From d3909532805978a220b8be79bf279eafd1c6aa80 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Fri, 20 Jun 2025 03:38:56 +0800 Subject: [PATCH 01/23] Use rime-ice in nixpkgs instead of self-packaged - remove package rime-ice - remove overlay of rime-ice - regenerate nvfetcher - add configuration for rime-ice - add zhwiki and moegirl as dict --- home/modules/default.nix | 1 + home/modules/i18n/default.custom.yaml | 83 +++++++++++++++++++ home/modules/i18n/default.nix | 12 +++ .../i18n/double_pinyin_flypy.custom.yaml | 4 + nixos/modules/i18n.nix | 3 +- overlays/additions/default.nix | 1 - overlays/additions/rime-ice.nix | 5 -- pkgs/_sources/generated.json | 29 +------ pkgs/_sources/generated.nix | 20 +---- pkgs/default.nix | 1 - pkgs/nvfetcher.toml | 4 - pkgs/rime-ice.nix | 18 ---- 12 files changed, 110 insertions(+), 71 deletions(-) create mode 100644 home/modules/i18n/default.custom.yaml create mode 100644 home/modules/i18n/default.nix create mode 100644 home/modules/i18n/double_pinyin_flypy.custom.yaml delete mode 100644 overlays/additions/rime-ice.nix delete mode 100644 pkgs/rime-ice.nix diff --git a/home/modules/default.nix b/home/modules/default.nix index 1ede244..4ef350f 100644 --- a/home/modules/default.nix +++ b/home/modules/default.nix @@ -7,6 +7,7 @@ ++ [ ./programs ./xdg-dirs.nix + ./i18n ]; config = { diff --git a/home/modules/i18n/default.custom.yaml b/home/modules/i18n/default.custom.yaml new file mode 100644 index 0000000..cd210ce --- /dev/null +++ b/home/modules/i18n/default.custom.yaml @@ -0,0 +1,83 @@ +patch: + "__include": rime_ice_suggestion:/ + "schema_list": + - schema: double_pinyin_flypy + "menu/page_size": 7 + "switcher/caption": 「方案选单」 + "switcher/hotkeys": + - F4 + "switcher/save_options": + - ascii_punct + - traditionalization + - emoji + - full_shape + - search_single_char + "switcher/fold_options": false + "ascii_composer/good_old_caps_lock": true + "ascii_composer/switch_key/Caps_Lock": clear + "ascii_composer/switch_key/Shift_L": noop + "ascii_composer/switch_key/Shift_R": noop + "ascii_composer/switch_key/Control_L": noop + "ascii_composer/switch_key/Control_R": noop + "key_binder/bindings": + # Tab / Shift+Tab 切换光标至下/上一个拼音 + - { when: composing, accept: Shift+Tab, send: Shift+Left } + - { when: composing, accept: Tab, send: Shift+Right } + + # Option/Alt + ←/→ 切换光标至下/上一个拼音 + - { when: composing, accept: Shift+Tab, send: Shift+Left } + - { when: composing, accept: Tab, send: Shift+Right } + + # 翻页 , . + - { when: paging, accept: comma, send: Page_Up } + - { when: has_menu, accept: period, send: Page_Down } + + # 翻页 - = + - { when: has_menu, accept: minus, send: Page_Up } + - { when: has_menu, accept: equal, send: Page_Down } + + - { + when: always, + toggle: ascii_punct, + accept: Control+Shift+3, + } # 切换中英标点 + - { + when: always, + toggle: ascii_punct, + accept: Control+Shift+numbersign, + } # 切换中英标点 + - { + when: always, + toggle: traditionalization, + accept: Control+Shift+4, + } # 切换简繁 + - { + when: always, + toggle: traditionalization, + accept: Control+Shift+dollar, + } # 切换简繁 + - { when: always, toggle: full_shape, accept: Control+Shift+5 } # 切换全半角 + - { + when: always, + toggle: full_shape, + accept: Control+Shift+percent, + } # 切换全半角 + + # 将小键盘 0~9 . 映射到主键盘,数字金额大写的 Lua 如 R1234.5678 可使用小键盘输入 + - { accept: KP_0, send: 0, when: composing } + - { accept: KP_1, send: 1, when: composing } + - { accept: KP_2, send: 2, when: composing } + - { accept: KP_3, send: 3, when: composing } + - { accept: KP_4, send: 4, when: composing } + - { accept: KP_5, send: 5, when: composing } + - { accept: KP_6, send: 6, when: composing } + - { accept: KP_7, send: 7, when: composing } + - { accept: KP_8, send: 8, when: composing } + - { accept: KP_9, send: 9, when: composing } + - { accept: KP_Decimal, send: period, when: composing } + + # 将小键盘 + - * / 映射到主键盘,使计算器 如 1+2-3*4 可使用小键盘输入 + - { accept: KP_Multiply, send: asterisk, when: composing } + - { accept: KP_Add, send: plus, when: composing } + - { accept: KP_Subtract, send: minus, when: composing } + - { accept: KP_Divide, send: slash, when: composing } diff --git a/home/modules/i18n/default.nix b/home/modules/i18n/default.nix new file mode 100644 index 0000000..0e78253 --- /dev/null +++ b/home/modules/i18n/default.nix @@ -0,0 +1,12 @@ +{ + osConfig ? null, + lib, + ... +}: { + config = lib.mkIf (osConfig != null) { + xdg.dataFile = { + "fcitx5/rime/default.custom.yaml".source = ./default.custom.yaml; + "fcitx5/rime/double_pinyin_flypy.custom.yaml".source = ./double_pinyin_flypy.custom.yaml; + }; + }; +} diff --git a/home/modules/i18n/double_pinyin_flypy.custom.yaml b/home/modules/i18n/double_pinyin_flypy.custom.yaml new file mode 100644 index 0000000..d29c0ea --- /dev/null +++ b/home/modules/i18n/double_pinyin_flypy.custom.yaml @@ -0,0 +1,4 @@ +patch: + "translator/packs/+": + - zhwiki + - moegirl diff --git a/nixos/modules/i18n.nix b/nixos/modules/i18n.nix index 9403331..5c628b5 100644 --- a/nixos/modules/i18n.nix +++ b/nixos/modules/i18n.nix @@ -32,11 +32,12 @@ in { addons = with pkgs; [ libsForQt5.fcitx5-qt fcitx5-gtk - fcitx5-gtk fcitx5-fluent (fcitx5-rime.override { rimeDataPkgs = [ rime-ice + rime-zhwiki + rime-moegirl ]; }) ]; diff --git a/overlays/additions/default.nix b/overlays/additions/default.nix index 02467d9..337723a 100644 --- a/overlays/additions/default.nix +++ b/overlays/additions/default.nix @@ -2,7 +2,6 @@ inherit (prev) lib; in [ - ./rime-ice.nix ./TrackersListCollection.nix ./OuterWildsTextAdventure.nix ./editor-runtime.nix diff --git a/overlays/additions/rime-ice.nix b/overlays/additions/rime-ice.nix deleted file mode 100644 index a54e748..0000000 --- a/overlays/additions/rime-ice.nix +++ /dev/null @@ -1,5 +0,0 @@ -{outputs, ...}: final: prev: let - inherit (prev.stdenv.hostPlatform) system; -in { - rime-ice = outputs.packages."${system}".rime-ice; -} diff --git a/pkgs/_sources/generated.json b/pkgs/_sources/generated.json index 737d28a..6c27ed8 100644 --- a/pkgs/_sources/generated.json +++ b/pkgs/_sources/generated.json @@ -22,7 +22,7 @@ }, "TrackersListCollection": { "cargoLocks": null, - "date": "2025-06-19", + "date": "2025-06-20", "extract": null, "name": "TrackersListCollection", "passthru": null, @@ -34,14 +34,14 @@ "name": null, "owner": "XIU2", "repo": "TrackersListCollection", - "rev": "68f0b601a7e8e30ca3e59d5d0b0c0c159f494fae", - "sha256": "sha256-+ve7SYZPvkv29PS91tISjyuCL6CggUv7RutfyITGkQE=", + "rev": "434c1455c6877e91d2f399e3f8ec52727974167d", + "sha256": "sha256-UcDxpNWGO72pS54SsmaF09NWmUYo8y+peGaOVKMSxZA=", "sparseCheckout": [ "all.txt" ], "type": "github" }, - "version": "68f0b601a7e8e30ca3e59d5d0b0c0c159f494fae" + "version": "434c1455c6877e91d2f399e3f8ec52727974167d" }, "cliphist": { "cargoLocks": null, @@ -130,27 +130,6 @@ }, "version": "Serif2.003" }, - "rime-ice": { - "cargoLocks": null, - "date": "2025-06-16", - "extract": null, - "name": "rime-ice", - "passthru": null, - "pinned": false, - "src": { - "deepClone": false, - "fetchSubmodules": false, - "leaveDotGit": false, - "name": null, - "owner": "iDvel", - "repo": "rime-ice", - "rev": "eeb559e70b7775d4d0b89003b3c9b896a447092f", - "sha256": "sha256-HvjDw2BNvMbu/J0NINN2/+iWCv3pYt+HrtlJPWfhERA=", - "sparseCheckout": [], - "type": "github" - }, - "version": "eeb559e70b7775d4d0b89003b3c9b896a447092f" - }, "spotx": { "cargoLocks": null, "date": "2025-06-18", diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix index 91c1cbc..a4daf8a 100644 --- a/pkgs/_sources/generated.nix +++ b/pkgs/_sources/generated.nix @@ -15,18 +15,18 @@ }; TrackersListCollection = { pname = "TrackersListCollection"; - version = "68f0b601a7e8e30ca3e59d5d0b0c0c159f494fae"; + version = "434c1455c6877e91d2f399e3f8ec52727974167d"; src = fetchFromGitHub { owner = "XIU2"; repo = "TrackersListCollection"; - rev = "68f0b601a7e8e30ca3e59d5d0b0c0c159f494fae"; + rev = "434c1455c6877e91d2f399e3f8ec52727974167d"; fetchSubmodules = false; deepClone = false; leaveDotGit = false; sparseCheckout = [ "all.txt" ]; - sha256 = "sha256-+ve7SYZPvkv29PS91tISjyuCL6CggUv7RutfyITGkQE="; + sha256 = "sha256-UcDxpNWGO72pS54SsmaF09NWmUYo8y+peGaOVKMSxZA="; }; - date = "2025-06-19"; + date = "2025-06-20"; }; cliphist = { pname = "cliphist"; @@ -82,18 +82,6 @@ sha256 = "sha256-mfbBSdJrUCZiUUmsmndtEW6H3z6KfBn+dEftBySf2j4="; }; }; - rime-ice = { - pname = "rime-ice"; - version = "eeb559e70b7775d4d0b89003b3c9b896a447092f"; - src = fetchFromGitHub { - owner = "iDvel"; - repo = "rime-ice"; - rev = "eeb559e70b7775d4d0b89003b3c9b896a447092f"; - fetchSubmodules = false; - sha256 = "sha256-HvjDw2BNvMbu/J0NINN2/+iWCv3pYt+HrtlJPWfhERA="; - }; - date = "2025-06-16"; - }; spotx = { pname = "spotx"; version = "181fd7fc8fe838237660a46ae096570d869bc30f"; diff --git a/pkgs/default.nix b/pkgs/default.nix index 6c0956c..ac99da1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -13,7 +13,6 @@ in pinentry-selector = callPackage ./pinentry-selector.nix {}; helix = callPackage ./helix {}; juicity = callPackage ./juicity.nix {}; - rime-ice = callPackage ./rime-ice.nix {}; spotifyx = callPackage ./spotifyx.nix {}; radicle-explorer = callPackage ./radicle-explorer.nix {}; TrackersListCollection = callPackage ./TrackersListCollection.nix {}; diff --git a/pkgs/nvfetcher.toml b/pkgs/nvfetcher.toml index 3baca2c..64f3aa8 100644 --- a/pkgs/nvfetcher.toml +++ b/pkgs/nvfetcher.toml @@ -7,10 +7,6 @@ src.git = "https://github.com/kayhide/tree-sitter-idris" fetch.git = "https://github.com/kayhide/tree-sitter-idris" passthru.name = "idris" -[rime-ice] -src.git = "https://github.com/iDvel/rime-ice.git" -fetch.github = "iDvel/rime-ice" - [noto-serif-cjk] src.github = "notofonts/noto-cjk" fetch.github = "notofonts/noto-cjk" diff --git a/pkgs/rime-ice.nix b/pkgs/rime-ice.nix deleted file mode 100644 index 1b9bd25..0000000 --- a/pkgs/rime-ice.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - srcs, - stdenvNoCC, -}: let - source = srcs.rime-ice; -in - stdenvNoCC.mkDerivation { - inherit (source) pname version src; - - installPhase = '' - runHook preInstall - - mkdir -p $out/share/rime-data - cp -r * $out/share/rime-data/ - - runHook postInstall - ''; - } From eec768c3f630bea6a7b11c38998e382e115e40a0 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Fri, 20 Jun 2025 18:22:23 +0800 Subject: [PATCH 02/23] pkgs: Synchronize upstream source archives for packages and inputs for flake --- flake.lock | 140 ++++++++++++++--------- flake.nix | 16 ++- overlays/modifications/default.nix | 2 + overlays/modifications/fix-handbrake.nix | 5 + overlays/modifications/fix-hurl.nix | 5 + pkgs/_sources/generated.json | 8 +- pkgs/_sources/generated.nix | 8 +- pkgs/default.nix | 6 +- 8 files changed, 127 insertions(+), 63 deletions(-) create mode 100644 overlays/modifications/fix-handbrake.nix create mode 100644 overlays/modifications/fix-hurl.nix diff --git a/flake.lock b/flake.lock index c1f619e..d9b185a 100644 --- a/flake.lock +++ b/flake.lock @@ -96,11 +96,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1750330289, - "narHash": "sha256-16+LlTyw9wmINhxXB8BxGnSvngwm4nfrQ7GDKi7Cbdw=", + "lastModified": 1750594492, + "narHash": "sha256-8AP008pMieuJMFll32Qlyi2BkNNqqIq8FRqM7uXzr5o=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "ed44dff18a42ae3852f0d182cd39eb10d6a723e3", + "rev": "1cbd3ce75615ab95c9dcca1d64e638e762fe4975", "type": "github" }, "original": { @@ -119,11 +119,11 @@ ] }, "locked": { - "lastModified": 1750260393, - "narHash": "sha256-DJtTX/hxht6X0mway2HMEKCm9bbFNkecz7SNte5GaAw=", + "lastModified": 1750579949, + "narHash": "sha256-Ry9SoBinv53YMMXmQA1D6wmOEzHiz4aoKAENirpMQcI=", "owner": "daeuniverse", "repo": "flake.nix", - "rev": "1e51d98b6e606f935faaf08f68c1a3a68d5ee441", + "rev": "b2fe700ac3c16bea86975b1abb00645e56658237", "type": "github" }, "original": { @@ -393,11 +393,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1750344736, - "narHash": "sha256-pPktfkA5r1zhza2Gw+u7K4g/s9EfpXXMh7m/IQ3mIbs=", + "lastModified": 1750531852, + "narHash": "sha256-ps4Fa8cq+q13Kb2nj9uxXjIGvsSRBUfcxW5CgquxiQI=", "owner": "helix-editor", "repo": "helix", - "rev": "036729211a94d058b835f5ee212ab15de83bc037", + "rev": "171dfc60e5cda8f9fb6c4f662872f35bbe864a53", "type": "github" }, "original": { @@ -415,11 +415,11 @@ ] }, "locked": { - "lastModified": 1750275572, - "narHash": "sha256-upC/GIlsIgtdtWRGd1obzdXWYQptNkfzZeyAFWgsgf0=", + "lastModified": 1750304462, + "narHash": "sha256-Mj5t4yX05/rXnRqJkpoLZTWqgStB88Mr/fegTRqyiWc=", "owner": "nix-community", "repo": "home-manager", - "rev": "0f355844e54e4c70906b1ef5cc35a0047d666c04", + "rev": "863842639722dd12ae9e37ca83bcb61a63b36f6c", "type": "github" }, "original": { @@ -457,11 +457,11 @@ ] }, "locked": { - "lastModified": 1750230721, - "narHash": "sha256-rg/lnazeno/f4VNSv+t2Zwio/OyCYKx5zV9/8hfhfgA=", + "lastModified": 1750403547, + "narHash": "sha256-XDDINMbHTtKQeSRpX5mwq20z23Wg/I/G4JUinA3V8Xg=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "6c88df8c85ad3f80a5832edc50534a5add255b47", + "rev": "52b86b86d925ec00c836ecc6d36f9c947bb15736", "type": "github" }, "original": { @@ -522,11 +522,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1750390275, - "narHash": "sha256-k0cDsEK8aQLCYhBXXEMgBVdFWrPWd19JEtwJ5+DA91w=", + "lastModified": 1750471128, + "narHash": "sha256-oR2yjhAPXZDmfFb4UwBeVQcJBtrUNFwufovzN8sTBVc=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "3bebe770ebe600fc7f28cc593df14a9e90a3c02e", + "rev": "13e7a34df7aa4e7d8ec4dd9df9d5a01973f28f49", "type": "github" }, "original": { @@ -599,11 +599,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1750331408, - "narHash": "sha256-Rjc9aW5Dxn+KeBsx1DvkC+4SyLvdjEEyKJSVD5Q5UZw=", + "lastModified": 1750590485, + "narHash": "sha256-0j3ZhM2G0QEpgnJwFTk8A0EwppMispfT7hME84c2jyg=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "39eb68d021d698bc4d0cd86bf0c75a70285726cd", + "rev": "7f49ed84253338f47e4187aa0e7480baa5c784f9", "type": "github" }, "original": { @@ -614,11 +614,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1750083401, - "narHash": "sha256-ynqbgIYrg7P1fAKYqe8I/PMiLABBcNDYG9YaAP/d/C4=", + "lastModified": 