nix.conf (the docs for it allege that with sandbox = true nix does use namespaces and chroots)build-vm and the resulting QEMU scriptcallPackage here (actually getting the attrs a lambda takes is just handled by builtins.functionArgs which is the only really magical bit)let
self =
foldl (overlay: super: super // overlay self super)
initialSet overlays;
in selfself is the final set of overlays; lazy eval lets us refer to it before it's full constructed without creating cyclessuper is the set of overlays before the current overlay is layered on; this lets us pass along an existing attr with some tweaks, etc.foldl vs foldl' vs foldr pretty wellnix-darwin, and home-manager (Burke Libbey)
nix-env to home-manager (Burke Libbey)
home-manager introhome-manager with flakes-march=native or some equiv in stdenv: https://narkive.com/lkYfC9OJ.11sops, nix-sops (todo: find that blog post)age, agenix, rage, ragenixhomeagelib, stdenv, and friends work
nix-darwin:
home-manager:
home-manager: Reading the Source (Burke Libbey)lorri
direnvloreleisorrinix-direnv
use flake) which is nice since it means you don't need the default.nix + shell.nix + flake.nix thing I thinkflake-compat for lorri as described herelorri, direnv libs, and gc-ing nix-shell invocationsnix-treenix-visualizenix-dunix-query-tree-viewerhttps://github.com/nix-community/home-manager
https://typeof.net/Iosevka/
https://github.com/DieracDelta/flakes/blob/flakes/.github/workflows/cachix.yml
https://github.com/nmattia/niv
https://github.com/ryantm/agenix
https://github.com/nix-community/lorri
MOZ_USE_XINPUT2=1 for Firefox (https://bugzilla.mozilla.org/show_bug.cgi?id=1438107)
MOZ_ENABLE_WAYLAND
enable fstrim: https://www.reddit.com/r/NixOS/comments/rbzhb1/if_you_have_a_ssd_dont_forget_to_enable_fstrim/
use nixos-hardware flake enable nix sandbox on macOS? enable flakes enable content-addressed Nix: https://discourse.nixos.org/t/content-addressed-nix-call-for-testers/12881 use unstable channel remap caps lock: https://unix.stackexchange.com/questions/377600/in-nixos-how-to-remap-caps-lock-to-control
LICENSE
look into/read:
can't find an archived copy of this :-(
IFD: https://nixos.wiki/wiki/Import_From_Derivation
install lorri look into direnv vscode: https://marketplace.visualstudio.com/items?itemName=Rubymaniac.vscode-direnv
nix gc option (for lorri, mostly) that only frees things that haven't been used in 1week+, etc.
lorri (or whatever direnv plugin we use)'s use_nix function with our own thing that records, somewhere, when nix-shell based gcroots were last "entered"
lorri doesn't seem to even register a direnv lib bash file that overrides use_nix(); instead it seems to prefer emitting .envrc files with eval "$(lorri direnv)" (grep for cat .direnv on this post)eval "$(lorri direnv)"
install https://github.com/lf-/nix-doc with plugin stuff
nix gc enable (not on battery power) zfs snapshot, cleanup, etc. (not on battery power, etc.; or reduced freq for snapshotting on battery power)
.cargo/config that's generated with:
target.<triple>.linker = some wrapper that shells out to ld.lld or mold ~rustflags = some wrapper that shells out to ld.lld or mold (i.e. ["-C', "link-arg=fuse-ld=lld-wrapper"]?)~
linker only seems to be available for target.<triple> and not target.<cfg()>; rustflags is available for both and can work when -C link-arg= can be used to specify the desired linker
mold using -C link-arg=fuse-ld=lld is tricky; we'd need to replace the ld.lld binary with a wrapper, etc..cargo/config; we can't set rustflags conditionally based on the release profile (see this) and the release profile doesn't include a rustflags key or a linker key (see this)mold/lld as appropriateupdate rust-template with nix stuff (.envrc, flake.nix, flake.lock, shell.nix with flake-compat, etc.; gonna leave nix out of the CI for now I think)
(also action-rs rust cache, maybe; rust-version in cargo.toml, 2021 edition, rustfmt updates, .toml for rustfmt and clippy, clippy updates, remove lint list dump, use include_str! for readme, etc.)
https://www.youtube.com/watch?v=XZ9nPZbaYfE
nix-env uses nix (build and store and friends) to make nix profiles (set ~/.nix-profile, and to make symlink forests in the form of profiles in the nix store)
nix-profile handles actually making the profile
buildenv derivation that handles stitching together the symlink forest and handling conflicts and such/nix/var/profiles/per-user/..., hooks (as part of nixos? it's unclear who puts these in the default bashrc) to have $XDG_DATA_DIRS point to the generated folders, etc)
nixpkgs:nix-env
/nix/var/nix/profiles/system-* (I think), managed by nixos-* commands, symlinked to /run/current-system, etc.nixos-* commands handle all of ^ plus doing things like restarting systemd service on switch and such
home-manager:~/.nix-profile (?)build does:
build-vm gives you a handy qemu runner script (doesn't even need a bootloader)
lib: nix helper utils, if the need arisesmachines: ...modules: my own nixos modulesmixins: config things for other things. some call these "roles" or services or w/e
darwin: nix-darwin module things (these are really just modules too)home-manager (also just modules)
all or a default that is system aware or somethingnixos: nixos module config stuff (also just modules)overlays
alluserspackages: my own nixpkgs
resources: secrets, config files, other supporting Things. mixins and machines can make reference to these freely, no one else.top-level (flake.nix) should import the stuff in modules as well as external modules see: https://github.com/frogamic/nix-machines/blob/6e2bf36b60fd288476a83b7e7babebfc012c3f6e/flake.nix#L16-L44
expose nixosModule, nixosModules, pkgs, lib, overlay, and overlays in default.nix in the style of: https://github.com/frogamic/nix-machines/blob/main/default.nix
flake exports:
nixosConfigurations: auto-populate the list from ./machines, etcpackages: the things in packagesapps: apps to export? i.e. things with their configs builtin? can just reference config stuff in resources I guess?overlay: all of the overlaysoverlays: the things in overlays, a list?nixosModule: all of the modulesnixosModules: things in modules, an attrset?checks: check that builds all the stuff? vm images? subs in fake secrets? this is what CI should run, ideallydefaultApp: runs the vm produces by machines/vm?TODO: register this repo as a flake registry (just r)
TODO: plain-text diffing for (r)age? (the way sops -d is used as a git diff filter)
agenix with a working nix-darwin module: https://github.com/montchr/agenix/compare/darwin-support...rtimush:agenix:darwin-support
TODO: running nixos modules outside of home-manager: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/testing/service-runner.nix
TODO: a nixos-module service to home-manager module adapter! this is probably a good starting point: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/testing/service-runner.nix
TODO: why isn't there a service abstraction in home-manager that papers over systemd/launchctl? https://discourse.nixos.org/t/services-on-macos/9095/4 https://github.com/nix-community/home-manager/issues/91 https://github.com/nix-community/home-manager/issues/91#issuecomment-782926192
TODO: https://discourse.nixos.org/t/franken-script-to-generate-nixos-options-docs-with-custom-modules/1674
lich (undead, pulsar) fafnir castor deneb acrux (system of 6) spica (system of 2) castor (system of 6) aniara meissa mago mira procyon
dimidium lete haik (water) eyeke dulcinea, quijote, sancho, rocinante (from don quixote, around cervantes (mu arae)) around lich:
TODO: figure out how to pass --backup to home-manager running in the flake