aviallon/nixos-lib
1
0
Fork 0
mirror of https://github.com/aviallon/nixos-lib.git synced 2026-04-05 17:27:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(lint): nixfmt the whole tree

Browse source
This commit is contained in:
Antoine Viallon 2026-03-22 21:56:13 +01:00
parent 643b136863
commit bf219a30c2
Signed by: aviallon
GPG key ID: 186FC35EDEB25716
69 changed files with 2605 additions and 1726 deletions
Download patch file Download diff file Expand all files Collapse all files

226
nix/builder.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, lib, myLib, ... }:
{
config,
pkgs,
lib,
myLib,
...
}:
with lib;
let
cfg = config.aviallon.nix;
@ -10,35 +16,40 @@ let
getSpeed = cores: threads: cores + (threads - cores) / 2;
mkBuildMachine = {
hostName,
cores,
systems ? [ "x86_64-linux" ] ,
threads ? (cores * 2),
features ? [ ],
x86ver ? 1 ,
...
}@attrs: let
speedFactor = getSpeed cores threads;
in {
inherit hostName speedFactor;
systems = systems
++ optional (any (s: s == "x86_64-linux") systems) "i686-linux"
;
sshUser = "builder";
sshKey = buildUserKeyFilePath;
maxJobs = myLib.math.log2 cores;
supportedFeatures = [ "kvm" "benchmark" ]
mkBuildMachine =
{
hostName,
cores,
systems ? [ "x86_64-linux" ],
threads ? (cores * 2),
features ? [ ],
x86ver ? 1,
...
}@attrs:
let
speedFactor = getSpeed cores threads;
in
{
inherit hostName speedFactor;
systems = systems ++ optional (any (s: s == "x86_64-linux") systems) "i686-linux";
sshUser = "builder";
sshKey = buildUserKeyFilePath;
maxJobs = myLib.math.log2 cores;
supportedFeatures = [
"kvm"
"benchmark"
]
++ optional (speedFactor > 8) "big-parallel"
++ optional (x86ver >= 2) "gccarch-x86-64-v2"
++ optional (x86ver >= 3) "gccarch-x86-64-v3"
++ optional (x86ver >= 4) "gccarch-x86-64-v4"
++ features
;
};
++ features;
machineList = filterAttrs (name: value: config.networking.hostName != name && value.enable) cfg.builder.buildMachines;
};
machineList = filterAttrs (
name: value: config.networking.hostName != name && value.enable
) cfg.builder.buildMachines;
in
{
imports = [
@ -57,85 +68,104 @@ in
example = "/path/to/id_builder";
description = "Path to the private key nix builder user will use";
};
buildMachines = mkOption {
type = types.attrsOf (types.submoduleWith {
modules = [
({ config, options, name, ...}:
{
options = {
enable = mkOption {
type = types.bool;
default = true;
description = "Wether to enable or to disable this builder";
example = false;
};
hostName = mkOption {
type = types.str;
example = "luke-skywalker-nixos";
description = ''
Builder's host name
'';
};
sshConfig = mkOption {
type = types.str;
default = "";
example = ''
ProxyJump example.com
Port 2222
'';
description = "Extra ssh config for the builder.";
};
cores = mkOption {
type = with types; ints.unsigned;
example = 8;
description = "How many physical cores the builder has.";
};
threads = mkOption {
type = with types; addCheck ints.unsigned (n: n >= config.cores);
example = 16;
description = "How many physical _threads_ the builder has.";
};
x86ver = mkOption {
default = 1;
type = with types; addCheck ints.positive (n: n >= 1 && n <= 4);
example = 3;
description = "Maximum x86-64 feature level supported.";
};
};
})]; });
default = {};
example = literalExpression
''
{
luke-skywalker-nixos = {
hostName = "2aXX:e0a:18e:8670::";
cores = 16;
threads = 32;
x86ver = 3;
};
}
'';
buildMachines = mkOption {
type = types.attrsOf (
types.submoduleWith {
modules = [
(
{
config,
options,
name,
...