1750431636, + "narHash": "sha256-vnzzBDbCGvInmfn2ijC4HsIY/3W1CWbwS/YQoFgdgPg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "61837d2a33ccc1582c5fabb7bf9130d39fee59ad", + "rev": "1552a9f4513f3f0ceedcf90320e48d3d47165712", "type": "github" }, "original": { @@ -630,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1750134718, - "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=", + "lastModified": 1750365781, + "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c", + "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", "type": "github" }, "original": { @@ -644,6 +644,38 @@ "type": "github" } }, + "nixpkgs-handbrake": { + "locked": { + "lastModified": 1749936441, + "narHash": "sha256-MfdTzz/ArELrweWK7FLofbK/NMvbpEhV8QCo6f7UBII=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c74daf34b6de017d7d43196c494f887a2b956f0f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c74daf34b6de017d7d43196c494f887a2b956f0f", + "type": "github" + } + }, + "nixpkgs-hurl": { + "locked": { + "lastModified": 1750581657, + "narHash": "sha256-2oGXIngJiuqrcxTRbs/0D+1YidC7osJfPlMwwpfwpYU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "6da24ccc7e889a6b80da047db51ee497c0f7b137", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "refs/pull/418842/head", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { "lastModified": 1748740939, @@ -661,11 +693,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1750259320, - "narHash": "sha256-H8J4H2XCIMEJ5g6fZ179QfQvsc2dUqhqfBjC8RAHNRY=", + "lastModified": 1750400657, + "narHash": "sha256-3vkjFnxCOP6vm5Pm13wC/Zy6/VYgei/I/2DWgW4RFeA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9ba04bda9249d5d5e5238303c9755de5a49a79c5", + "rev": "b2485d56967598da068b5a6946dadda8bfcbcd37", "type": "github" }, "original": { @@ -677,11 +709,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1750151854, - "narHash": "sha256-3za+1J9FifMetO7E/kwgyW+dp+8pPBNlWKfcBovnn6M=", + "lastModified": 1750330365, + "narHash": "sha256-hJ7XMNVsTnnbV2NPmStCC07gvv5l2x7+Skb7hyUzazg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ad5c70bcc5cc5178205161b7a7d61a6e80f6d244", + "rev": "d883b6213afa179b58ba8bace834f1419707d0ad", "type": "github" }, "original": { @@ -693,11 +725,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1750134718, - "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=", + "lastModified": 1750365781, + "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c", + "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", "type": "github" }, "original": { @@ -709,11 +741,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1750134718, - "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=", + "lastModified": 1750365781, + "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c", + "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", "type": "github" }, "original": { @@ -768,11 +800,11 @@ "nur-rycee": { "flake": false, "locked": { - "lastModified": 1750392203, - "narHash": "sha256-rJU+WeeLxDinRWEGXw5OT4tToIAO8zy/ULFVWHhLp/Q=", + "lastModified": 1750565010, + "narHash": "sha256-eetTl1TpPoD5W52RX02Lo8SLQdVcU2m7usCSh5VhnwE=", "owner": "rycee", "repo": "nur-expressions", - "rev": "09e3cfed476fc06384610a7e6027df221fc93bd3", + "rev": "a24c53d008d362cfd5a96270b2bb331e26902af5", "type": "gitlab" }, "original": { @@ -798,6 +830,8 @@ "nixos-cosmic": "nixos-cosmic", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", + "nixpkgs-handbrake": "nixpkgs-handbrake", + "nixpkgs-hurl": "nixpkgs-hurl", "nur-rycee": "nur-rycee", "sops-nix": "sops-nix", "stylix": "stylix", @@ -812,11 +846,11 @@ ] }, "locked": { - "lastModified": 1750214276, - "narHash": "sha256-1kniuhH70q4TAC/xIvjFYH46aHiLrbIlcr6fdrRwO1A=", + "lastModified": 1750473400, + "narHash": "sha256-wiW2j63MyGQyyijRF25hf7Ab7vx4G8pCiGjUe3OGV4c=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "f9b2b2b1327ff6beab4662b8ea41689e0a57b8d4", + "rev": "3d7d4c4e284f26d6dc4840491c66884912be0062", "type": "github" }, "original": { @@ -854,11 +888,11 @@ ] }, "locked": { - "lastModified": 1750300711, - "narHash": "sha256-4XHPocwP+66PhxyyObPXfI+Rql4PoGe/xBK791N8I78=", + "lastModified": 1750560265, + "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "4178888556c15e0a1c57850d2f103ac300a6e9e2", + "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", "type": "github" }, "original": { @@ -915,15 +949,15 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1750369088, - "narHash": "sha256-njtrVYrl+4I3ikgAoKLyQ+5MZ1BKwazAiEpLq2efwrE=", - "owner": "danth", + "lastModified": 1750562714, + "narHash": "sha256-GEQdMsWrij7y1UjuONVZYWLBo1OPIt709KcyCxcDfxU=", + "owner": "nix-community", "repo": "stylix", - "rev": "8c1421ae02475a874f2a09cc4a7ad6de63fbc9e8", + "rev": "100b968012804d6526c5f48a32c30680916bc474", "type": "github" }, "original": { - "owner": "danth", + "owner": "nix-community", "repo": "stylix", "type": "github" } diff --git a/flake.nix b/flake.nix index d492e89..1b78b84 100644 --- a/flake.nix +++ b/flake.nix @@ -38,6 +38,20 @@ # nixpkgs.url = "github:NixOS/nixpkgs/master"; # nixpkgs.follows = "nixos-cosmic/nixpkgs"; + nixpkgs-hurl = { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + ref = "refs/pull/418842/head"; + }; + + nixpkgs-handbrake = { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + rev = "c74daf34b6de017d7d43196c494f887a2b956f0f"; + }; + lix-module = { url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.93"; inputs = { @@ -137,7 +151,7 @@ stylix = { type = "github"; - owner = "danth"; + owner = "nix-community"; repo = "stylix"; inputs = { nixpkgs.follows = "nixpkgs"; diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix index 2f18ea8..9c2b5e2 100644 --- a/overlays/modifications/default.nix +++ b/overlays/modifications/default.nix @@ -11,6 +11,8 @@ in # ./QQ.nix ./helix.nix ./cliphist.nix + ./fix-hurl.nix + ./fix-handbrake.nix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/modifications/fix-handbrake.nix b/overlays/modifications/fix-handbrake.nix new file mode 100644 index 0000000..868b962 --- /dev/null +++ b/overlays/modifications/fix-handbrake.nix @@ -0,0 +1,5 @@ +{inputs, ...}: final: prev: let + inherit (prev.stdenv.hostPlatform) system; +in { + inherit (inputs.nixpkgs-handbrake.legacyPackages.${system}) handbrake; +} diff --git a/overlays/modifications/fix-hurl.nix b/overlays/modifications/fix-hurl.nix new file mode 100644 index 0000000..b515d50 --- /dev/null +++ b/overlays/modifications/fix-hurl.nix @@ -0,0 +1,5 @@ +{inputs, ...}: final: prev: let + inherit (prev.stdenv.hostPlatform) system; +in { + inherit (inputs.nixpkgs-hurl.legacyPackages.${system}) hurl; +} diff --git a/pkgs/_sources/generated.json b/pkgs/_sources/generated.json index 6c27ed8..6996eb0 100644 --- a/pkgs/_sources/generated.json +++ b/pkgs/_sources/generated.json @@ -22,7 +22,7 @@ }, "TrackersListCollection": { "cargoLocks": null, - "date": "2025-06-20", + "date": "2025-06-22", "extract": null, "name": "TrackersListCollection", "passthru": null, @@ -34,14 +34,14 @@ "name": null, "owner": "XIU2", "repo": "TrackersListCollection", - "rev": "434c1455c6877e91d2f399e3f8ec52727974167d", - "sha256": "sha256-UcDxpNWGO72pS54SsmaF09NWmUYo8y+peGaOVKMSxZA=", + "rev": "5a0135a913cd27cea026bd558d0319da3630f327", + "sha256": "sha256-YllDv9VEmBCWV0YrdD2yO54foDy/m+9FR2NBwEpSiCY=", "sparseCheckout": [ "all.txt" ], "type": "github" }, - "version": "434c1455c6877e91d2f399e3f8ec52727974167d" + "version": "5a0135a913cd27cea026bd558d0319da3630f327" }, "cliphist": { "cargoLocks": null, diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix index a4daf8a..0182b75 100644 --- a/pkgs/_sources/generated.nix +++ b/pkgs/_sources/generated.nix @@ -15,18 +15,18 @@ }; TrackersListCollection = { pname = "TrackersListCollection"; - version = "434c1455c6877e91d2f399e3f8ec52727974167d"; + version = "5a0135a913cd27cea026bd558d0319da3630f327"; src = fetchFromGitHub { owner = "XIU2"; repo = "TrackersListCollection"; - rev = "434c1455c6877e91d2f399e3f8ec52727974167d"; + rev = "5a0135a913cd27cea026bd558d0319da3630f327"; fetchSubmodules = false; deepClone = false; leaveDotGit = false; sparseCheckout = [ "all.txt" ]; - sha256 = "sha256-UcDxpNWGO72pS54SsmaF09NWmUYo8y+peGaOVKMSxZA="; + sha256 = "sha256-YllDv9VEmBCWV0YrdD2yO54foDy/m+9FR2NBwEpSiCY="; }; - date = "2025-06-20"; + date = "2025-06-22"; }; cliphist = { pname = "cliphist"; diff --git a/pkgs/default.nix b/pkgs/default.nix index ac99da1..5ed876b 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -7,7 +7,11 @@ ... }: let srcs = callPackages ./_sources/generated.nix {}; - callPackage = lib.callPackageWith (pkgs // {inherit inputs srcs callPackage rootPath;}); + callPackage = lib.callPackageWith (pkgs + // { + inherit inputs srcs callPackage rootPath; + inherit (inputs.nixpkgs-hurl.legacyPackages.${pkgs.system}) hurl; + }); in { pinentry-selector = callPackage ./pinentry-selector.nix {}; From ea717027458c5304ddeef370f2bfa81383f9c389 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Mon, 23 Jun 2025 22:05:10 +0800 Subject: [PATCH 03/23] module(i18n): Reformat default.custom.yaml --- home/modules/i18n/default.custom.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/home/modules/i18n/default.custom.yaml b/home/modules/i18n/default.custom.yaml index cd210ce..d09e481 100644 --- a/home/modules/i18n/default.custom.yaml +++ b/home/modules/i18n/default.custom.yaml @@ -56,7 +56,11 @@ patch: toggle: traditionalization, accept: Control+Shift+dollar, } # 切换简繁 - - { when: always, toggle: full_shape, accept: Control+Shift+5 } # 切换全半角 + - { + when: always, + toggle: full_shape, + accept: Control+Shift+5, + } # 切换全半角 - { when: always, toggle: full_shape, From e91658d2bff187fac8e286d577ee37d0f39e2d94 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Mon, 23 Jun 2025 22:13:44 +0800 Subject: [PATCH 04/23] pkgs: Synchronize upstream inputs for flake --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index d9b185a..ae2553a 100644 --- a/flake.lock +++ b/flake.lock @@ -96,11 +96,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1750594492, - "narHash": "sha256-8AP008pMieuJMFll32Qlyi2BkNNqqIq8FRqM7uXzr5o=", + "lastModified": 1750649006, + "narHash": "sha256-P313UXYYRhGqQpaVpkrrwQugFK16tFKXLNJ2Gl7YgtQ=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "1cbd3ce75615ab95c9dcca1d64e638e762fe4975", + "rev": "c11fb47645d24baaf5074a4dcfa7ca4a756ab545", "type": "github" }, "original": { @@ -163,11 +163,11 @@ ] }, "locked": { - "lastModified": 1750040002, - "narHash": "sha256-KrC9iOVYIn6ukpVlHbqSA4hYCZ6oDyJKrcLqv4c5v84=", + "lastModified": 1750680230, + "narHash": "sha256-kD88T/NqmcgfOBFAwphN30ccaUdj6K6+LG0XdM2w2LA=", "owner": "nix-community", "repo": "disko", - "rev": "7f1857b31522062a6a00f88cbccf86b43acceed1", + "rev": "8fd2d6c75009ac75f9a6fb18c33a239806778d01", "type": "github" }, "original": { @@ -415,11 +415,11 @@ ] }, "locked": { - "lastModified": 1750304462, - "narHash": "sha256-Mj5t4yX05/rXnRqJkpoLZTWqgStB88Mr/fegTRqyiWc=", + "lastModified": 1750614446, + "narHash": "sha256-6WH0aRFay79r775RuTqUcnoZNm6A4uHxU1sbcNIk63s=", "owner": "nix-community", "repo": "home-manager", - "rev": "863842639722dd12ae9e37ca83bcb61a63b36f6c", + "rev": "7c35504839f915abec86a96435b881ead7eb6a2b", "type": "github" }, "original": { @@ -435,11 +435,11 @@ ] }, "locked": { - "lastModified": 1750304462, - "narHash": "sha256-Mj5t4yX05/rXnRqJkpoLZTWqgStB88Mr/fegTRqyiWc=", + "lastModified": 1750654717, + "narHash": "sha256-YXlhTUGaLAY1rSosaRXO5RSGriEyF9BGdLkpKV+9jyI=", "owner": "nix-community", "repo": "home-manager", - "rev": "863842639722dd12ae9e37ca83bcb61a63b36f6c", + "rev": "4c9e99e8e8e36bcdfa9cdb102e45e4dc95aa5c5b", "type": "github" }, "original": { @@ -522,11 +522,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1750471128, - "narHash": "sha256-oR2yjhAPXZDmfFb4UwBeVQcJBtrUNFwufovzN8sTBVc=", + "lastModified": 1750634718, + "narHash": "sha256-wVCB2iwu1sP9GfUVLSYJTE/U9I8InxCUlqK5WIwOUaw=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "13e7a34df7aa4e7d8ec4dd9df9d5a01973f28f49", + "rev": "e291d0634368fe8406cf237d3e8bc0326079752d", "type": "github" }, "original": { @@ -630,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1750365781, - "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", + "lastModified": 1750506804, + "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", + "rev": "4206c4cb56751df534751b058295ea61357bbbaa", "type": "github" }, "original": { @@ -741,11 +741,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1750365781, - "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", + "lastModified": 1750506804, + "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", + "rev": "4206c4cb56751df534751b058295ea61357bbbaa", "type": "github" }, "original": { @@ -800,11 +800,11 @@ "nur-rycee": { "flake": false, "locked": { - "lastModified": 1750565010, - "narHash": "sha256-eetTl1TpPoD5W52RX02Lo8SLQdVcU2m7usCSh5VhnwE=", + "lastModified": 1750651402, + "narHash": "sha256-mT97WT4FlJyvfWp7rso3tUZca0qKU46czyi/HBJHG4w=", "owner": "rycee", "repo": "nur-expressions", - "rev": "a24c53d008d362cfd5a96270b2bb331e26902af5", + "rev": "13fa5e2e89062281dee88508f97e93360bfe2e2d", "type": "gitlab" }, "original": { @@ -846,11 +846,11 @@ ] }, "locked": { - "lastModified": 1750473400, - "narHash": "sha256-wiW2j63MyGQyyijRF25hf7Ab7vx4G8pCiGjUe3OGV4c=", + "lastModified": 1750560265, + "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "3d7d4c4e284f26d6dc4840491c66884912be0062", + "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", "type": "github" }, "original": { From 07fc72c50096aca4e82ea3af9ac4978d6a5ad369 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Mon, 23 Jun 2025 23:22:18 +0800 Subject: [PATCH 05/23] pkgs(handbrake): Remove temporily overlay for handbrake --- flake.lock | 17 ----------------- flake.nix | 7 ------- overlays/modifications/default.nix | 1 - overlays/modifications/fix-handbrake.nix | 5 ----- 4 files changed, 30 deletions(-) delete mode 100644 overlays/modifications/fix-handbrake.nix diff --git a/flake.lock b/flake.lock index ae2553a..2d57f6a 100644 --- a/flake.lock +++ b/flake.lock @@ -644,22 +644,6 @@ "type": "github" } }, - "nixpkgs-handbrake": { - "locked": { - "lastModified": 1749936441, - "narHash": "sha256-MfdTzz/ArELrweWK7FLofbK/NMvbpEhV8QCo6f7UBII=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c74daf34b6de017d7d43196c494f887a2b956f0f", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c74daf34b6de017d7d43196c494f887a2b956f0f", - "type": "github" - } - }, "nixpkgs-hurl": { "locked": { "lastModified": 1750581657, @@ -830,7 +814,6 @@ "nixos-cosmic": "nixos-cosmic", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", - "nixpkgs-handbrake": "nixpkgs-handbrake", "nixpkgs-hurl": "nixpkgs-hurl", "nur-rycee": "nur-rycee", "sops-nix": "sops-nix", diff --git a/flake.nix b/flake.nix index 1b78b84..a26d667 100644 --- a/flake.nix +++ b/flake.nix @@ -45,13 +45,6 @@ ref = "refs/pull/418842/head"; }; - nixpkgs-handbrake = { - type = "github"; - owner = "NixOS"; - repo = "nixpkgs"; - rev = "c74daf34b6de017d7d43196c494f887a2b956f0f"; - }; - lix-module = { url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.93"; inputs = { diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix index 9c2b5e2..61b8c26 100644 --- a/overlays/modifications/default.nix +++ b/overlays/modifications/default.nix @@ -12,7 +12,6 @@ in ./helix.nix ./cliphist.nix ./fix-hurl.nix - ./fix-handbrake.nix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/modifications/fix-handbrake.nix b/overlays/modifications/fix-handbrake.nix deleted file mode 100644 index 868b962..0000000 --- a/overlays/modifications/fix-handbrake.nix +++ /dev/null @@ -1,5 +0,0 @@ -{inputs, ...