + default = import ./module.nix; + } // lib.mapAttrs (system: pkgs: { + nixpkgs = { + inherit (pkgs) + buildPlatform + hostPlatform + overlays + config; + }; + }) self.legacyPackages; + + hydraJobs = lib.mapAttrs (system: pkgs: { + inherit (pkgs) stdenv; + nixos = let + nixos = lib.nixosSystem { + modules = [ + self.nixosModules.default + self.nixosModules.${system} + ./configuration.nix + ]; + }; + in nixos.config.system.build.toplevel; + }) self.legacyPackages; + }; +} diff --git a/module.nix b/module.nix new file mode 100644 index 0000000..6d47c64 --- /dev/null +++ b/module.nix @@ -0,0 +1,24 @@ +{ modulesPath, config, lib, pkgs, ... }: { + disabledModules = map (path: modulesPath + path) [ + "/config/ldso.nix" + "/config/stub-ld.nix" + "/programs/nix-ld.nix" + ]; + + config = { + i18n.glibcLocales = pkgs.stdenvNoCC.mkDerivation { + pname = "locale-archive-stub"; + version = "0"; + + buildCommand = '' + mkdir -p "$out/lib/locale" + touch "$out/lib/locale/locale-archive" + ''; + } |> lib.mkDefault; + + i18n.supportedLocales = lib.mkDefault [ ]; + security.pam.services.login.updateWtmp = lib.mkForce false; + services.nscd.enable = lib.mkForce false; + system.nssModules = lib.mkForce [ ]; + }; +} diff --git a/overlay.nix b/overlay.nix new file mode 100644 index 0000000..b0d7bd6 --- /dev/null +++ b/overlay.nix @@ -0,0 +1,255 @@ +{ lib, ... }: final: prev: let + final' = final; + prev' = prev; + + alias = target: pkg: final.runCommand target { } '' + mkdir -p "$out/bin" + ln -s "${lib.getExe pkg}" "$out/bin/${target}" + ''; + + fetchFromGitHub = let + fetchzip = final.buildPackages.fetchzip.override { withUnzip = false; }; + in lib.makeOverridable ({ owner, repo, rev, hash, ... }: fetchzip { + url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; + inherit hash; + }); + + zlib = final.zlib-ng.override { withZlibCompat = true; }; +in { + # compilers + llvmPackages = final.llvmPackages_latest; + gcc = final.gcc_latest; + + # memory allocation + mimalloc = prev.mimalloc.override { secureBuild = true; }; + + jemalloc = throw "jemalloc is not supported"; + bind = prev.bind.override { jemalloc = null; }; + + # cURL + curl = prev.curl.override { + gssSupport = false; + http3Support = true; + scpSupport = false; + zstdSupport = true; + + openssl = final.quictls; + inherit zlib; + }; + + # cURL HTTP3 dependencies + ngtcp2 = prev.ngtcp2.override { inherit fetchFromGitHub; }; + nghttp3 = prev.nghttp3.override { inherit fetchFromGitHub; }; + + # scopes + netbsd = prev.netbsd.overrideScope (final: prev: { + compatIfNeeded = [ final.compat ]; + + compat = prev.compat.overrideAttrs (prevAttrs: { + makeFlags = prevAttrs.makeFlags ++ [ "OBJCOPY=:" ]; + }); + }); + + # Perl + perlPackages = prev.perlPackages.overrideScope (final: prev: { + DBI = prev.DBI.overrideAttrs (prevAttrs: { + nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ + final'.stdenv.cc + final'.stdenv.cc.bintools + ]; + + makeMakerFlags = prevAttrs.makeMakerFlags or [ ] ++ [ + "CC=${final'.stdenv.cc.targetPrefix}cc" + "LD=${final'.stdenv.cc.targetPrefix}cc" + "CCFLAGS=-Doff64_t=off_t" + ]; + }); + }); + + # Python + python313 = (prev.python313.overrideAttrs (prevAttrs: { + env = prevAttrs.env or { } // { + LD = "${final.stdenv.cc.bintools}/bin/${final.stdenv.cc.targetPrefix}ld"; + }; + })).override { + packageOverrides = final: prev: { + pyflakes = prev.pyflakes.overrideAttrs { + doCheck = false; + doInstallCheck = false; + }; + }; + }; + + python313Packages = final.python313.pkgs; + + python3 = final.python313; + python3Packages = final.python313Packages; + + # individual packages + beam = prev.beam_nox; + + cairo = prev.cairo.override { + x11Support = false; + inherit zlib; + }; + + dbus = prev.dbus.override { x11Support = false; }; + + diffutils = prev.diffutils.overrideAttrs (prevAttrs: { + configureFlags = prevAttrs.configureFlags or [ ] ++ [ "--disable-nls" ]; + + postPatch = '' + sed -E -i 's/test-(getopt-(gnu|posix)|(c|m|re)alloc-gnu)//g' gnulib-tests/Makefile.in + ''; + }); + + electron = prev.electron.override { + electron-unwrapped = prev.electron.unwrapped.overrideAttrs (prevAttrs: { + gnFlags = prevAttrs.gnFlags or "" + '' + # Disable X11 + ozone_platform_x11 = false + + # Disable internal memory allocator + use_partition_alloc_as_malloc = false + enable_backup_ref_ptr_support = false + enable_pointer_compression_support = false + ''; + }); + }; + + ffmpeg = final.ffmpeg-headless; + ffmpeg-headless = prev.ffmpeg-headless.override { + withAlsa = false; + withSsh = false; + }; + + gd = prev.gd.override { withXorg = false; }; + ghostscript = prev.ghostscript.override { x11Support = false; }; + gobject-introspection = prev.gobject-introspection.override { x11Support = false; }; + graphviz = prev.graphviz-nox; + + gtk3 = prev.gtk3.override { + x11Support = false; + xineramaSupport = false; + }; + + gtk4 = prev.gtk4.override { + x11Support = false; + xineramaSupport = false; + }; + + imagemagick = prev.imagemagick.override { + libX11Support = false; + libXtSupport = false; + }; + + imlib2 = prev.imlib2.override { x11Support = false; }; + + iproute2 = prev.iproute2.overrideAttrs (prevAttrs: { + patches = prevAttrs.patches or [ ] ++ [ + (final.fetchpatch { + url = "https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/patch/?id=043ef90e2fa94397eb5c85330889ca4146a6d58a"; + hash = "sha256-6q4NcdT2YXhhbMgLaiAjO2WFUcM9Pv8+J34rGzJqU5Q="; + }) + ]; + }); + + jbig2enc = prev.jbig2enc { inherit zlib; }; + jdk8 = prev.jdk8_headless; + jre8 = prev.jre8_headless; + jq = alias "jq" final.jaq; + kexec-tools = prev.kexec-tools.override { stdenv = final.gccStdenv; }; + libavif = prev.libavif.override { inherit zlib; }; + libdrm = prev.libdrm.override { withValgrind = false; }; + + libepoxy = prev.libepoxy.overrideAttrs (prevAttrs: { + buildInputs = prevAttrs.buildInputs or [ ] ++ [ final.libGL ]; + mesonFlags = prevAttrs.mesonFlags or [ ] ++ [ "-Degl=yes" ]; + }); + + + libjpeg = prev.libjpeg.overrideAttrs (prevAttrs: { + cmakeFlags = prevAttrs.cmakeFlags or [ ] ++ [ "-DFLOATTEST12=fp-contract" ]; + }); + + libpng = prev.libpng.override { inherit zlib; }; + libpng-apng = final.libpng.override { apngSupport = true; }; + libpulseaudio = prev.libpulseaudio.override { fftwFloat = null; }; + mercurial = prev.mercurial.override { re2Support = false; }; + + mesa = (prev.mesa.overrideAttrs (prevAttrs: { + outputs = prevAttrs.outputs |> lib.remove "spirv2dxil"; + })).override { + galliumDrivers = [ + "llvmpipe" + "nouveau" + "radeonsi" + "virgl" + "zink" + ]; + + vulkanDrivers = [ + "amd" + "intel" + "nouveau" + "swrast" + "virtio" + ]; + }; + + mpv = final.mpv-unwrapped.wrapper { mpv = final.mpv-unwrapped; }; + mpv-unwrapped = prev.mpv-unwrapped.override { + alsaSupport = false; + cacaSupport = false; + openalSupport = false; + sdl2Support = false; + vdpauSupport = false; + x11Support = false; + }; + + nlohmann_json = prev.nlohmann_json.override { stdenv = final.gccStdenv; }; + nodejs = prev.nodejs.overrideAttrs { doCheck = false; }; + nushell = prev.nushell.override { inherit zlib; }; + openjdk8 = prev.openjdk_headless; + pango = prev.pango.override { x11Support = false; }; + pipewire = prev.pipewire.override { x11Support = false; }; + + systemd = prev.systemd.override { + withApparmor = false; + withIptables = false; + }; + + vim-full = prev.vim-full.override { guiSupport = false; }; + wayland = prev.wayland.override { withDocumentation = false; }; + + w3m = prev.w3m.override { + x11Support = false; + imlib2 = final.imlib2; + }; + + wasilibc = prev.wasilibc.overrideAttrs (finalAttrs: prevAttrs: { + version = "24"; + + src = prevAttrs.src.override { + rev = "refs/tags/wasi-sdk-${finalAttrs.version}"; + hash = "sha256-wfOvOWVJDH5+tC5pSTLV5FUPqf25W+A2N/vXlq4nSmk="; + }; + }); + + wlroots = prev.wlroots.override { enableXWayland = false; }; + xvfb-run = final.callPackage ./xvfb-run.nix { }; +} // lib.optionalAttrs (!prev.stdenv.buildPlatform.isx86) { + writeShellApplication = { ... }@args: prev.writeShellApplication (args // { + checkPhase = args.checkPhase or '' + runHook preCheck + ${final.stdenv.shellDryRun} "$target" + runHook postCheck + ''; + }); + + sudo-rs = (prev.sudo-rs.overrideAttrs { + postInstall = ""; + }).override { + pandoc = null; + }; +} diff --git a/stdenv.nix b/stdenv.nix new file mode 100644 index 0000000..689e66d --- /dev/null +++ b/stdenv.nix @@ -0,0 +1,48 @@ +{ lib, pkgs, ... }: { ... }@attrs: let + stdenv = attrs.stdenv or attrs.baseStdenv; + inherit (let pkgs = attrs.pkgs or attrs.buildPackages; in pkgs.stdenv.cc.bintools) isLLVM; +in pkgs.addAttrsToDerivation (prevAttrs: let + inherit (lib) optionals optionalAttrs toList; + inherit (stdenv) targetPlatform; + + overrideAlloc = prevAttrs.overrideAlloc or true; + inputs = optionals overrideAlloc [ pkgs.mimalloc ]; + + cflags = [ + "-pipe" + ] ++ optionals isLLVM [ + "-flto" + ]; + + ldflags = [ + "-O2" + "--hash-style=gnu" + ] ++ optionals isLLVM [ + "--icf=safe" + "--lto-O2" + ] ++ optionals overrideAlloc [ "-lmimalloc" ]; + + rustflags = [ + "-C" "opt-level=2" + "-C" "linker-flavor=ld.lld" + "-C" "lto" + "-C" "linker-plugin-lto" + "-C" "target-cpu=${targetPlatform.gcc.arch}" + ] ++ (map (flag: [ "-C" "link-arg=${flag}" ]) ldflags |> lib.flatten); + + goflags = [ "-ldflags=-linkmode=external" ]; +in { + buildInputs = prevAttrs.buildInputs or [ ] ++ inputs; + env = prevAttrs.env or { } // optionalAttrs (!prevAttrs ? NIX_CFLAGS_COMPILE) { + NIX_CFLAGS_COMPILE = toList prevAttrs.env.NIX_CFLAGS_COMPILE or [ ] ++ cflags |> toString; + } // optionalAttrs (prevAttrs ? env.NIX_LDFLAGS) { + NIX_LDFLAGS = toList prevAttrs.env.NIX_LDFLAGS or [ ] ++ ldflags |> toString; + }; + + NIX_RUSTFLAGS = prevAttrs.NIX_RUSTFLAGS or [ ] ++ rustflags; + GOFLAGS = prevAttrs.GOFLAGS or [ ] ++ goflags; +} // optionalAttrs (prevAttrs ? NIX_CFLAGS_COMPILE) { + NIX_CFLAGS_COMPILE = toList prevAttrs.NIX_CFLAGS_COMPILE or [ ] ++ cflags; +} // optionalAttrs (!prevAttrs ? env.NIX_LDFLAGS) { + NIX_LDFLAGS = lib.toList prevAttrs.NIX_LDFLAGS or [ ] ++ ldflags; +}) stdenv diff --git a/xvfb-run.nix b/xvfb-run.nix new file mode 100644 index 0000000..4bba2f1 --- /dev/null +++ b/xvfb-run.nix @@ -0,0 +1,20 @@ +{ lib, writeShellApplication, cage }: + +writeShellApplication { + name = "xvfb-run"; + text = '' + # Discard all options + while [[ "$1" =~ ^- ]]; do + case "$1" in + (-e|-f|-n|-p|-s|-w) shift ;& + (*) shift ;; + esac + done + + WLR_BACKENDS=headless \ + WLR_LIBINPUT_NO_DEVICES=1 \ + WLR_RENDERER=pixman \ + XDG_RUNTIME_DIR="$(mktemp -d)" \ + exec '${lib.getExe cage}' -- "$@" + ''; +}