}:
{
options = {
enable = mkOption {
type = types.bool;
default = true;
description = "Wether to enable or to disable this builder";
example = false;
};
hostName = mkOption {
type = types.str;
example = "luke-skywalker-nixos";
description = ''
Builder's host name
'';
};
sshConfig = mkOption {
type = types.str;
default = "";
example = ''
ProxyJump example.com
Port 2222
'';
description = "Extra ssh config for the builder.";
};
cores = mkOption {
type = with types; ints.unsigned;
example = 8;
description = "How many physical cores the builder has.";
};
threads = mkOption {
type = with types; addCheck ints.unsigned (n: n >= config.cores);
example = 16;
description = "How many physical _threads_ the builder has.";
};
x86ver = mkOption {
default = 1;
type = with types; addCheck ints.positive (n: n >= 1 && n <= 4);
example = 3;
description = "Maximum x86-64 feature level supported.";
};
};
}
)
];
}
);
default = { };
example = literalExpression ''
{
luke-skywalker-nixos = {
hostName = "2aXX:e0a:18e:8670::";
cores = 16;
threads = 32;
x86ver = 3;
};
}
'';
description = "NixOS builders";
};
};
config = {
nix.buildMachines = traceValSeqN 3 (mapAttrsToList (name: value:
mkBuildMachine {
inherit (value) hostName cores threads x86ver;
}
) machineList);
nix.buildMachines = traceValSeqN 3 (
mapAttrsToList (
name: value:
mkBuildMachine {
inherit (value)
hostName
cores
threads
x86ver
;
}
) machineList
);
programs.ssh.extraConfig = concatStringsSep "\n" (mapAttrsToList (name: value:
(optionalString (value.sshConfig != "")
''
Host ${value.hostName}
${value.sshConfig}
''
)
) machineList);
programs.ssh.extraConfig = concatStringsSep "\n" (
mapAttrsToList (
name: value:
(optionalString (value.sshConfig != "") ''
Host ${value.hostName}
${value.sshConfig}
'')
) machineList
);
users.users.builder = {
isSystemUser = true;
@ -146,7 +176,7 @@ in
];
shell = pkgs.bashInteractive;
};
users.groups.builder = {};
users.groups.builder = { };
nix.settings.trusted-users = [ "builder" ];
boot.enableContainers = mkForce true;

87
nix/nix.nix
View file

@ -1,4 +1,12 @@
{config, pkgs, lib, myLib, nixpkgs, nixpkgs-unstable, ...}:
{
config,
pkgs,
lib,
myLib,
nixpkgs,
nixpkgs-unstable,
...
}:
with lib;
with myLib;
let
@ -13,7 +21,7 @@ in
enableCustomSubstituter = mkEnableOption "custom substituter using nix-cache.lesviallon.fr";
contentAddressed = mkEnableOption "experimental content-addressed derivations";
};
config = {
system.autoUpgrade.enable = mkDefault true;
@ -26,16 +34,18 @@ in
upper = "05:00";
};
system.build.nixos-rebuild = let
nixos-rebuild = pkgs.nixos-rebuild.override { nix = config.nix.package.out; };
nixos-rebuild-inhibit = pkgs.writeShellScriptBin "nixos-rebuild" ''
exec ${config.systemd.package}/bin/systemd-inhibit --what=idle:shutdown --mode=block \
--who="NixOS rebuild" \
--why="NixOS must finish rebuilding configuration or work would be lost." \
-- \
${pkgs.coreutils}/bin/nice -n 19 -- ${nixos-rebuild}/bin/nixos-rebuild "$@"
system.build.nixos-rebuild =
let
nixos-rebuild = pkgs.nixos-rebuild.override { nix = config.nix.package.out; };
nixos-rebuild-inhibit = pkgs.writeShellScriptBin "nixos-rebuild" ''
exec ${config.systemd.package}/bin/systemd-inhibit --what=idle:shutdown --mode=block \
--who="NixOS rebuild" \
--why="NixOS must finish rebuilding configuration or work would be lost." \
-- \
${pkgs.coreutils}/bin/nice -n 19 -- ${nixos-rebuild}/bin/nixos-rebuild "$@"