}: final: prev: let - inherit (prev.stdenv.hostPlatform) system; -in { - inherit (inputs.nixpkgs-handbrake.legacyPackages.${system}) handbrake; -} From b497d6b938d2d716bff1edf3f4649087aadf598d Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 06/23] module(just): Add dead-nix to check unused nix code --- .justfile | 3 +++ flake/home.nix | 4 ++-- home/alice/configurations/Cape/default.nix | 1 - home/david/configurations/Akun/default.nix | 1 - home/david/configurations/Akun/niri.nix | 2 +- home/david/configurations/Tytonidae/default.nix | 2 -- home/david/configurations/Tytonidae/niri.nix | 2 +- home/david/modules/programs/niri/default.nix | 4 ++-- home/modules/programs/helix/default.nix | 1 - nixos/configurations/Tytonidae/default.nix | 1 - nixos/configurations/Tytonidae/gui.nix | 2 +- nixos/modules/gui/cosmic.nix | 1 - nixos/modules/programs/default.nix | 6 +----- nixos/modules/programs/nix-ld.nix | 1 - nixos/modules/sops.nix | 6 +----- overlays/additions/OuterWildsTextAdventure.nix | 2 +- overlays/additions/TrackersListCollection.nix | 2 +- overlays/additions/editor-runtime.nix | 2 +- overlays/modifications/QQ.nix | 2 +- overlays/modifications/cliphist.nix | 2 +- overlays/modifications/dae.nix | 2 +- overlays/modifications/fix-hurl.nix | 2 +- overlays/modifications/helix.nix | 2 +- overlays/modifications/juicity.nix | 2 +- overlays/modifications/radicle-explorer.nix | 2 +- overlays/modifications/spotifyx.nix | 2 +- overlays/modifications/wshowkeys.nix | 2 +- pkgs/cliphist.nix | 2 +- pkgs/noto-sans-cjk.nix | 2 +- pkgs/noto-serif-cjk.nix | 2 +- pkgs/spotifyx.nix | 2 +- pkgs/wshowkeys-mao.nix | 2 +- templates/cxx/flake.nix | 2 -- templates/cxxWithXmake/flake.nix | 1 - templates/python/flake.nix | 1 - templates/rust/flake.nix | 2 +- 36 files changed, 30 insertions(+), 47 deletions(-) diff --git a/.justfile b/.justfile index 8ad8ffd..e69a1f8 100755 --- a/.justfile +++ b/.justfile @@ -37,6 +37,9 @@ buildHome host=DEFAULT_HOST $USER=DEFAULT_USER: @echo HOST: {{ host }} nh home build -b backup {{ if host != DEFAULT_HOST { "-c \"" + USER + "@" + host + "\"" } else { "" } }} {{ FLAKE_HOME }} +deadNix: + nix run github:astro/deadnix -- . --exclude ./pkgs/_sources/generated.nix ./nixos/configurations/{Akun,Tytonidae,Cape}/hardware-configuration.nix + alias s := switch alias u := update alias d := deploy diff --git a/flake/home.nix b/flake/home.nix index a4a5aff..50e7a26 100644 --- a/flake/home.nix +++ b/flake/home.nix @@ -10,9 +10,9 @@ ( (rootPath + "/home") |> builtins.readDir - |> lib.filterAttrs (key: value: value == "directory") + |> lib.filterAttrs (_key: value: value == "directory") |> lib.filterAttrs ( - key: value: + key: _value: !builtins.elem key [ "modules" "extra" diff --git a/home/alice/configurations/Cape/default.nix b/home/alice/configurations/Cape/default.nix index d42bd6b..244289b 100644 --- a/home/alice/configurations/Cape/default.nix +++ b/home/alice/configurations/Cape/default.nix @@ -1,7 +1,6 @@ { pkgs, unixName, - config, ... }: { youthlic = { diff --git a/home/david/configurations/Akun/default.nix b/home/david/configurations/Akun/default.nix index 9f342a3..308530f 100644 --- a/home/david/configurations/Akun/default.nix +++ b/home/david/configurations/Akun/default.nix @@ -2,7 +2,6 @@ pkgs, unixName, config, - rootPath, ... }: { imports = [ diff --git a/home/david/configurations/Akun/niri.nix b/home/david/configurations/Akun/niri.nix index 8d149a6..ccd2a2d 100644 --- a/home/david/configurations/Akun/niri.nix +++ b/home/david/configurations/Akun/niri.nix @@ -1,5 +1,5 @@ {inputs, ...}: let - inherit (inputs.niri-flake.lib.kdl) node leaf plain flag; + inherit (inputs.niri-flake.lib.kdl) node leaf flag; in { david.programs.niri = { extraConfig = let diff --git a/home/david/configurations/Tytonidae/default.nix b/home/david/configurations/Tytonidae/default.nix index 296217f..aa9aa6b 100644 --- a/home/david/configurations/Tytonidae/default.nix +++ b/home/david/configurations/Tytonidae/default.nix @@ -1,8 +1,6 @@ { pkgs, config, - rootPath, - inputs, unixName, ... }: { diff --git a/home/david/configurations/Tytonidae/niri.nix b/home/david/configurations/Tytonidae/niri.nix index cab1141..1097e49 100644 --- a/home/david/configurations/Tytonidae/niri.nix +++ b/home/david/configurations/Tytonidae/niri.nix @@ -1,5 +1,5 @@ {inputs, ...}: let - inherit (inputs.niri-flake.lib.kdl) node leaf plain flag; + inherit (inputs.niri-flake.lib.kdl) node leaf flag; in { david.programs.niri = { extraConfig = let diff --git a/home/david/modules/programs/niri/default.nix b/home/david/modules/programs/niri/default.nix index a1611d7..e19ef23 100644 --- a/home/david/modules/programs/niri/default.nix +++ b/home/david/modules/programs/niri/default.nix @@ -1,8 +1,8 @@ { config, lib, - pkgs, inputs, + pkgs, ... } @ args: let cfg = config.david.programs.niri; @@ -23,7 +23,7 @@ in { lib.mkIf cfg.enable { youthlic.programs.niri = { config = - (lib.toList (import ./config.nix args)) + (lib.toList (import ./config.nix (args // {inherit pkgs;}))) ++ (lib.toList cfg.extraConfig); }; david.programs.wluma.enable = true; diff --git a/home/modules/programs/helix/default.nix b/home/modules/programs/helix/default.nix index ed41aef..0389ba7 100644 --- a/home/modules/programs/helix/default.nix +++ b/home/modules/programs/helix/default.nix @@ -2,7 +2,6 @@ lib, pkgs, config, - outputs, ... }: { options = { diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index b728f54..d0e5a4c 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -2,7 +2,6 @@ lib, pkgs, inputs, - config, ... }: { imports = diff --git a/nixos/configurations/Tytonidae/gui.nix b/nixos/configurations/Tytonidae/gui.nix index 91d916c..bbafc39 100644 --- a/nixos/configurations/Tytonidae/gui.nix +++ b/nixos/configurations/Tytonidae/gui.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: let +{...}: let extraConfig = '' output "DP-3" { mode "2560x1440@169.900" diff --git a/nixos/modules/gui/cosmic.nix b/nixos/modules/gui/cosmic.nix index 40d616a..4da6b65 100644 --- a/nixos/modules/gui/cosmic.nix +++ b/nixos/modules/gui/cosmic.nix @@ -1,7 +1,6 @@ { config, lib, - pkgs, ... }: let cfg = config.youthlic.gui; diff --git a/nixos/modules/programs/default.nix b/nixos/modules/programs/default.nix index da48a0e..a69c343 100644 --- a/nixos/modules/programs/default.nix +++ b/nixos/modules/programs/default.nix @@ -1,8 +1,4 @@ -{ - config, - lib, - ... -}: { +{...}: { imports = [ ./transfer-sh.nix ./rustypaste diff --git a/nixos/modules/programs/nix-ld.nix b/nixos/modules/programs/nix-ld.nix index 70594dd..bae07d7 100644 --- a/nixos/modules/programs/nix-ld.nix +++ b/nixos/modules/programs/nix-ld.nix @@ -1,5 +1,4 @@ { - pkgs, config, lib, ... diff --git a/nixos/modules/sops.nix b/nixos/modules/sops.nix index 4b78e6c..6ec8e0b 100644 --- a/nixos/modules/sops.nix +++ b/nixos/modules/sops.nix @@ -1,8 +1,4 @@ -{ - rootPath, - config, - ... -}: { +{rootPath, ...}: { config = { sops.defaultSopsFile = rootPath + "/secrets/general.yaml"; sops.age = { diff --git a/overlays/additions/OuterWildsTextAdventure.nix b/overlays/additions/OuterWildsTextAdventure.nix index 8ab28c7..b8a687f 100644 --- a/overlays/additions/OuterWildsTextAdventure.nix +++ b/overlays/additions/OuterWildsTextAdventure.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { inherit (outputs.packages.${system}) OuterWildsTextAdventure; diff --git a/overlays/additions/TrackersListCollection.nix b/overlays/additions/TrackersListCollection.nix index e7ca1cf..17da85c 100644 --- a/overlays/additions/TrackersListCollection.nix +++ b/overlays/additions/TrackersListCollection.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { inherit (outputs.packages."${system}") TrackersListCollection; diff --git a/overlays/additions/editor-runtime.nix b/overlays/additions/editor-runtime.nix index c23213a..bfba19f 100644 --- a/overlays/additions/editor-runtime.nix +++ b/overlays/additions/editor-runtime.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { inherit (outputs.packages.${system}) editor-runtime; diff --git a/overlays/modifications/QQ.nix b/overlays/modifications/QQ.nix index 823e01e..16d5d7b 100644 --- a/overlays/modifications/QQ.nix +++ b/overlays/modifications/QQ.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { qq = outputs.packages."${system}".QQ; diff --git a/overlays/modifications/cliphist.nix b/overlays/modifications/cliphist.nix index a123457..85d18c3 100644 --- a/overlays/modifications/cliphist.nix +++ b/overlays/modifications/cliphist.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { inherit (outputs.packages."${system}") cliphist; diff --git a/overlays/modifications/dae.nix b/overlays/modifications/dae.nix index 3ee2db2..8437b0b 100644 --- a/overlays/modifications/dae.nix +++ b/overlays/modifications/dae.nix @@ -1,4 +1,4 @@ -{inputs, ...}: final: prev: let +{inputs, ...}: final: _prev: let inherit (final) stdenv; inherit (stdenv.hostPlatform) system; in { diff --git a/overlays/modifications/fix-hurl.nix b/overlays/modifications/fix-hurl.nix index b515d50..62ffaea 100644 --- a/overlays/modifications/fix-hurl.nix +++ b/overlays/modifications/fix-hurl.nix @@ -1,4 +1,4 @@ -{inputs, ...}: final: prev: let +{inputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { inherit (inputs.nixpkgs-hurl.legacyPackages.${system}) hurl; diff --git a/overlays/modifications/helix.nix b/overlays/modifications/helix.nix index 3b15a52..a759145 100644 --- a/overlays/modifications/helix.nix +++ b/overlays/modifications/helix.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { helix = outputs.packages."${system}".helix; diff --git a/overlays/modifications/juicity.nix b/overlays/modifications/juicity.nix index 61c970c..82f5472 100644 --- a/overlays/modifications/juicity.nix +++ b/overlays/modifications/juicity.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { juicity = outputs.packages."${system}".juicity; diff --git a/overlays/modifications/radicle-explorer.nix b/overlays/modifications/radicle-explorer.nix index 3e2b33e..216e7b1 100644 --- a/overlays/modifications/radicle-explorer.nix +++ b/overlays/modifications/radicle-explorer.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { radicle-explorer = outputs.packages."${system}".radicle-explorer; diff --git a/overlays/modifications/spotifyx.nix b/overlays/modifications/spotifyx.nix index 820b1d3..6395e95 100644 --- a/overlays/modifications/spotifyx.nix +++ b/overlays/modifications/spotifyx.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { spotify = outputs.packages."${system}".spotifyx; diff --git a/overlays/modifications/wshowkeys.nix b/overlays/modifications/wshowkeys.nix index eee953b..455b646 100644 --- a/overlays/modifications/wshowkeys.nix +++ b/overlays/modifications/wshowkeys.nix @@ -1,4 +1,4 @@ -{outputs, ...}: final: prev: let +{outputs, ...}: _final: prev: let inherit (prev.stdenv.hostPlatform) system; in { wshowkeys = outputs.packages.