'';
in mkOverride 20 nixos-rebuild-inhibit;
in
mkOverride 20 nixos-rebuild-inhibit;
environment.systemPackages = [
(hiPrio config.system.build.nixos-rebuild)
@ -44,7 +54,7 @@ in
environment.variables = {
NIX_REMOTE = "daemon"; # Use the nix daemon by default
};
systemd.services.nixos-upgrade = {
unitConfig = {
ConditionCPUPressure = "user.slice:15%";
@ -63,14 +73,12 @@ in
};
};
nix.gc.automatic = mkDefault true;
nix.gc.dates = mkDefault "Monday,Wednesday,Friday,Sunday 03:00:00";
nix.gc.randomizedDelaySec = "3h";
nix.optimise.automatic = mkDefault (!config.nix.settings.auto-optimise-store);
nix.optimise.dates = mkDefault [ "Tuesday,Thursday,Saturday 03:00:00" ];
nix.settings.auto-optimise-store = mkDefault true;
nix.settings.auto-optimise-store = mkDefault true;
systemd.services.nix-daemon = {
serviceConfig = {
@ -84,31 +92,40 @@ in
};
};
nix.package = optimizePkg { stdenv = pkgs.fastStdenv; level = "slower"; } pkgs.nixVersions.latest;
nix.package = optimizePkg {
stdenv = pkgs.fastStdenv;
level = "slower";
} pkgs.nixVersions.latest;
nix.settings.system-features = [ "big-parallel" "kvm" "benchmark" ]
++ optional ( ! isNull generalCfg.cpu.arch ) "gccarch-${generalCfg.cpu.arch}"
++ optional ( generalCfg.cpu.x86.level >= 2 ) "gccarch-x86-64-v2"
++ optional ( generalCfg.cpu.x86.level >= 3 ) "gccarch-x86-64-v3"
++ optional ( generalCfg.cpu.x86.level >= 4 ) "gccarch-x86-64-v4"
;
nix.settings.system-features = [
"big-parallel"
"kvm"
"benchmark"
]
++ optional (!isNull generalCfg.cpu.arch) "gccarch-${generalCfg.cpu.arch}"
++ optional (generalCfg.cpu.x86.level >= 2) "gccarch-x86-64-v2"
++ optional (generalCfg.cpu.x86.level >= 3) "gccarch-x86-64-v3"
++ optional (generalCfg.cpu.x86.level >= 4) "gccarch-x86-64-v4";
nix.settings.builders-use-substitutes = true;
nix.settings.substitute = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ]
++ optional (versionOlder config.nix.package.version "2.19") "repl-flake"
++ optional cfg.contentAddressed "ca-derivations"
;
nix.settings.experimental-features = [
"nix-command"
"flakes"
]
++ optional (versionOlder config.nix.package.version "2.19") "repl-flake"
++ optional cfg.contentAddressed "ca-derivations";
nix.settings.download-attempts = 5;
nix.settings.stalled-download-timeout = 20;
nix.settings.substituters = mkBefore ([]
nix.settings.substituters = mkBefore (
[ ]
++ optional cfg.enableCustomSubstituter "https://nix-cache.lesviallon.fr"
++ optional cfg.contentAddressed "https://cache.ngi0.nixos.org/"
);
nix.settings.trusted-public-keys = mkBefore ([]
nix.settings.trusted-public-keys = mkBefore (
[ ]
++ optional cfg.enableCustomSubstituter "nix-cache.lesviallon.fr-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
++ optional cfg.contentAddressed "cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="
);
@ -118,9 +135,15 @@ in
nix.settings.cores = mkIf (generalCfg.cpu.threads != null) generalCfg.cpu.threads;
nix.settings.max-jobs = mkIf (generalCfg.cpu.threads != null) (math.log2 generalCfg.cpu.threads);
nix.settings.trusted-users = [ "root" "@wheel" ];
nix.settings.trusted-users = [
"root"
"@wheel"
];
nix.settings.hashed-mirrors = [ "https://tarballs.nixos.org" "https://nixpkgs-unfree.cachix.org" ];
nix.settings.hashed-mirrors = [
"https://tarballs.nixos.org"
"https://nixpkgs-unfree.cachix.org"
];
nix.registry = {
nixpkgs.flake = nixpkgs;