${system}.wshowkeys-mao; diff --git a/pkgs/cliphist.nix b/pkgs/cliphist.nix index 40f08f9..7f107c8 100644 --- a/pkgs/cliphist.nix +++ b/pkgs/cliphist.nix @@ -11,7 +11,7 @@ }: let inherit (srcs.cliphist) src date version; in - cliphist.overrideAttrs (final: prev: { + cliphist.overrideAttrs (_final: prev: { inherit src; version = if prev.version != "0.6.1" diff --git a/pkgs/noto-sans-cjk.nix b/pkgs/noto-sans-cjk.nix index 41d6596..50d3d42 100644 --- a/pkgs/noto-sans-cjk.nix +++ b/pkgs/noto-sans-cjk.nix @@ -5,7 +5,7 @@ }: let source = srcs.noto-sans-cjk; in - stdenvNoCC.mkDerivation (finalAttrs: { + stdenvNoCC.mkDerivation (_finalAttrs: { pname = "noto-sans-cjk"; version = source.version; diff --git a/pkgs/noto-serif-cjk.nix b/pkgs/noto-serif-cjk.nix index b0af26b..80b8f74 100644 --- a/pkgs/noto-serif-cjk.nix +++ b/pkgs/noto-serif-cjk.nix @@ -5,7 +5,7 @@ }: let source = srcs.noto-serif-cjk; in - stdenvNoCC.mkDerivation (finalAttrs: { + stdenvNoCC.mkDerivation (_finalAttrs: { pname = "noto-serif-cjk"; version = source.version; diff --git a/pkgs/spotifyx.nix b/pkgs/spotifyx.nix index d15bb46..bb9ab7f 100644 --- a/pkgs/spotifyx.nix +++ b/pkgs/spotifyx.nix @@ -7,7 +7,7 @@ srcs, }: let inherit (srcs) spotx; - spotifyx = spotify.overrideAttrs (final: prev: { + spotifyx = spotify.overrideAttrs (_final: prev: { nativeBuildInputs = prev.nativeBuildInputs ++ [ diff --git a/pkgs/wshowkeys-mao.nix b/pkgs/wshowkeys-mao.nix index f9049f8..4e85026 100644 --- a/pkgs/wshowkeys-mao.nix +++ b/pkgs/wshowkeys-mao.nix @@ -4,7 +4,7 @@ }: let inherit (srcs) wshowkeys-mao; in - wshowkeys.overrideAttrs (final: prev: { + wshowkeys.overrideAttrs (_final: _prev: { inherit (wshowkeys-mao) src; pname = "wshowkeys-mao"; version = wshowkeys-mao.date + "-" + wshowkeys-mao.version; diff --git a/templates/cxx/flake.nix b/templates/cxx/flake.nix index ac11c54..0de5c71 100644 --- a/templates/cxx/flake.nix +++ b/templates/cxx/flake.nix @@ -6,13 +6,11 @@ }; }; outputs = { - self, flake-utils, nixpkgs, ... }: flake-utils.lib.eachDefaultSystem (system: let - inherit (pkgs) lib; pkgs = import nixpkgs { inherit system; }; diff --git a/templates/cxxWithXmake/flake.nix b/templates/cxxWithXmake/flake.nix index f7c2478..90fa65e 100644 --- a/templates/cxxWithXmake/flake.nix +++ b/templates/cxxWithXmake/flake.nix @@ -12,7 +12,6 @@ ... }: flake-utils.lib.eachDefaultSystem (system: let - inherit (pkgs) lib; pkgs = import nixpkgs { inherit system; }; diff --git a/templates/python/flake.nix b/templates/python/flake.nix index f1f811f..3dd3a56 100644 --- a/templates/python/flake.nix +++ b/templates/python/flake.nix @@ -6,7 +6,6 @@ }; }; outputs = { - self, flake-utils, nixpkgs, ... diff --git a/templates/rust/flake.nix b/templates/rust/flake.nix index d83b4f1..13917fc 100644 --- a/templates/rust/flake.nix +++ b/templates/rust/flake.nix @@ -40,7 +40,7 @@ inherit system; overlays = [ (import rust-overlay) - (final: prev: { + (_final: prev: { lib = prev.lib // (import ./nix/lib.nix prev.lib); }) ]; From f32f1089843319092c9c2daae140832e94948df8 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 07/23] Add symlink from LICENSE to LICENSE-GPL-3.0-or-later --- LICENSE | 1 + 1 file changed, 1 insertion(+) create mode 120000 LICENSE diff --git a/LICENSE b/LICENSE new file mode 120000 index 0000000..9193119 --- /dev/null +++ b/LICENSE @@ -0,0 +1 @@ +LICENSE-GPL-3.0-or-later \ No newline at end of file From bef1a760ae04cb925de66fcbd7264f2a7e637b09 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 08/23] secrets: Add sourcehut config into ssh-config --- secrets/ssh-config.yaml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/secrets/ssh-config.yaml b/secrets/ssh-config.yaml index d0a09f7..bab03be 100644 --- a/secrets/ssh-config.yaml +++ b/secrets/ssh-config.yaml @@ -1,9 +1,5 @@ -ssh-config: ENC[AES256_GCM,data:4tsdyyyZoCUDa0NWt2qN9BRo+Y6oUQjlT9e2YuW8+KFcrm8zW9xzosnO5PN7EFsFOM8txNXlKhQN6t+EaUEoeymEgBYg31F75WroU5nAixoLtU75oqYxxCbeeOeOhSHHXJAVqOHun9h7lVwJSOUd4JRgu7zf1klEyIf4dxMTo1U+v1OwVFDUeQ0VPPXMpsYrtI5udTOWykJaDU9yifBRx0VRiwYmNLVBhqJJli4v78z4sknjyhJQPqF0bTqlk50axU+ZA/yQRXE3CwYeW34FIXdGfdyDV0UnM+hjtXUYvuMnzPrglI+ZBrH/7Rv8SgeyrT3TFj468iONHcGkJWcuuQdlZZm9x+79M4vp9MfzsF2zVstrz7yPTbvyKDZW6G37HjfpTceacOq8aWL4mMqXX6WJlcjHshuA9aHAwe8l,iv:MBP1Rho6pKE2DJXMZaGYNVtr1GoftA1BCMLQV27V7Lg=,tag:KRKBPxpfRkY0csg61y2IIg==,type:str] +ssh-config: ENC[AES256_GCM,data:JXEVWaiGzRShc3o89OK7BCppEgCYgDBfYUflClT5Es9HuZgM+idl8vPqYhmbAsFgdvHuS5tFjk3Uu6tzbMqitaIKI/aCm5MJQvDJMOJip56tzH45lGJOyWFCL6oE+ruKmpg7ZPx/B4mTfiETWCqAX04/sUk1huNhnpjra7r3/LOJWfPUNAB7LxZMWK6/+8nJMD3vpeL3ZormM22mbvVrZSfdwMUID+nVpoDuFow+kLxS5k0Z+R93nKmpQILAuvMYDmgTATyR6FD+5Q9CXOa9/pzsxfdTGjUJM0CEllG2i8Se2rEAste6QPfrCnJOijruA855l5K7j+81VgVY/EMXiMkSQUzd5XgDfZwlvuKC8wclZSPWIOW3HQksJ1nitB0IjPOh9zfUaV6ArHliAHJZjHoFXuxktHRxSWemV2ydMXVMRPM/bN6Uo5E7h+a+xV+fG4pwvIzMUORk37+sL+sMX8Q6N8WQRPAmb5OPgDVWky9OshfMqtKuATglADhHcg3Ph100hDMOm97ccoE6HPtmxF+v+r/zMMVKcYFYadA/,iv:VPxLm2XZSD0W5JwUe3KnH3MXvEVhvlJSXoIWxv6kjco=,tag:2Aqq2CgAOUVzmdHmPtW02g==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: - recipient: age1smmqun9h3cszaza85ty33yenyaqtat572u9r3we4l5gh85njgvws6q680g enc: | @@ -32,8 +28,7 @@ sops: anNBRmFHN3VOVEhVdjd0QTA2aGd4OE0KCsaIBsMWZ+CDIck2a53vV+gnn2/Coc/o HgQc5JMQbL4n957nqB/Gpj92z2nYteVl0fS7Umu9M2SbmF2Cvapafw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-01T17:50:32Z" - mac: ENC[AES256_GCM,data:uT4rtuMb50Ju+TWXSGXK2pQCHbDPRLghHJ/CA13dsRzIm8BAICdH8lYIy32OhxxzjznRENG46KENCypTg0Krv8ftJqrlCm4ZS2k7zWNgY3vpNCXYcQx60DfACP2ZEmrpRxt9f2TIa11zSskvmQSCaMlt7WJQWan5ZC385UOE8pY=,iv:pDY2Zpl+I+mN8FgjbYJNwzIQsct9vkK40HgpuwnxqDU=,tag:VDqGYFZj7VVaJTIq0lAOfQ==,type:str] - pgp: [] + lastmodified: "2025-06-25T12:29:24Z" + mac: ENC[AES256_GCM,data:GuoPivSOiL4OW15dW4ORz+cC/nHrwVgYD82d3ATa47oCk4MJMCTTFyoOnlxvbEHkEJn7l7i7MP4vErShgzK5shg4OOTAw8h4xaN5tNuWeE95Xxd959I4zFqCF6kiePBpNsObHDKtvqjUXIO9OkCP9Y//jnTRE5+WGsLLdWf/J7E=,iv:TcuhcRfG17t3WI4fuCAb/X/73bLZCjXcgqaDjepS2iA=,tag:yWA8zv+6nOqn+RxAuVfViQ==,type:str] unencrypted_suffix: _unencrypted - version: 3.9.4 + version: 3.10.2 From 77332e958f32abfa6478f9985f0e8909981dd83f Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 09/23] pkgs: Synchronize upstream inputs for flake and remove patch for hurl --- flake.lock | 147 ++++++++++++---------------- flake.nix | 7 -- overlays/modifications/default.nix | 1 - overlays/modifications/fix-hurl.nix | 5 - pkgs/default.nix | 6 +- 5 files changed, 66 insertions(+), 100 deletions(-) delete mode 100644 overlays/modifications/fix-hurl.nix diff --git a/flake.lock b/flake.lock index 2d57f6a..d83cf0b 100644 --- a/flake.lock +++ b/flake.lock @@ -96,11 +96,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1750649006, - "narHash": "sha256-P313UXYYRhGqQpaVpkrrwQugFK16tFKXLNJ2Gl7YgtQ=", + "lastModified": 1750854959, + "narHash": "sha256-aL8Nu/gDUwMZpCsf1Crx+tT24yE+Fa8n0+hVjFKOpQQ=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "c11fb47645d24baaf5074a4dcfa7ca4a756ab545", + "rev": "c417f3d4efc3042682c54631c975d554481a3bdb", "type": "github" }, "original": { @@ -119,11 +119,11 @@ ] }, "locked": { - "lastModified": 1750579949, - "narHash": "sha256-Ry9SoBinv53YMMXmQA1D6wmOEzHiz4aoKAENirpMQcI=", + "lastModified": 1750820125, + "narHash": "sha256-WDN3/TUs9vqZVXL6jMjl+D0pNsHJ4oO4muMVxnIc5hk=", "owner": "daeuniverse", "repo": "flake.nix", - "rev": "b2fe700ac3c16bea86975b1abb00645e56658237", + "rev": "2eeb017f69333eea5bc348c555ebcefa0269a071", "type": "github" }, "original": { @@ -393,11 +393,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1750531852, - "narHash": "sha256-ps4Fa8cq+q13Kb2nj9uxXjIGvsSRBUfcxW5CgquxiQI=", + "lastModified": 1750857684, + "narHash": "sha256-pbF4oz+HZE/rXsm9YOOA9aV/QnwTvc0zHDTpkaHpYK4=", "owner": "helix-editor", "repo": "helix", - "rev": "171dfc60e5cda8f9fb6c4f662872f35bbe864a53", + "rev": "c3c4895179d4bc5a00e22fdf129d41c1af96226a", "type": "github" }, "original": { @@ -415,11 +415,11 @@ ] }, "locked": { - "lastModified": 1750614446, - "narHash": "sha256-6WH0aRFay79r775RuTqUcnoZNm6A4uHxU1sbcNIk63s=", + "lastModified": 1750730235, + "narHash": "sha256-rZErlxiV7ssvI8t7sPrKU+fRigNc2KvoKZG3gtUtK50=", "owner": "nix-community", "repo": "home-manager", - "rev": "7c35504839f915abec86a96435b881ead7eb6a2b", + "rev": "d07e9cceb4994ed64a22b9b36f8b76923e87ac38", "type": "github" }, "original": { @@ -435,11 +435,11 @@ ] }, "locked": { - "lastModified": 1750654717, - "narHash": "sha256-YXlhTUGaLAY1rSosaRXO5RSGriEyF9BGdLkpKV+9jyI=", + "lastModified": 1750798083, + "narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=", "owner": "nix-community", "repo": "home-manager", - "rev": "4c9e99e8e8e36bcdfa9cdb102e45e4dc95aa5c5b", + "rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82", "type": "github" }, "original": { @@ -473,11 +473,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1747597901, - "narHash": "sha256-jS+P57tXZEl+zvPfEIHFbd1j3xfuWcrcMrcnbm9wWbE=", - "rev": "33eaaf02fd3f380e99032b25e741eeeb10573cad", + "lastModified": 1750762203, + "narHash": "sha256-LmQhjQ7c+AOkwhvR9GFgJOy8oHW35MoQRELtrwyVnPw=", + "rev": "38b358ce27203f972faa2973cf44ba80c758f46e", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/33eaaf02fd3f380e99032b25e741eeeb10573cad.tar.gz?rev=33eaaf02fd3f380e99032b25e741eeeb10573cad" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/38b358ce27203f972faa2973cf44ba80c758f46e.tar.gz?rev=38b358ce27203f972faa2973cf44ba80c758f46e" }, "original": { "type": "tarball", @@ -496,11 +496,11 @@ ] }, "locked": { - "lastModified": 1748803223, - "narHash": "sha256-FXndw1CihZcqQu49DziuMQuc0fG8L0nvGkm0JHZKimo=", + "lastModified": 1750776670, + "narHash": "sha256-EfA5K5EZAnspmraJrXQlziffVpaT+QDBiE6yKmuaNNQ=", "ref": "release-2.93", - "rev": "2226eb3b97f0f89fdcd5bf2d0a2c7723cf771a62", - "revCount": 145, + "rev": "c3c78a32273e89d28367d8605a4c880f0b6607e3", + "revCount": 146, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -522,11 +522,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1750634718, - "narHash": "sha256-wVCB2iwu1sP9GfUVLSYJTE/U9I8InxCUlqK5WIwOUaw=", + "lastModified": 1750847367, + "narHash": "sha256-BQzKA0b7B73PRwgQLEs37w1YhLdCm49GB2RhR0Xjt0Y=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "e291d0634368fe8406cf237d3e8bc0326079752d", + "rev": "bde02c6f392a7bfd487352a537183ebf2da7f53b", "type": "github" }, "original": { @@ -555,11 +555,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1750334747, - "narHash": "sha256-nsD1Z6vVP2Hhdgrd0uYHacre2+NhaH/53TFRXn6pRcs=", + "lastModified": 1750791124, + "narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", "owner": "YaLTeR", "repo": "niri", - "rev": "e0b0b04b445f7044f383e50104f861e632e1c905", + "rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", "type": "github" }, "original": { @@ -599,11 +599,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1750590485, - "narHash": "sha256-0j3ZhM2G0QEpgnJwFTk8A0EwppMispfT7hME84c2jyg=", + "lastModified": 1750849699, + "narHash": "sha256-MzTjtv7AcRwJRoU9shc+B3tW4Rr/HkdI+st3ThKVo+w=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "7f49ed84253338f47e4187aa0e7480baa5c784f9", + "rev": "cfc96e2a5e57cbe1831c4b44f63cd66eb7743e42", "type": "github" }, "original": { @@ -614,11 +614,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1750431636, - "narHash": "sha256-vnzzBDbCGvInmfn2ijC4HsIY/3W1CWbwS/YQoFgdgPg=", + "lastModified": 1750837715, + "narHash": "sha256-2m1ceZjbmgrJCZ2PuQZaK4in3gcg3o6rZ7WK6dr5vAA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "1552a9f4513f3f0ceedcf90320e48d3d47165712", + "rev": "98236410ea0fe204d0447149537a924fb71a6d4f", "type": "github" }, "original": { @@ -630,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1750506804, - "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", + "lastModified": 1750741721, + "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4206c4cb56751df534751b058295ea61357bbbaa", + "rev": "4b1164c3215f018c4442463a27689d973cffd750", "type": "github" }, "original": { @@ -644,22 +644,6 @@ "type": "github" } }, - "nixpkgs-hurl": { - "locked": { - "lastModified": 1750581657, - "narHash": "sha256-2oGXIngJiuqrcxTRbs/0D+1YidC7osJfPlMwwpfwpYU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "6da24ccc7e889a6b80da047db51ee497c0f7b137", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "refs/pull/418842/head", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-lib": { "locked": { "lastModified": 1748740939, @@ -677,11 +661,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1750400657, - "narHash": "sha256-3vkjFnxCOP6vm5Pm13wC/Zy6/VYgei/I/2DWgW4RFeA=", + "lastModified": 1750622754, + "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b2485d56967598da068b5a6946dadda8bfcbcd37", + "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", "type": "github" }, "original": { @@ -693,11 +677,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1750330365, - "narHash": "sha256-hJ7XMNVsTnnbV2NPmStCC07gvv5l2x7+Skb7hyUzazg=", + "lastModified": 1750646418, + "narHash": "sha256-4UAN+W0Lp4xnUiHYXUXAPX18t+bn6c4Btry2RqM9JHY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d883b6213afa179b58ba8bace834f1419707d0ad", + "rev": "1f426f65ac4e6bf808923eb6f8b8c2bfba3d18c5", "type": "github" }, "original": { @@ -709,11 +693,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1750365781, - "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", + "lastModified": 1750741721, + "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", + "rev": "4b1164c3215f018c4442463a27689d973cffd750", "type": "github" }, "original": { @@ -725,11 +709,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1750506804, - "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", + "lastModified": 1750741721, + "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4206c4cb56751df534751b058295ea61357bbbaa", + "rev": "4b1164c3215f018c4442463a27689d973cffd750", "type": "github" }, "original": { @@ -784,11 +768,11 @@ "nur-rycee": { "flake": false, "locked": { - "lastModified": 1750651402, - "narHash": "sha256-mT97WT4FlJyvfWp7rso3tUZca0qKU46czyi/HBJHG4w=", + "lastModified": 1750824237, + "narHash": "sha256-jrJs7RMjB2P/V4y0n8qtN6EU5vId9W+6/le2XcRPg+4=", "owner": "rycee", "repo": "nur-expressions", - "rev": "13fa5e2e89062281dee88508f97e93360bfe2e2d", + "rev": "6d3d0527e3e273e9aaef9f5c433ef8046245fbb2", "type": "gitlab" }, "original": { @@ -814,7 +798,6 @@ "nixos-cosmic": "nixos-cosmic", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", - "nixpkgs-hurl": "nixpkgs-hurl", "nur-rycee": "nur-rycee", "sops-nix": "sops-nix", "stylix": "stylix", @@ -829,11 +812,11 @@ ] }, "locked": { - "lastModified": 1750560265, - "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", + "lastModified": 1750732748, + "narHash": "sha256-HR2b3RHsPeJm+Fb+1ui8nXibgniVj7hBNvUbXEyz0DU=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", + "rev": "4b4494b2ba7e8a8041b2e28320b2ee02c115c75f", "type": "github" }, "original": { @@ -871,11 +854,11 @@ ] }, "locked": { - "lastModified": 1750560265, - "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", + "lastModified": 1750819193, + "narHash": "sha256-XvkupGPZqD54HuKhN/2WhbKjAHeTl1UEnWspzUzRFfA=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", + "rev": "1ba3b9c59b68a4b00156827ad46393127b51b808", "type": "github" }, "original": { @@ -932,11 +915,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1750562714, - "narHash": "sha256-GEQdMsWrij7y1UjuONVZYWLBo1OPIt709KcyCxcDfxU=", + "lastModified": 1750862951, + "narHash": "sha256-oUhnj0mzeSAX3IFaWn6LKLbmuFeNd7ulIAkxf0Jc07A=", "owner": "nix-community", "repo": "stylix", - "rev": "100b968012804d6526c5f48a32c30680916bc474", + "rev": "37b8c5f68086f36a109074c3fedebbbf8c20ecda", "type": "github" }, "original": { @@ -1116,11 +1099,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1750388715, - "narHash": "sha256-6WMpcn3Ga/L71NiX9SdWw7ZELpNfrFnWJ0Gt2uAHjJg=", + "lastModified": 1750821680, + "narHash": "sha256-Bu5unTxnqok2RoU5P394Gh0vRaoyI/5xlOOJDF6akrc=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "03cbb2ee3a9da931bb9a39eb917674297a0b9318", + "rev": "2e7c318ac2bbf699b6ab92ef91e661e16415dfac", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a26d667..f99dc15 100644 --- a/flake.nix +++ b/flake.nix @@ -38,13 +38,6 @@ # nixpkgs.url = "github:NixOS/nixpkgs/master"; # nixpkgs.follows = "nixos-cosmic/nixpkgs"; - nixpkgs-hurl = { - type = "github"; - owner = "NixOS"; - repo = "nixpkgs"; - ref = "refs/pull/418842/head"; - }; - lix-module = { url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.93"; inputs = { diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix index 61b8c26..2f18ea8 100644 --- a/overlays/modifications/default.nix +++ b/overlays/modifications/default.nix @@ -11,7 +11,6 @@ in # ./QQ.nix ./helix.nix ./cliphist.nix - ./fix-hurl.nix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/modifications/fix-hurl.nix b/overlays/modifications/fix-hurl.nix deleted file mode 100644 index 62ffaea..0000000 --- a/overlays/modifications/fix-hurl.nix +++ /dev/null @@ -1,5 +0,0 @@ -{inputs, ...}: _final: prev: let - inherit (prev.stdenv.hostPlatform) system; -in { - inherit (inputs.nixpkgs-hurl.legacyPackages.${system}) hurl; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index 5ed876b..ac99da1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -7,11 +7,7 @@ ... }: let srcs = callPackages ./_sources/generated.nix {}; - callPackage = lib.callPackageWith (pkgs - // { - inherit inputs srcs callPackage rootPath; - inherit (inputs.nixpkgs-hurl.legacyPackages.${pkgs.system}) hurl; - }); + callPackage = lib.callPackageWith (pkgs // {inherit inputs srcs callPackage rootPath;}); in { pinentry-selector = callPackage ./pinentry-selector.nix {}; From 82d7072fb2876ac0e1eb0529a68992b3416dc626 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 10/23] (pkgs): Add new package `radicle-ci-broker` --- overlays/additions/default.nix | 1 + overlays/additions/radicle-ci-broker.nix | 5 +++++ pkgs/_sources/generated.json | 28 ++++++++++++++++++++---- pkgs/_sources/generated.nix | 22 +++++++++++++++---- pkgs/default.nix | 1 + pkgs/nvfetcher.toml | 4 ++++ pkgs/radicle-ci-broker.nix | 20 +++++++++++++++++ 7 files changed, 73 insertions(+), 8 deletions(-) create mode 100644 overlays/additions/radicle-ci-broker.nix create mode 100644 pkgs/radicle-ci-broker.nix diff --git a/overlays/additions/default.nix b/overlays/additions/default.nix index 337723a..4bccbc2 100644 --- a/overlays/additions/default.nix +++ b/overlays/additions/default.nix @@ -5,6 +5,7 @@ in ./TrackersListCollection.nix ./OuterWildsTextAdventure.nix ./editor-runtime.nix + ./radicle-ci-broker.nix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/additions/radicle-ci-broker.nix b/overlays/additions/radicle-ci-broker.nix new file mode 100644 index 0000000..e22b36a --- /dev/null +++ b/overlays/additions/radicle-ci-broker.nix @@ -0,0 +1,5 @@ +{outputs, ...}: _final: prev: let + inherit (prev.stdenv.hostPlatform) system; +in { + inherit (outputs.packages.${system}) radicle-ci-broker; +} diff --git a/pkgs/_sources/generated.json b/pkgs/_sources/generated.json index 6996eb0..f6dfebd 100644 --- a/pkgs/_sources/generated.json +++ b/pkgs/_sources/generated.json @@ -22,7 +22,7 @@ }, "TrackersListCollection": { "cargoLocks": null, - "date": "2025-06-22", + "date": "2025-06-25", "extract": null, "name": "TrackersListCollection", "passthru": null, @@ -34,14 +34,14 @@ "name": null, "owner": "XIU2", "repo": "TrackersListCollection", - "rev": "5a0135a913cd27cea026bd558d0319da3630f327", - "sha256": "sha256-YllDv9VEmBCWV0YrdD2yO54foDy/m+9FR2NBwEpSiCY=", + "rev": "f3079ce280d1597cc2b3adfd0a04e0632736e5f7", + "sha256": "sha256-GSG49cgGexdhn87tr8c6bCk0ySzsLWC23cWo6UvHDqE=", "sparseCheckout": [ "all.txt" ], "type": "github" }, - "version": "5a0135a913cd27cea026bd558d0319da3630f327" + "version": "f3079ce280d1597cc2b3adfd0a04e0632736e5f7" }, "cliphist": { "cargoLocks": null, @@ -130,6 +130,26 @@ }, "version": "Serif2.003" }, + "radicle-ci-broker": { + "cargoLocks": null, + "date": "2025-06-18", + "extract": null, + "name": "radicle-ci-broker", + "passthru": null, + "pinned": false, + "src": { + "deepClone": false, + "fetchSubmodules": false, + "leaveDotGit": false, + "name": null, + "rev": "d824691e1aeccd557b2deeb2cdfb18d275e15f3e", + "sha256": "sha256-bj+JR26bqBE/WBcIbIUZU0r9JqgkEIGSb8nv3GdF72Q=", + "sparseCheckout": [], + "type": "git", + "url": "https://seed.radicle.garden/zwTxygwuz5LDGBq255RA2CbNGrz8.git" + }, + "version": "d824691e1aeccd557b2deeb2cdfb18d275e15f3e" + }, "spotx": { "cargoLocks": null, "date": "2025-06-18", diff --git a/pkgs/_sources/generated.nix b/pkgs/_sources/generated.nix index 0182b75..a478d2d 100644 --- a/pkgs/_sources/generated.nix +++ b/pkgs/_sources/generated.nix @@ -15,18 +15,18 @@ }; TrackersListCollection = { pname = "TrackersListCollection"; - version = "5a0135a913cd27cea026bd558d0319da3630f327"; + version = "f3079ce280d1597cc2b3adfd0a04e0632736e5f7"; src = fetchFromGitHub { owner = "XIU2"; repo = "TrackersListCollection"; - rev = "5a0135a913cd27cea026bd558d0319da3630f327"; + rev = "f3079ce280d1597cc2b3adfd0a04e0632736e5f7"; fetchSubmodules = false; deepClone = false; leaveDotGit = false; sparseCheckout = [ "all.txt" ]; - sha256 = "sha256-YllDv9VEmBCWV0YrdD2yO54foDy/m+9FR2NBwEpSiCY="; + sha256 = "sha256-GSG49cgGexdhn87tr8c6bCk0ySzsLWC23cWo6UvHDqE="; }; - date = "2025-06-22"; + date = "2025-06-25"; }; cliphist = { pname = "cliphist"; @@ -82,6 +82,20 @@ sha256 = "sha256-mfbBSdJrUCZiUUmsmndtEW6H3z6KfBn+dEftBySf2j4="; }; }; + radicle-ci-broker = { + pname = "radicle-ci-broker"; + version = "d824691e1aeccd557b2deeb2cdfb18d275e15f3e"; + src = fetchgit { + url = "https://seed.radicle.garden/zwTxygwuz5LDGBq255RA2CbNGrz8.git"; + rev = "d824691e1aeccd557b2deeb2cdfb18d275e15f3e"; + fetchSubmodules = false; + deepClone = false; + leaveDotGit = false; + sparseCheckout = [ ]; + sha256 = "sha256-bj+JR26bqBE/WBcIbIUZU0r9JqgkEIGSb8nv3GdF72Q="; + }; + date = "2025-06-18"; + }; spotx = { pname = "spotx"; version = "181fd7fc8fe838237660a46ae096570d869bc30f"; diff --git a/pkgs/default.nix b/pkgs/default.nix index ac99da1..54bf3e0 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -21,6 +21,7 @@ in QQ = callPackage ./QQ.nix {}; editor-runtime = callPackage ./editor-runtime.nix {}; cliphist = callPackage ./cliphist.nix {}; + radicle-ci-broker = callPackage ./radicle-ci-broker.nix {}; noto-serif-cjk = callPackage ./noto-serif-cjk.nix {}; noto-sans-cjk = callPackage ./noto-sans-cjk.nix {}; diff --git a/pkgs/nvfetcher.toml b/pkgs/nvfetcher.toml index 64f3aa8..fa0debf 100644 --- a/pkgs/nvfetcher.toml +++ b/pkgs/nvfetcher.toml @@ -37,3 +37,7 @@ fetch.github = "top-mind/OuterWildsTextAdventureWeb" [cliphist] src.git = "https://github.com/sentriz/cliphist.git" fetch.github = "sentriz/cliphist" + +[radicle-ci-broker] +src.git = "https://seed.radicle.garden/zwTxygwuz5LDGBq255RA2CbNGrz8.git" +fetch.git = "https://seed.radicle.garden/zwTxygwuz5LDGBq255RA2CbNGrz8.git" diff --git a/pkgs/radicle-ci-broker.nix b/pkgs/radicle-ci-broker.nix new file mode 100644 index 0000000..9fdc0a9 --- /dev/null +++ b/pkgs/radicle-ci-broker.nix @@ -0,0 +1,20 @@ +{ + rustPlatform, + srcs, + git, +}: let + inherit (srcs) radicle-ci-broker; +in + rustPlatform.buildRustPackage (finalAttrs: { + pname = "radicle-ci-broker"; + version = "0-unstable-${radicle-ci-broker.date}-git${radicle-ci-broker.version}"; + inherit (radicle-ci-broker) src; + nativeBuildInputs = [git]; + + cargoLock = { + lockFile = "${finalAttrs.src}/Cargo.lock"; + allowBuiltinFetchGit = true; + }; + + doCheck = false; + }) From 387f21cfb75467c1813856382327d074a8c48db6 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 11/23] machine(Tytonidae): Enable system feature `gccarch-alderlake` --- nixos/configurations/Tytonidae/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index d0e5a4c..8de89aa 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -113,7 +113,7 @@ nvidiaBusId = "PCI:1:0:0"; }; }; - nix = {settings = {system-features = ["gccarch-x86-64-v3"];};}; + nix = {settings = {system-features = ["gccarch-alderlake"];};}; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions From 18eda1df60100af019dc65f1d8a878a87c4090b6 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 12/23] machine(Akun): Enable system feature `gccarch-skylake` --- nixos/configurations/Akun/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/configurations/Akun/default.nix b/nixos/configurations/Akun/default.nix index 9f2fba5..de4b6ec 100644 --- a/nixos/configurations/Akun/default.nix +++ b/nixos/configurations/Akun/default.nix @@ -70,6 +70,7 @@ loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; }; + nix = {settings = {system-features = ["gccarch-skylake"];};}; system.stateVersion = "24.11"; } From 74b250f40cf298cbfe28a32098592957809195e9 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 13/23] machine(Cape): Enable system feature `gccarch-ivybridge` --- nixos/configurations/Cape/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/configurations/Cape/default.nix b/nixos/configurations/Cape/default.nix index b34fe32..fed3ec2 100644 --- a/nixos/configurations/Cape/default.nix +++ b/nixos/configurations/Cape/default.nix @@ -62,6 +62,11 @@ boot.loader.grub = { enable = true; }; + nix = { + settings = { + system-features = ["gccarch-ivybridge"]; + }; + }; system.stateVersion = "24.11"; } From 7a609b7192e25bb3e676536990c39a27d2a592b0 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 14/23] machine(Tytonidae): Refactor hardware configuration --- nixos/configurations/Tytonidae/default.nix | 11 ------ nixos/configurations/Tytonidae/hardware.nix | 37 +++++++++++---------- 2 files changed, 19 insertions(+), 29 deletions(-) diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index 8de89aa..8dcedca 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -1,5 +1,4 @@ { - lib, pkgs, inputs, ... @@ -104,16 +103,6 @@ loader.efi.canTouchEfiVariables = true; initrd.systemd.enable = true; }; - hardware.nvidia = { - modesetting.enable = true; - open = true; - prime = { - reverseSync.enable = lib.mkDefault true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - }; - }; - nix = {settings = {system-features = ["gccarch-alderlake"];};}; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nixos/configurations/Tytonidae/hardware.nix b/nixos/configurations/Tytonidae/hardware.nix index 8fd23ca..0a988ca 100644 --- a/nixos/configurations/Tytonidae/hardware.nix +++ b/nixos/configurations/Tytonidae/hardware.nix @@ -1,27 +1,28 @@ -{pkgs, ...}: { +{ + pkgs, + lib, + ... +}: { nixpkgs.config.cudaSupport = true; services = { hardware.bolt.enable = true; fstrim.enable = true; }; + nix = {settings = {system-features = ["gccarch-alderlake"];};}; hardware = { - graphics = { - extraPackages = with pkgs; [ - vaapiIntel - libva - libvdpau-va-gl - vaapiVdpau - ocl-icd - intel-ocl - intel-compute-runtime - nvidia-vaapi-driver - intel-media-driver - ]; - extraPackages32 = with pkgs.pkgsi686Linux; [ - vaapiVdpau - libvdpau-va-gl - intel-media-driver - ]; + graphics.package = pkgs.mesa_git; + intelgpu = { + driver = "xe"; + vaapiDriver = "intel-media-driver"; + }; + nvidia = { + modesetting.enable = true; + open = true; + prime = { + reverseSync.enable = lib.mkDefault true; + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + }; }; }; } From fb83f41f2c91f0bee7a7067ae659884a4efb5c3c Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 15/23] machine(Akun): Refactor hardware configuration --- nixos/configurations/Akun/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nixos/configurations/Akun/default.nix b/nixos/configurations/Akun/default.nix index de4b6ec..9fc6cb9 100644 --- a/nixos/configurations/Akun/default.nix +++ b/nixos/configurations/Akun/default.nix @@ -69,8 +69,16 @@ kernelPackages = pkgs.linuxPackages_cachyos; loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; + kernelParams = ["i915.enable_guc=2"]; }; nix = {settings = {system-features = ["gccarch-skylake"];};}; + hardware = { + graphics.package = pkgs.mesa_git; + intelgpu = { + vaapiDriver = "intel-vaapi-driver"; + enableHybridCodec = true; + }; + }; system.stateVersion = "24.11"; } From 1c90b3507ede680b573d545c79bd17cba3477ef4 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 16/23] module(obs): Refactor obs-studio module from hmModule into nixosModule --- home/david/configurations/Akun/default.nix | 1 - home/david/configurations/Tytonidae/default.nix | 1 - home/modules/programs/default.nix | 1 - nixos/configurations/Akun/default.nix | 1 + nixos/configurations/Tytonidae/default.nix | 1 + nixos/modules/programs/default.nix | 1 + {home => nixos}/modules/programs/obs.nix | 6 ++---- 7 files changed, 5 insertions(+), 7 deletions(-) rename {home => nixos}/modules/programs/obs.nix (86%) diff --git a/home/david/configurations/Akun/default.nix b/home/david/configurations/Akun/default.nix index 308530f..20ac93a 100644 --- a/home/david/configurations/Akun/default.nix +++ b/home/david/configurations/Akun/default.nix @@ -35,7 +35,6 @@ sops.enable = true; mpv.enable = true; atuin.enable = true; - obs.enable = true; chromium.enable = true; thunderbird.enable = true; # espanso.enable = true; diff --git a/home/david/configurations/Tytonidae/default.nix b/home/david/configurations/Tytonidae/default.nix index aa9aa6b..299ca11 100644 --- a/home/david/configurations/Tytonidae/default.nix +++ b/home/david/configurations/Tytonidae/default.nix @@ -39,7 +39,6 @@ kvm.enable = true; atuin.enable = true; thunderbird.enable = true; - obs.enable = true; chromium.enable = true; espanso.enable = true; ion.enable = true; diff --git a/home/modules/programs/default.nix b/home/modules/programs/default.nix index cac7555..51ce6b1 100644 --- a/home/modules/programs/default.nix +++ b/home/modules/programs/default.nix @@ -11,7 +11,6 @@ ./wluma.nix ./niri.nix ./starship - ./obs.nix ./fuzzel.nix ./mpv.nix ./swaylock.nix diff --git a/nixos/configurations/Akun/default.nix b/nixos/configurations/Akun/default.nix index 9fc6cb9..81ce43b 100644 --- a/nixos/configurations/Akun/default.nix +++ b/nixos/configurations/Akun/default.nix @@ -32,6 +32,7 @@ kanata.enable = true; tailscale.enable = true; wshowkeys.enable = true; + obs.enable = true; }; }; programs.gnupg.agent = { diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index 8dcedca..9940421 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -51,6 +51,7 @@ juicity.client.enable = true; owncast.enable = true; wshowkeys.enable = true; + obs.enable = true; }; }; diff --git a/nixos/modules/programs/default.nix b/nixos/modules/programs/default.nix index a69c343..62986ad 100644 --- a/nixos/modules/programs/default.nix +++ b/nixos/modules/programs/default.nix @@ -26,5 +26,6 @@ ./radicle.nix ./wshowkeys.nix ./bash.nix + ./obs.nix ]; } diff --git a/home/modules/programs/obs.nix b/nixos/modules/programs/obs.nix similarity index 86% rename from home/modules/programs/obs.nix rename to nixos/modules/programs/obs.nix index 5314ed7..6567780 100644 --- a/home/modules/programs/obs.nix +++ b/nixos/modules/programs/obs.nix @@ -1,7 +1,7 @@ { pkgs, - config, lib, + config, ... }: let cfg = config.youthlic.programs.obs; @@ -16,11 +16,9 @@ in { enable = true; plugins = with pkgs.obs-studio-plugins; [ obs-source-record - obs-vaapi - obs-vkcapture - obs-webkitgtk obs-pipewire-audio-capture ]; + enableVirtualCamera = true; }; }; } From 1473057e1374a6ee93bf2861711116256e7ca94e Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 17/23] secrets(access-token): Refresh github access token --- secrets/general.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/general.yaml b/secrets/general.yaml index a6a7b59..b64fd5d 100644 --- a/secrets/general.yaml +++ b/secrets/general.yaml @@ -4,7 +4,7 @@ rustypaste: delete: ENC[AES256_GCM,data:fbhJiJhh4YSMZQ6/dfquesJE0sNSn2PUkbjtJmisj5qHtsM=,iv:M1R7giNyLhbj98iiCPENQy44Ixqnie1PHlNcsVs5TLs=,tag:zdBbZ4NR7D4HxsxCizTliw==,type:str] miniflux: ENC[AES256_GCM,data:8u9ElF2LAsIZmq7U8oZJM367y6EAy0si4ZXhpdisYa/PjV70SybUWhrahBft86QB71l8KtLUVuF3Ins=,iv:q7vJzxZICGNv/IaHKDpV50Pc9P4rIwcvfz2+uS1AnyI=,tag:ycwVU3RqfBoXRZQMv653xQ==,type:str] atuin-key: ENC[AES256_GCM,data:e3K7/7BaeXuR+vHJdtO79UQp3XRvROcD8ISkuCp3KGCSlBKUM3GuCwhIeFoIl0fOUqVYOzcCAcjsH2nBRqcXhtS8jhM=,iv:Mh3jsu6mdj0VOLSIoNz/0awyydVf7q3/E7iB7CJi+UA=,tag:xuHhUmK/J2stdjRrtbhQSw==,type:str] -access-tokens: ENC[AES256_GCM,data:Y1qJQaOYHIednHAYpcMVWk+5j5E27QDXrlTAfu/jt7prCxucrQHV7GR2xp7TrXPENDD/lkx9IrRsEKCF7FKIwMDSsfXu5mHt5iRv1dI5itXSlxs4R+r11/rj8S7CHWG/ajOlOwxGyQKHf8O6Q2pHxnDsI7aP7qlC,iv:yrkY/Bb4+ZiLXaTNQ5VD+UO1jf8HfoqEloBCoSRR7l0=,tag:U53qyWVbrKI5tZVagyJSxQ==,type:str] +access-tokens: ENC[AES256_GCM,data:/KBOmXN4LgRmO0axaeKqtmKy0W16OZQt6faNL/T7hxXYw1bDzImNNH4BAg6Lu6Tf15jaMgsqtr9eL3SRjVs7RelRhh7snaJVsrIs59bZ9awn5UvH4rHI0ktXvXwQnKMdwrHnrYURcCWOf+7s99I+50U1o1cDmJF0,iv:rhKP7qccP4DVxzgsaq3rEU39E9zn9EqNV9XzTJfs3O0=,tag:ezX0he1kidCkBGxeQHZNQw==,type:str] matrix-telegram-bot: ENC[AES256_GCM,data:4G9JSR4l3043SM63gvJr0xBFuS11eoesi9rrobTxN9HpEGNklYDWHH/+Bm7P/2Bxnye3CiO/Z8KffvbjH8slRHLtbSpo8lRsfi9uRAbeMl7aXe/nTjpN078QSN3WXXc9XqYq0sxwNKPrnW3bmPQsHUiykZ3Go5A9Qw1iIPvPpXITyNbeD0gA+2CBB7PIURI7X0PIgSfUtMFZvl2J9znqCnlfC41bj6aC3sywsEkpuFJiMEojrwl+XmVS/u4eNMq8KiofVn9QlGx5gdGZ9LfZZdc+8E6u5GovqP2JTwwfaeZPzdwdZ2YsdoAvmgAusMfjCNZvHF7msLsOyNJW4592ZC7+fHhRbkKnVKc3OwA4ILWd9Jl0p0BoS0Ckn3V5nUQFgxVJ2O0yd/FLFaEqbeBLHNqC6u9CTYk82Uy23ilXQYKIc9h2wQkM329E6j9Mk0f9uavoYVPkpz6ahLzcni2W26FUkeaZ7PkrHmHWfJvvvi32GB4+q1m0phPmcd3cKVhXhbhLXiBcx2Rj7Q==,iv:Br0w0SiYajFr8p5CZEg47x3KpJ+AOleHthsEc3ho4YI=,tag:k+wptcSnNzfefF66Ug824Q==,type:str] matrix-reg-token: ENC[AES256_GCM,data:Cr5560L9gQo/tKUz1sQOAg5dckI6SyDxeNyrjW4oI6qkV8bxUrMaAGnVkkeF9TF9FgAnRb+7Lm+axd2SmkPWnqrLll2NzLC01zXht9Mq9RroAPXFraEV1X1Ge1qAAtkr,iv:42r93HLVDKuDCOYlfem7oi3gcHfhDYiNbFKOCHxim+o=,tag:9hWGQrWHsv2eYNgFlHtfeA==,type:str] ssh-private-key: @@ -54,7 +54,7 @@ sops: a1Y1NU9CK2h1SS83VW42bzBMa01yMXMKI1DBtgNlkNCrxUQvnD6a45mQKNfg5gM4 Zb5buo9Jofj4dn/HFwng3T3gxKTrP2Dh74CAH4L0M5yrF9fzk5TCcQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-12T11:16:40Z" - mac: ENC[AES256_GCM,data:+c/i6oH4tOoBr8Uouej+v3lYGMbTjo3bti23Lh6IKA+o79pennRj9v7FEv21DcEwdlH+ebFvZgZwqS5c6cnbQFJkSKLPq15ecQXWEXAPklCV5C0tF3CHy5SgJxaQExYqcbq4/vdrWgKb1Bk53H32KfP1hzPdrr1aFe0jS8IZOSk=,iv:10G6Oc2Azeur1mt4pMj3kEI7g2CeDzhlUPfwz43C0QE=,tag:fN20RLv7pebWBV+trSSXsQ==,type:str] + lastmodified: "2025-06-27T15:03:19Z" + mac: ENC[AES256_GCM,data:G166RcgIytsJj7tVt40YNLPn3rmQu0KTIDmUECY3M7ft/+M1wz1JDlFKj7l8e1/xqa+FIE+Sny5yT/WLRUpbtv1fG4lJeqmJqbOoYiOOPgxR8Sse/aA+RU08ZvyYBV1Shm+NThjVjzJQWpwaDISYHkdUiwQ7bt+l5XXIJiveOoY=,iv:I4MkRMke8+quCnMhE6F1d/uhHXFV2blFk3pH+HRMs/k=,tag:r8LCUbaPsddtUghMUSYYww==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From a14448c2999860fc70c1ae00981f908fa90b24ca Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 18/23] overlay(lix): Fix lix cve with patch --- overlays/modifications/default.nix | 2 + overlays/modifications/fix-lix/default.nix | 5 + .../fix-lix/fix-cve-2025-52992.diff | 267 ++++++++++++++++++ 3 files changed, 274 insertions(+) create mode 100644 overlays/modifications/fix-lix/default.nix create mode 100644 overlays/modifications/fix-lix/fix-cve-2025-52992.diff diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix index 2f18ea8..a555650 100644 --- a/overlays/modifications/default.nix +++ b/overlays/modifications/default.nix @@ -11,6 +11,8 @@ in # ./QQ.nix ./helix.nix ./cliphist.nix + + ./fix-lix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/modifications/fix-lix/default.nix b/overlays/modifications/fix-lix/default.nix new file mode 100644 index 0000000..c1aa41c --- /dev/null +++ b/overlays/modifications/fix-lix/default.nix @@ -0,0 +1,5 @@ +{...}: _final: prev: { + lix = prev.lix.overrideAttrs { + patches = [./fix-cve-2025-52992.diff]; + }; +} diff --git a/overlays/modifications/fix-lix/fix-cve-2025-52992.diff b/overlays/modifications/fix-lix/fix-cve-2025-52992.diff new file mode 100644 index 0000000..a9d1b71 --- /dev/null +++ b/overlays/modifications/fix-lix/fix-cve-2025-52992.diff @@ -0,0 +1,267 @@ +diff --git a/doc/manual/rl-next/correct-cleanup-redirected-stores.md b/doc/manual/rl-next/correct-cleanup-redirected-stores.md +new file mode 100644 +index 000000000..a5d4a55a8 +--- /dev/null ++++ b/doc/manual/rl-next/correct-cleanup-redirected-stores.md +@@ -0,0 +1,18 @@ ++--- ++synopsis: "Correct cleanup in redirected stores" ++issues: [] ++cls: [3493] ++category: "Fixes" ++credits: ["horrors"] ++--- ++ ++Following CVE-2025-52992, the Lix team implemented automatic cleanup of ++*scratch outputs*, store paths written but not yet registered (e.g. ++`/nix/store/...`). ++ ++In setups using redirected stores, cleanup was mistakenly applied to the ++logical store path (always under `/nix/store`) rather than the actual physical ++location on disk. ++ ++This could result in accidental deletion from the system ++store instead of the intended redirected store. +diff --git a/doc/manual/rl-next/infallible-build-dirs.md b/doc/manual/rl-next/infallible-build-dirs.md +new file mode 100644 +index 000000000..563d4fcde +--- /dev/null ++++ b/doc/manual/rl-next/infallible-build-dirs.md +@@ -0,0 +1,25 @@ ++--- ++synopsis: "Fallback to safe temp dir when build-dir is unwritable" ++issues: [fj#876] ++cls: [3501] ++category: "Fixes" ++credits: ["raito", "horrors"] ++--- ++ ++Non-daemon builds started failing with a permission error after introducing the `build-dir` option: ++ ++``` ++$ nix build --store ~/scratch nixpkgs#hello --rebuild ++error: creating directory '/nix/var/nix/builds/nix-build-hello-2.12.2.drv-0': Permission denied ++``` ++ ++This happens because: ++ ++1. These builds are not run via the daemon, which owns `/nix/var/nix/builds`. ++2. The user lacks permissions for that path. ++ ++We considered making `build-dir` a store-level option and defaulting it to `/nix/var/nix/builds` for chroot stores, but opted instead for a fallback: if the default fails, Nix now creates a safe build directory under `/tmp`. ++ ++To avoid CVE-2025-52991, the fallback uses an extra path component between `/tmp` and the build dir. ++ ++**Note**: this fallback clutters `/tmp` with build directories that are not cleaned up. To prevent this, explicitly set `build-dir` to a path managed by Lix, even for local workloads. +diff --git a/doc/manual/rl-next/valid-outputs-deletion.md b/doc/manual/rl-next/valid-outputs-deletion.md +new file mode 100644 +index 000000000..f56112f41 +--- /dev/null ++++ b/doc/manual/rl-next/valid-outputs-deletion.md +@@ -0,0 +1,22 @@ ++--- ++synopsis: "Do not delete valid outputs after build" ++issues: [fj#883] ++cls: [3494] ++category: "Fixes" ++credits: ["horrors"] ++--- ++ ++In response to CVE-2025-52992, the Lix team introduced automatic deletion of ++*scratch outputs*, store paths written but not yet registered (e.g. in ++`/nix/store`). ++ ++However, the control flow distinguishing scratch outputs from valid ones is ++complex. A logic error caused valid outputs, especially those obtained via ++closure copies (e.g. remote builds), to be deleted post-build. ++ ++This led to breakage in Lix and could potentially render entire systems ++unusable by removing critical libraries. ++ ++We are sorry for the severity of this bug and are taking steps to prevent its ++recurrence. If your system is affected, please reach out on our support ++channels for recovery assistance. +diff --git a/lix/libstore/build/local-derivation-goal.cc b/lix/libstore/build/local-derivation-goal.cc +index c866a3b66..247943e5c 100644 +--- a/lix/libstore/build/local-derivation-goal.cc ++++ b/lix/libstore/build/local-derivation-goal.cc +@@ -487,17 +487,47 @@ try { + }); + } + +- createDirs(settings.buildDir.get()); +- +- /* Create a temporary directory where the build will take +- place. */ +- tmpDir = createTempDir( +- settings.buildDir.get(), +- "nix-build-" + std::string(drvPath.name()), +- false, +- false, +- 0700 +- ); ++ try { ++ auto buildDir = worker.buildDirOverride.value_or(settings.buildDir.get()); ++ ++ createDirs(buildDir); ++ ++ /* Create a temporary directory where the build will take ++ place. */ ++ tmpDir = ++ createTempDir(buildDir, "nix-build-" + std::string(drvPath.name()), false, false, 0700); ++ } catch (SysError & e) { ++ /* ++ * Fallback to the global tmpdir and create a safe space there ++ * only if it's a permission error. ++ */ ++ if (e.errNo != EACCES) { ++ throw; ++ } ++ ++ auto globalTmp = defaultTempDir(); ++ createDirs(globalTmp); ++#if __APPLE__ ++ /* macOS filesystem namespacing does not exist, to avoid breaking builds, we need to weaken ++ * the mode bits on the top-level directory. This avoids issues like ++ * https://github.com/NixOS/nix/pull/11031. */ ++ constexpr int toplevelDirMode = 0755; ++#else ++ constexpr int toplevelDirMode = 0700; ++#endif ++ auto nixBuildsTmp = ++ createTempDir(globalTmp, fmt("nix-builds-%s", geteuid()), false, false, toplevelDirMode); ++ warn( ++ "Failed to use the system-wide build directory '%s', falling back to a temporary " ++ "directory inside '%s'", ++ settings.buildDir.get(), ++ nixBuildsTmp ++ ); ++ worker.buildDirOverride = nixBuildsTmp; ++ tmpDir = createTempDir( ++ nixBuildsTmp, "nix-build-" + std::string(drvPath.name()), false, false, 0700 ++ ); ++ } + /* The TOCTOU between the previous mkdir call and this open call is unavoidable due to + * POSIX semantics.*/ + tmpDirFd = AutoCloseFD{open(tmpDir.c_str(), O_RDONLY | O_NOFOLLOW | O_DIRECTORY)}; +@@ -538,7 +568,9 @@ try { + /* Schedule this scratch output path for automatic deletion + * if we do not cancel it, e.g. when registering the outputs. + */ +- scratchOutputsCleaner.insert_or_assign(outputName, worker.store.printStorePath(scratchPath)); ++ scratchOutputsCleaner.emplace( ++ outputName, worker.store.toRealPath(worker.store.printStorePath(scratchPath)) ++ ); + + /* Substitute output placeholders with the scratch output paths. + We'll use during the build. */ +@@ -1739,6 +1771,11 @@ try { + before this for loop. */ + if (*scratchPath != finalStorePath) + outputRewrites[std::string { scratchPath->hashPart() }] = std::string { finalStorePath.hashPart() }; ++ /* Cancel automatic deletion of that output if it was a scratch output that we just ++ * registered. */ ++ if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { ++ cleaner.mapped().cancel(); ++ } + }; + + auto orifu = get(outputReferencesIfUnregistered, outputName); +@@ -2063,10 +2100,6 @@ try { + the next iteration */ + if (newInfo.ca) { + TRY_AWAIT(localStore.registerValidPaths({{newInfo.path, newInfo}})); +- /* Cancel automatic deletion of that output if it was a scratch output. */ +- if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { +- cleaner.mapped().cancel(); +- } + } + + infos.emplace(outputName, std::move(newInfo)); +@@ -2107,13 +2140,6 @@ try { + infos2.insert_or_assign(newInfo.path, newInfo); + } + TRY_AWAIT(localStore.registerValidPaths(infos2)); +- +- /* Cancel automatic deletion of that output if it was a scratch output that we just registered. */ +- for (auto & [outputName, _ ] : infos) { +- if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { +- cleaner.mapped().cancel(); +- } +- } + } + + /* In case of a fixed-output derivation hash mismatch, throw an +diff --git a/lix/libstore/build/worker.hh b/lix/libstore/build/worker.hh +index 7fc3d1fe9..d9dc36e34 100644 +--- a/lix/libstore/build/worker.hh ++++ b/lix/libstore/build/worker.hh +@@ -195,6 +195,7 @@ public: + Store & store; + Store & evalStore; + AsyncSemaphore substitutions, localBuilds; ++ std::optional buildDirOverride; + + private: + kj::TaskSet children; +diff --git a/tests/functional/build.sh b/tests/functional/build.sh +index 58fba83aa..fc83f61f3 100644 +--- a/tests/functional/build.sh ++++ b/tests/functional/build.sh +@@ -174,3 +174,8 @@ test "$(<<<"$out" grep -E '^error:' | wc -l)" = 3 + <<<"$out" grepQuiet -E "error: 2 dependencies of derivation '.*-x4\\.drv' failed to build" + <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x3\\.drv'" + <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x2\\.drv'" ++ ++# Ensure when if the system build dir is inaccessible, we can still build things ++BUILD_DIR=$(mktemp -d) ++chmod 0000 "$BUILD_DIR" ++nix --build-dir "$BUILD_DIR" build -E 'with import ./config.nix; mkDerivation { name = "test"; buildCommand = "echo rawr > $out"; }' --impure --no-link +diff --git a/tests/functional/linux-sandbox.sh b/tests/functional/linux-sandbox.sh +index 82f363a09..526605e5f 100644 +--- a/tests/functional/linux-sandbox.sh ++++ b/tests/functional/linux-sandbox.sh +@@ -81,3 +81,10 @@ testCert present fixed-output "$certsymlink" + + # Symlinks should be added in the sandbox directly and not followed + nix-sandbox-build symlink-derivation.nix ++ ++# Regression fj#883: derivations outputs disappearing after rebuild ++# build the derivation for both its outputs and delete one of them. ++# simulates substitution or copying only one output from a builder. ++nix-store --delete $(nix-sandbox-build --no-out-link ./regression-fj883.nix -A base.lib) ++# build a derivation depending on previous one. this should succeed ++nix-sandbox-build --no-out-link ./regression-fj883.nix -A downstream +diff --git a/tests/functional/regression-fj883.nix b/tests/functional/regression-fj883.nix +new file mode 100644 +index 000000000..2317145b7 +--- /dev/null ++++ b/tests/functional/regression-fj883.nix +@@ -0,0 +1,15 @@ ++with import ./config.nix; ++ ++rec { ++ base = mkDerivation { ++ name = "base"; ++ outputs = [ "out" "lib" ]; ++ buildCommand = "echo > $out; echo > $lib"; ++ }; ++ ++ downstream = mkDerivation { ++ name = "downstream"; ++ deps = [ base.out base.lib ]; ++ buildCommand = "echo $deps > $out"; ++ }; ++} +diff --git a/version.json b/version.json +index 22b83defe..a39a6e7e2 100644 +--- a/version.json ++++ b/version.json +@@ -1,5 +1,5 @@ + { +- "version": "2.93.1", +- "official_release": true, ++ "version": "2.93.2", ++ "official_release": false, + "release_name": "Bici Bici" + } From 3048d1d39bb960263fa6d30d2231ce1e57773dcc Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 19/23] module(kvm): Add virtiofsd driver for kvm --- nixos/modules/programs/kvm.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/programs/kvm.nix b/nixos/modules/programs/kvm.nix index a72510b..9dc2817 100644 --- a/nixos/modules/programs/kvm.nix +++ b/nixos/modules/programs/kvm.nix @@ -26,6 +26,7 @@ in { virtualisation = { libvirtd = { enable = true; + qemu.vhostUserPackages = with pkgs; [virtiofsd]; }; spiceUSBRedirection = { enable = true; From a3ee044509493c03fc04c5381b9506805276cca4 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 20/23] Add alacritty configuration and use it as default --- home/david/configurations/Akun/default.nix | 1 + .../configurations/Tytonidae/default.nix | 1 + home/david/modules/programs/niri/config.nix | 12 ++++++-- .../modules/programs/alacritty/alacritty.toml | 27 +++++++++++++++++ home/modules/programs/alacritty/default.nix | 30 +++++++++++++++++++ home/modules/programs/default.nix | 1 + nixos/modules/gui/niri.nix | 2 +- 7 files changed, 71 insertions(+), 3 deletions(-) create mode 100644 home/modules/programs/alacritty/alacritty.toml create mode 100644 home/modules/programs/alacritty/default.nix diff --git a/home/david/configurations/Akun/default.nix b/home/david/configurations/Akun/default.nix index 20ac93a..8d6d1cb 100644 --- a/home/david/configurations/Akun/default.nix +++ b/home/david/configurations/Akun/default.nix @@ -37,6 +37,7 @@ atuin.enable = true; chromium.enable = true; thunderbird.enable = true; + alacritty.enable = true; # espanso.enable = true; }; }; diff --git a/home/david/configurations/Tytonidae/default.nix b/home/david/configurations/Tytonidae/default.nix index 299ca11..f693cf1 100644 --- a/home/david/configurations/Tytonidae/default.nix +++ b/home/david/configurations/Tytonidae/default.nix @@ -42,6 +42,7 @@ chromium.enable = true; espanso.enable = true; ion.enable = true; + alacritty.enable = true; }; }; diff --git a/home/david/modules/programs/niri/config.nix b/home/david/modules/programs/niri/config.nix index e9e45ab..2856153 100644 --- a/home/david/modules/programs/niri/config.nix +++ b/home/david/modules/programs/niri/config.nix @@ -35,7 +35,7 @@ polkit-kde-agent = getExe' pkgs.kdePackages.polkit-kde-agent-1 "polkit-kde-agent"; wpctl = getExe' pkgs.wireplumber "wpctl"; swaybg = getExe pkgs.swaybg; - ghostty = getExe config.programs.ghostty.package; + alacritty = getExe config.programs.alacritty.package; wl-paste = getExe' pkgs.wl-clipboard "wl-paste"; cliphist = getExe' pkgs.cliphist "cliphist"; cliphist-fuzzel-img = getExe' pkgs.cliphist "cliphist-fuzzel-img"; @@ -57,7 +57,7 @@ in ]) (plain "Mod+T" [ (spawn [ - ghostty + alacritty ]) ]) (plain "Mod+Shift+T" [ @@ -471,6 +471,10 @@ in app-id = "^com\\.mitchellh\\.ghostty$"; is-active = true; } + { + app-id = "^Alacritty$"; + is-active = true; + } ]) (leaf "draw-border-with-background" [false]) ]) @@ -480,6 +484,10 @@ in app-id = "^com\\.mitchellh\\.ghostty$"; is-active = false; } + { + app-id = "^Alacritty$"; + is-active = false; + } ]) (leaf "opacity" [0.8]) (leaf "draw-border-with-background" [false]) diff --git a/home/modules/programs/alacritty/alacritty.toml b/home/modules/programs/alacritty/alacritty.toml new file mode 100644 index 0000000..4db938e --- /dev/null +++ b/home/modules/programs/alacritty/alacritty.toml @@ -0,0 +1,27 @@ +[general] +ipc_socket = true +live_config_reload = true + +[window] +dynamic_padding = true +opacity = 0.8 +blur = true + +[scrolling] +history = 100000 +multiplier = 5 + +[font] +size = 16 + +[bell] +duration = 1 + +[selection] +save_to_clipboard = true + +[terminal] +osc52 = "CopyPaste" + +[mouse] +hide_when_typing = true diff --git a/home/modules/programs/alacritty/default.nix b/home/modules/programs/alacritty/default.nix new file mode 100644 index 0000000..affa2f9 --- /dev/null +++ b/home/modules/programs/alacritty/default.nix @@ -0,0 +1,30 @@ +{ + lib, + config, + pkgs, + ... +}: let + cfg = config.youthlic.programs.alacritty; +in { + options = { + youthlic.programs.alacritty = { + enable = lib.mkEnableOption "alacritty"; + }; + }; + config = lib.mkIf cfg.enable { + programs.alacritty = { + enable = true; + package = pkgs.alacritty_git; + settings = + (./alacritty.toml |> builtins.readFile |> builtins.fromTOML) + // { + colors = lib.mkForce {}; + font.size = lib.mkForce 16; + window.opacity = lib.mkForce 0.8; + general.import = [ + "${pkgs.alacritty-theme}/share/alacritty-theme/gruvbox_dark.toml" + ]; + }; + }; + }; +} diff --git a/home/modules/programs/default.nix b/home/modules/programs/default.nix index 51ce6b1..e631004 100644 --- a/home/modules/programs/default.nix +++ b/home/modules/programs/default.nix @@ -30,5 +30,6 @@ ./fzf.nix ./eza.nix ./ion.nix + ./alacritty ]; } diff --git a/nixos/modules/gui/niri.nix b/nixos/modules/gui/niri.nix index dd23430..54e71e8 100644 --- a/nixos/modules/gui/niri.nix +++ b/nixos/modules/gui/niri.nix @@ -29,7 +29,7 @@ in { terminal-exec = { enable = true; settings = { - default = ["com.mitchellh.ghostty.desktop"]; + default = ["Alacritty.desktop"]; }; }; mime = { From eb57fb5da2dc7dd10104f79a7fa4d90e29d401b3 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 21/23] module(helix): Change helix theme to gruvbox_dark_soft --- home/modules/programs/helix/config.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/modules/programs/helix/config.toml b/home/modules/programs/helix/config.toml index 0f1705e..df1b944 100644 --- a/home/modules/programs/helix/config.toml +++ b/home/modules/programs/helix/config.toml @@ -1,4 +1,4 @@ -theme = "ayu_dark" +theme = "gruvbox_dark_hard" [editor] line-number = "relative" From 7809c5c6063b1c08607d1884d5cc9a4193ddf575 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 22/23] module(lix): Use new ref to fix cve instead of patch and sync flake inputs --- flake.lock | 128 ++++----- flake.nix | 2 +- overlays/modifications/default.nix | 2 - overlays/modifications/fix-lix/default.nix | 5 - .../fix-lix/fix-cve-2025-52992.diff | 267 ------------------ 5 files changed, 65 insertions(+), 339 deletions(-) delete mode 100644 overlays/modifications/fix-lix/default.nix delete mode 100644 overlays/modifications/fix-lix/fix-cve-2025-52992.diff diff --git a/flake.lock b/flake.lock index d83cf0b..1ea5788 100644 --- a/flake.lock +++ b/flake.lock @@ -96,11 +96,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1750854959, - "narHash": "sha256-aL8Nu/gDUwMZpCsf1Crx+tT24yE+Fa8n0+hVjFKOpQQ=", + "lastModified": 1751243689, + "narHash": "sha256-yWwH1pb06X9r9qmJCqLrsUpT+1lI+CEAD30MpaJ7FVU=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "c417f3d4efc3042682c54631c975d554481a3bdb", + "rev": "b9f4e747234d73a7e9c45ba0c30cbb46311dbdf3", "type": "github" }, "original": { @@ -163,11 +163,11 @@ ] }, "locked": { - "lastModified": 1750680230, - "narHash": "sha256-kD88T/NqmcgfOBFAwphN30ccaUdj6K6+LG0XdM2w2LA=", + "lastModified": 1750903843, + "narHash": "sha256-Ng9+f0H5/dW+mq/XOKvB9uwvGbsuiiO6HrPdAcVglCs=", "owner": "nix-community", "repo": "disko", - "rev": "8fd2d6c75009ac75f9a6fb18c33a239806778d01", + "rev": "83c4da299c1d7d300f8c6fd3a72ac46cb0d59aae", "type": "github" }, "original": { @@ -393,11 +393,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1750857684, - "narHash": "sha256-pbF4oz+HZE/rXsm9YOOA9aV/QnwTvc0zHDTpkaHpYK4=", + "lastModified": 1751148058, + "narHash": "sha256-8Zvw/xGpWtOXtz7l1ZDIHsX/TSnc34p38CEnYANwzRk=", "owner": "helix-editor", "repo": "helix", - "rev": "c3c4895179d4bc5a00e22fdf129d41c1af96226a", + "rev": "f75d71844f27a13b313603af42c58a5c6d6b608e", "type": "github" }, "original": { @@ -415,11 +415,11 @@ ] }, "locked": { - "lastModified": 1750730235, - "narHash": "sha256-rZErlxiV7ssvI8t7sPrKU+fRigNc2KvoKZG3gtUtK50=", + "lastModified": 1751238753, + "narHash": "sha256-hJUPWfz/h+QgXKaKovPwFAdNBnALsvVMggAPgBB+Qvw=", "owner": "nix-community", "repo": "home-manager", - "rev": "d07e9cceb4994ed64a22b9b36f8b76923e87ac38", + "rev": "cab8104e9236fab1eb9a702165454ffed353c20f", "type": "github" }, "original": { @@ -435,11 +435,11 @@ ] }, "locked": { - "lastModified": 1750798083, - "narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=", + "lastModified": 1751239699, + "narHash": "sha256-zA1uUdAq3c26fHm26xMWMuF5COhI18EzaH7az/P2OWM=", "owner": "nix-community", "repo": "home-manager", - "rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82", + "rev": "f6deff178cc4d6049d30785dbfc831e6c6e3a219", "type": "github" }, "original": { @@ -473,11 +473,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1750762203, - "narHash": "sha256-LmQhjQ7c+AOkwhvR9GFgJOy8oHW35MoQRELtrwyVnPw=", - "rev": "38b358ce27203f972faa2973cf44ba80c758f46e", + "lastModified": 1751235704, + "narHash": "sha256-J4ycLoXHPsoBoQtEXFCelL4xlq5pT8U9tNWNKm43+YI=", + "rev": "1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/38b358ce27203f972faa2973cf44ba80c758f46e.tar.gz?rev=38b358ce27203f972faa2973cf44ba80c758f46e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6.tar.gz?rev=1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6" }, "original": { "type": "tarball", @@ -496,16 +496,16 @@ ] }, "locked": { - "lastModified": 1750776670, - "narHash": "sha256-EfA5K5EZAnspmraJrXQlziffVpaT+QDBiE6yKmuaNNQ=", - "ref": "release-2.93", - "rev": "c3c78a32273e89d28367d8605a4c880f0b6607e3", - "revCount": 146, + "lastModified": 1751240025, + "narHash": "sha256-SXUAlxpjPRkArRMHy5+Hdi+PiC+ND9yzzIjiaHmTvQU=", + "ref": "2.93.2-1", + "rev": "8b1094356f4723d6e89d3f8a95b333ee16d9ab02", + "revCount": 147, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, "original": { - "ref": "release-2.93", + "ref": "2.93.2-1", "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" } @@ -522,11 +522,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1750847367, - "narHash": "sha256-BQzKA0b7B73PRwgQLEs37w1YhLdCm49GB2RhR0Xjt0Y=", + "lastModified": 1751232679, + "narHash": "sha256-ljpyZxr5cHjJEXItXCoJVXJ+fiHTW1Ft0fPgEY72K5A=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "bde02c6f392a7bfd487352a537183ebf2da7f53b", + "rev": "d9b7ff985e454c1b3d2af1c5d09e799ecd38902d", "type": "github" }, "original": { @@ -599,11 +599,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1750849699, - "narHash": "sha256-MzTjtv7AcRwJRoU9shc+B3tW4Rr/HkdI+st3ThKVo+w=", + "lastModified": 1751195306, + "narHash": "sha256-rcrO38Qo9gDDWkEF8ZePf1mPw+MM42DgiK66eDH8i+U=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "cfc96e2a5e57cbe1831c4b44f63cd66eb7743e42", + "rev": "0968e4f05337f6f2043b394b452ae0d38a4d5923", "type": "github" }, "original": { @@ -630,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1750741721, - "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", + "lastModified": 1751011381, + "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4b1164c3215f018c4442463a27689d973cffd750", + "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7", "type": "github" }, "original": { @@ -661,11 +661,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1750622754, - "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", + "lastModified": 1750969886, + "narHash": "sha256-zW/OFnotiz/ndPFdebpo3X0CrbVNf22n4DjN2vxlb58=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", + "rev": "a676066377a2fe7457369dd37c31fd2263b662f4", "type": "github" }, "original": { @@ -677,11 +677,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1750646418, - "narHash": "sha256-4UAN+W0Lp4xnUiHYXUXAPX18t+bn6c4Btry2RqM9JHY=", + "lastModified": 1750877742, + "narHash": "sha256-OrCy70x59VaBHxPZnm6A1wvQSdJvTz4i8Ngx40UeApI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1f426f65ac4e6bf808923eb6f8b8c2bfba3d18c5", + "rev": "f25c1bd2a6b33a4b1aa7aff56a94e0daab3773f0", "type": "github" }, "original": { @@ -693,11 +693,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1750741721, - "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", + "lastModified": 1751011381, + "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4b1164c3215f018c4442463a27689d973cffd750", + "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7", "type": "github" }, "original": { @@ -709,11 +709,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1750741721, - "narHash": "sha256-Z0djmTa1YmnGMfE9jEe05oO4zggjDmxOGKwt844bUhE=", + "lastModified": 1751011381, + "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4b1164c3215f018c4442463a27689d973cffd750", + "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7", "type": "github" }, "original": { @@ -768,11 +768,11 @@ "nur-rycee": { "flake": false, "locked": { - "lastModified": 1750824237, - "narHash": "sha256-jrJs7RMjB2P/V4y0n8qtN6EU5vId9W+6/le2XcRPg+4=", + "lastModified": 1751169806, + "narHash": "sha256-bq+FVbQZ61yhQP0Bb2bgBtu1Bidn4iaJfMCDqNkEQmQ=", "owner": "rycee", "repo": "nur-expressions", - "rev": "6d3d0527e3e273e9aaef9f5c433ef8046245fbb2", + "rev": "0dc3533f67cde2f338b5dd8c8b382c95c3287785", "type": "gitlab" }, "original": { @@ -812,11 +812,11 @@ ] }, "locked": { - "lastModified": 1750732748, - "narHash": "sha256-HR2b3RHsPeJm+Fb+1ui8nXibgniVj7hBNvUbXEyz0DU=", + "lastModified": 1751165203, + "narHash": "sha256-3QhlpAk2yn+ExwvRLtaixWsVW1q3OX3KXXe0l8VMLl4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "4b4494b2ba7e8a8041b2e28320b2ee02c115c75f", + "rev": "90f547b90e73d3c6025e66c5b742d6db51c418c3", "type": "github" }, "original": { @@ -854,11 +854,11 @@ ] }, "locked": { - "lastModified": 1750819193, - "narHash": "sha256-XvkupGPZqD54HuKhN/2WhbKjAHeTl1UEnWspzUzRFfA=", + "lastModified": 1751165203, + "narHash": "sha256-3QhlpAk2yn+ExwvRLtaixWsVW1q3OX3KXXe0l8VMLl4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "1ba3b9c59b68a4b00156827ad46393127b51b808", + "rev": "90f547b90e73d3c6025e66c5b742d6db51c418c3", "type": "github" }, "original": { @@ -915,11 +915,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1750862951, - "narHash": "sha256-oUhnj0mzeSAX3IFaWn6LKLbmuFeNd7ulIAkxf0Jc07A=", + "lastModified": 1751145558, + "narHash": "sha256-OPlbpH64jzIspYqvJB96tnN9V9HBlAxROS5ijQwtN70=", "owner": "nix-community", "repo": "stylix", - "rev": "37b8c5f68086f36a109074c3fedebbbf8c20ecda", + "rev": "3a09d3f5cb940fa4142a2f3415b508a8be92b721", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1749194973, - "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=", + "lastModified": 1750931469, + "narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5", + "rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1", "type": "github" }, "original": { @@ -1099,11 +1099,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1750821680, - "narHash": "sha256-Bu5unTxnqok2RoU5P394Gh0vRaoyI/5xlOOJDF6akrc=", + "lastModified": 1751228685, + "narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "2e7c318ac2bbf699b6ab92ef91e661e16415dfac", + "rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f99dc15..00b162e 100644 --- a/flake.nix +++ b/flake.nix @@ -39,7 +39,7 @@ # nixpkgs.follows = "nixos-cosmic/nixpkgs"; lix-module = { - url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.93"; + url = "git+https://git.lix.systems/lix-project/nixos-module?ref=2.93.2-1"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; diff --git a/overlays/modifications/default.nix b/overlays/modifications/default.nix index a555650..2f18ea8 100644 --- a/overlays/modifications/default.nix +++ b/overlays/modifications/default.nix @@ -11,8 +11,6 @@ in # ./QQ.nix ./helix.nix ./cliphist.nix - - ./fix-lix ] |> map (file: import file args) |> (overlays: (lib.composeManyExtensions overlays) final prev) diff --git a/overlays/modifications/fix-lix/default.nix b/overlays/modifications/fix-lix/default.nix deleted file mode 100644 index c1aa41c..0000000 --- a/overlays/modifications/fix-lix/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: _final: prev: { - lix = prev.lix.overrideAttrs { - patches = [./fix-cve-2025-52992.diff]; - }; -} diff --git a/overlays/modifications/fix-lix/fix-cve-2025-52992.diff b/overlays/modifications/fix-lix/fix-cve-2025-52992.diff deleted file mode 100644 index a9d1b71..0000000 --- a/overlays/modifications/fix-lix/fix-cve-2025-52992.diff +++ /dev/null @@ -1,267 +0,0 @@ -diff --git a/doc/manual/rl-next/correct-cleanup-redirected-stores.md b/doc/manual/rl-next/correct-cleanup-redirected-stores.md -new file mode 100644 -index 000000000..a5d4a55a8 ---- /dev/null -+++ b/doc/manual/rl-next/correct-cleanup-redirected-stores.md -@@ -0,0 +1,18 @@ -+--- -+synopsis: "Correct cleanup in redirected stores" -+issues: [] -+cls: [3493] -+category: "Fixes" -+credits: ["horrors"] -+--- -+ -+Following CVE-2025-52992, the Lix team implemented automatic cleanup of -+*scratch outputs*, store paths written but not yet registered (e.g. -+`/nix/store/...`). -+ -+In setups using redirected stores, cleanup was mistakenly applied to the -+logical store path (always under `/nix/store`) rather than the actual physical -+location on disk. -+ -+This could result in accidental deletion from the system -+store instead of the intended redirected store. -diff --git a/doc/manual/rl-next/infallible-build-dirs.md b/doc/manual/rl-next/infallible-build-dirs.md -new file mode 100644 -index 000000000..563d4fcde ---- /dev/null -+++ b/doc/manual/rl-next/infallible-build-dirs.md -@@ -0,0 +1,25 @@ -+--- -+synopsis: "Fallback to safe temp dir when build-dir is unwritable" -+issues: [fj#876] -+cls: [3501] -+category: "Fixes" -+credits: ["raito", "horrors"] -+--- -+ -+Non-daemon builds started failing with a permission error after introducing the `build-dir` option: -+ -+``` -+$ nix build --store ~/scratch nixpkgs#hello --rebuild -+error: creating directory '/nix/var/nix/builds/nix-build-hello-2.12.2.drv-0': Permission denied -+``` -+ -+This happens because: -+ -+1. These builds are not run via the daemon, which owns `/nix/var/nix/builds`. -+2. The user lacks permissions for that path. -+ -+We considered making `build-dir` a store-level option and defaulting it to `/nix/var/nix/builds` for chroot stores, but opted instead for a fallback: if the default fails, Nix now creates a safe build directory under `/tmp`. -+ -+To avoid CVE-2025-52991, the fallback uses an extra path component between `/tmp` and the build dir. -+ -+**Note**: this fallback clutters `/tmp` with build directories that are not cleaned up. To prevent this, explicitly set `build-dir` to a path managed by Lix, even for local workloads. -diff --git a/doc/manual/rl-next/valid-outputs-deletion.md b/doc/manual/rl-next/valid-outputs-deletion.md -new file mode 100644 -index 000000000..f56112f41 ---- /dev/null -+++ b/doc/manual/rl-next/valid-outputs-deletion.md -@@ -0,0 +1,22 @@ -+--- -+synopsis: "Do not delete valid outputs after build" -+issues: [fj#883] -+cls: [3494] -+category: "Fixes" -+credits: ["horrors"] -+--- -+ -+In response to CVE-2025-52992, the Lix team introduced automatic deletion of -+*scratch outputs*, store paths written but not yet registered (e.g. in -+`/nix/store`). -+ -+However, the control flow distinguishing scratch outputs from valid ones is -+complex. A logic error caused valid outputs, especially those obtained via -+closure copies (e.g. remote builds), to be deleted post-build. -+ -+This led to breakage in Lix and could potentially render entire systems -+unusable by removing critical libraries. -+ -+We are sorry for the severity of this bug and are taking steps to prevent its -+recurrence. If your system is affected, please reach out on our support -+channels for recovery assistance. -diff --git a/lix/libstore/build/local-derivation-goal.cc b/lix/libstore/build/local-derivation-goal.cc -index c866a3b66..247943e5c 100644 ---- a/lix/libstore/build/local-derivation-goal.cc -+++ b/lix/libstore/build/local-derivation-goal.cc -@@ -487,17 +487,47 @@ try { - }); - } - -- createDirs(settings.buildDir.get()); -- -- /* Create a temporary directory where the build will take -- place. */ -- tmpDir = createTempDir( -- settings.buildDir.get(), -- "nix-build-" + std::string(drvPath.name()), -- false, -- false, -- 0700 -- ); -+ try { -+ auto buildDir = worker.buildDirOverride.value_or(settings.buildDir.get()); -+ -+ createDirs(buildDir); -+ -+ /* Create a temporary directory where the build will take -+ place. */ -+ tmpDir = -+ createTempDir(buildDir, "nix-build-" + std::string(drvPath.name()), false, false, 0700); -+ } catch (SysError & e) { -+ /* -+ * Fallback to the global tmpdir and create a safe space there -+ * only if it's a permission error. -+ */ -+ if (e.errNo != EACCES) { -+ throw; -+ } -+ -+ auto globalTmp = defaultTempDir(); -+ createDirs(globalTmp); -+#if __APPLE__ -+ /* macOS filesystem namespacing does not exist, to avoid breaking builds, we need to weaken -+ * the mode bits on the top-level directory. This avoids issues like -+ * https://github.com/NixOS/nix/pull/11031. */ -+ constexpr int toplevelDirMode = 0755; -+#else -+ constexpr int toplevelDirMode = 0700; -+#endif -+ auto nixBuildsTmp = -+ createTempDir(globalTmp, fmt("nix-builds-%s", geteuid()), false, false, toplevelDirMode); -+ warn( -+ "Failed to use the system-wide build directory '%s', falling back to a temporary " -+ "directory inside '%s'", -+ settings.buildDir.get(), -+ nixBuildsTmp -+ ); -+ worker.buildDirOverride = nixBuildsTmp; -+ tmpDir = createTempDir( -+ nixBuildsTmp, "nix-build-" + std::string(drvPath.name()), false, false, 0700 -+ ); -+ } - /* The TOCTOU between the previous mkdir call and this open call is unavoidable due to - * POSIX semantics.*/ - tmpDirFd = AutoCloseFD{open(tmpDir.c_str(), O_RDONLY | O_NOFOLLOW | O_DIRECTORY)}; -@@ -538,7 +568,9 @@ try { - /* Schedule this scratch output path for automatic deletion - * if we do not cancel it, e.g. when registering the outputs. - */ -- scratchOutputsCleaner.insert_or_assign(outputName, worker.store.printStorePath(scratchPath)); -+ scratchOutputsCleaner.emplace( -+ outputName, worker.store.toRealPath(worker.store.printStorePath(scratchPath)) -+ ); - - /* Substitute output placeholders with the scratch output paths. - We'll use during the build. */ -@@ -1739,6 +1771,11 @@ try { - before this for loop. */ - if (*scratchPath != finalStorePath) - outputRewrites[std::string { scratchPath->hashPart() }] = std::string { finalStorePath.hashPart() }; -+ /* Cancel automatic deletion of that output if it was a scratch output that we just -+ * registered. */ -+ if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { -+ cleaner.mapped().cancel(); -+ } - }; - - auto orifu = get(outputReferencesIfUnregistered, outputName); -@@ -2063,10 +2100,6 @@ try { - the next iteration */ - if (newInfo.ca) { - TRY_AWAIT(localStore.registerValidPaths({{newInfo.path, newInfo}})); -- /* Cancel automatic deletion of that output if it was a scratch output. */ -- if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { -- cleaner.mapped().cancel(); -- } - } - - infos.emplace(outputName, std::move(newInfo)); -@@ -2107,13 +2140,6 @@ try { - infos2.insert_or_assign(newInfo.path, newInfo); - } - TRY_AWAIT(localStore.registerValidPaths(infos2)); -- -- /* Cancel automatic deletion of that output if it was a scratch output that we just registered. */ -- for (auto & [outputName, _ ] : infos) { -- if (auto cleaner = scratchOutputsCleaner.extract(outputName)) { -- cleaner.mapped().cancel(); -- } -- } - } - - /* In case of a fixed-output derivation hash mismatch, throw an -diff --git a/lix/libstore/build/worker.hh b/lix/libstore/build/worker.hh -index 7fc3d1fe9..d9dc36e34 100644 ---- a/lix/libstore/build/worker.hh -+++ b/lix/libstore/build/worker.hh -@@ -195,6 +195,7 @@ public: - Store & store; - Store & evalStore; - AsyncSemaphore substitutions, localBuilds; -+ std::optional buildDirOverride; - - private: - kj::TaskSet children; -diff --git a/tests/functional/build.sh b/tests/functional/build.sh -index 58fba83aa..fc83f61f3 100644 ---- a/tests/functional/build.sh -+++ b/tests/functional/build.sh -@@ -174,3 +174,8 @@ test "$(<<<"$out" grep -E '^error:' | wc -l)" = 3 - <<<"$out" grepQuiet -E "error: 2 dependencies of derivation '.*-x4\\.drv' failed to build" - <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x3\\.drv'" - <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x2\\.drv'" -+ -+# Ensure when if the system build dir is inaccessible, we can still build things -+BUILD_DIR=$(mktemp -d) -+chmod 0000 "$BUILD_DIR" -+nix --build-dir "$BUILD_DIR" build -E 'with import ./config.nix; mkDerivation { name = "test"; buildCommand = "echo rawr > $out"; }' --impure --no-link -diff --git a/tests/functional/linux-sandbox.sh b/tests/functional/linux-sandbox.sh -index 82f363a09..526605e5f 100644 ---- a/tests/functional/linux-sandbox.sh -+++ b/tests/functional/linux-sandbox.sh -@@ -81,3 +81,10 @@ testCert present fixed-output "$certsymlink" - - # Symlinks should be added in the sandbox directly and not followed - nix-sandbox-build symlink-derivation.nix -+ -+# Regression fj#883: derivations outputs disappearing after rebuild -+# build the derivation for both its outputs and delete one of them. -+# simulates substitution or copying only one output from a builder. -+nix-store --delete $(nix-sandbox-build --no-out-link ./regression-fj883.nix -A base.lib) -+# build a derivation depending on previous one. this should succeed -+nix-sandbox-build --no-out-link ./regression-fj883.nix -A downstream -diff --git a/tests/functional/regression-fj883.nix b/tests/functional/regression-fj883.nix -new file mode 100644 -index 000000000..2317145b7 ---- /dev/null -+++ b/tests/functional/regression-fj883.nix -@@ -0,0 +1,15 @@ -+with import ./config.nix; -+ -+rec { -+ base = mkDerivation { -+ name = "base"; -+ outputs = [ "out" "lib" ]; -+ buildCommand = "echo > $out; echo > $lib"; -+ }; -+ -+ downstream = mkDerivation { -+ name = "downstream"; -+ deps = [ base.out base.lib ]; -+ buildCommand = "echo $deps > $out"; -+ }; -+} -diff --git a/version.json b/version.json -index 22b83defe..a39a6e7e2 100644 ---- a/version.json -+++ b/version.json -@@ -1,5 +1,5 @@ - { -- "version": "2.93.1", -- "official_release": true, -+ "version": "2.93.2", -+ "official_release": false, - "release_name": "Bici Bici" - } From 3c8b25c77eb402d06882fe7179e26841f55e8e01 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 24 Jun 2025 21:42:12 +0800 Subject: [PATCH 23/23] module(mime): Add evince as default pdf reader --- nixos/modules/gui/niri.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/modules/gui/niri.nix b/nixos/modules/gui/niri.nix index 54e71e8..e47747b 100644 --- a/nixos/modules/gui/niri.nix +++ b/nixos/modules/gui/niri.nix @@ -35,6 +35,9 @@ in { mime = { enable = true; defaultApplications = { + "application/pdf" = [ + "org.gnome.Evince.desktop" + ]; "inode/directory" = [ "com.system76.CosmicFiles.desktop" ];