refactor: Move nixpkgs attribute to third_party.nixpkgs

Please read b/108 to make sense of this. This gets rid of the explicit list of exposed packages from nixpkgs, and instead makes the entire package set available at `third_party.nixpkgs`. To accommodate this, a LOT of things have to be very slightly shuffled around. Some of this was done in already submitted CLs, but this change is unfortunately still quite noisy. Pay extra attention to: * overlay-like functionality that was partially moved to actual overlays (partially as in, the minimum required to get a green build) * modified uses of the package set path, esp. in NixOS systems Special notes: * xanthous has been disabled in CI because of issues with the Haskell overlay * //third_party/nix has been disabled because of other unclear dependency issues Both of these will be tackled in a followup CL. Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-04-10 18:05:16 +02:00 · 2021-04-10 18:05:16 +02:00 · 473604f567
commit 473604f567
parent a83abc9024
46 changed files with 276 additions and 488 deletions
--- a/users/Profpatsch/writers/tests/default.nix
+++ b/users/Profpatsch/writers/tests/default.nix
@ -1,4 +1,4 @@
-{ depot, ... }:
+{ depot, pkgs, ... }:

 let
  inherit (depot.users.Profpatsch.writers)
@ -9,7 +9,7 @@ let
    rustSimpleBin
    ;

-  inherit (depot.third_party)
+  inherit (pkgs)
    coreutils
    ;

--- a/users/glittershark/achilles/default.nix
+++ b/users/glittershark/achilles/default.nix
@ -1,6 +1,6 @@
-{ pkgs, ... }:
+{ depot, pkgs, ... }:

-pkgs.naersk.buildPackage {
+depot.third_party.naersk.buildPackage {
  src = ./.;

  buildInputs = with pkgs; [
--- a/users/glittershark/owothia/default.nix
+++ b/users/glittershark/owothia/default.nix
@ -1,4 +1,6 @@
-{ pkgs ? (import ../../../. {}).third_party, ... }:
+{ depot ? (import ../../../. {})
+, pkgs ? depot.third_party.nixpkgs
+, ... }:

 pkgs.haskellPackages.callCabal2nix "owothia"
-  (pkgs.gitignoreSource ./.) { }
+  (depot.third_party.gitignoreSource ./.) { }
--- a/users/glittershark/pkgs/fprintd/default.nix
+++ b/users/glittershark/pkgs/fprintd/default.nix
@ -1,9 +1,11 @@
-args @ { pkgs, ... }:
+{ depot, pkgs, ... }:

 let
-  nixpkgs = import pkgs.nixpkgsSrc {
+  nixpkgs = import pkgs.path {
    config.allowUnfree = true;
    overlays = [(self: super: {
+      # TODO(grfn): Can we not override this here? It bootstraps
+      # rustc, builds firefox, and many other things.
      gcc = super.gcc9;
    })];
  };
--- a/users/glittershark/system/home/default.nix
+++ b/users/glittershark/system/home/default.nix
@ -3,15 +3,13 @@
 with lib;

 rec {
-  nixpkgs = import pkgs.nixpkgsSrc {};
-
-  home = confPath: (import "${nixpkgs.home-manager.src}/modules" {
-    pkgs = nixpkgs;
+  home = confPath: (import "${pkgs.home-manager.src}/modules" {
+    inherit pkgs;
    configuration = { config, lib, ... }: {
      imports = [confPath];

      _module.args.pkgs = mkForce
-        (import pkgs.nixpkgsSrc (filterAttrs (n: v: v != null) config.nixpkgs));
+        (import pkgs.path (filterAttrs (n: v: v != null) config.nixpkgs));

      lib.depot = depot;
    };
--- a/users/glittershark/system/home/modules/development.nix
+++ b/users/glittershark/system/home/modules/development.nix
@ -54,7 +54,7 @@ with lib;
    gdb
    lldb
    hyperfine
-    config.lib.depot.third_party.clang-tools
+    clang-tools

    clj2nix
    clojure
--- a/users/glittershark/system/system/default.nix
+++ b/users/glittershark/system/system/default.nix
@ -1,19 +1,15 @@
 args @ { depot, pkgs, ... }:

-let
-  nixpkgs = import pkgs.nixpkgsSrc {};
-in
-
 rec {
  chupacabra = import ./machines/chupacabra.nix;

-  chupacabraSystem = (pkgs.nixos {
+  chupacabraSystem = (depot.third_party.nixos {
    configuration = chupacabra;
  }).system;

  mugwump = import ./machines/mugwump.nix;

-  mugwumpSystem = (pkgs.nixos {
+  mugwumpSystem = (depot.third_party.nixos {
    configuration = mugwump;
  }).system;

@ -22,14 +18,14 @@ rec {
  roswellSystem = (depot.ops.nixos.nixosFor ({ ... }: {
    imports = [
      ./machines/roswell.nix
-      "${nixpkgs.home-manager.src}/nixos"
+      "${pkgs.home-manager.src}/nixos"
    ];

    home-manager.users.grfn = { config, lib, ... }: {
      imports = [ ../home/machines/roswell.nix ];
      lib.depot = depot;
      _module.args.pkgs = lib.mkForce
-        (import pkgs.nixpkgsSrc
+        (import pkgs.path
          (lib.filterAttrs (n: v: v != null) config.nixpkgs));
    };
  })).system;
@ -60,7 +56,7 @@ rec {
          system=$(nix-build -E '(import ${depotPath} {}).users.glittershark.system.system.${hostname}' --no-out-link)
          ;;
      '';
-    in depot.third_party.writeShellScriptBin "rebuilder" ''
+    in pkgs.writeShellScriptBin "rebuilder" ''
      set -ue
      if [[ $EUID -ne 0 ]]; then
        echo "Oh no! Only root is allowed to rebuild the system!" >&2
--- a/users/glittershark/system/system/iso.nix
+++ b/users/glittershark/system/system/iso.nix
@ -1,17 +1,17 @@
-{ pkgs, ... }:
+{ depot, lib, pkgs, ... }:

 let
  configuration = { ... }: {
    imports = [
-      "${pkgs.nixpkgsSrc}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel.nix"
-      "${pkgs.nixpkgsSrc}/nixos/modules/installer/cd-dvd/channel.nix"
+      "${pkgs.path}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel.nix"
+      "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix"
    ];

    networking.networkmanager.enable = true;
    networking.useDHCP = false;
    networking.firewall.enable = false;
-    networking.wireless.enable = pkgs.lib.mkForce false;
+    networking.wireless.enable = lib.mkForce false;
  };
-in (pkgs.nixos {
+in (depot.third_party.nixos {
  inherit configuration;
 }).config.system.build.isoImage
--- a/users/glittershark/xanthous/default.nix
+++ b/users/glittershark/xanthous/default.nix
@ -4,4 +4,6 @@
 }:
 pkgs.haskell.lib.failOnAllWarnings (
  pkgs.haskellPackages.callPackage (import ./pkg.nix { inherit pkgs; }) {}
-)
+) // {
+  meta.ci = false;
+}
--- a/users/glittershark/xanthous/pkg.nix
+++ b/users/glittershark/xanthous/pkg.nix
@ -1,10 +1,10 @@
-{ pkgs ? (import ../../../. {}).third_party }:
+{ depot ? (import ../../../. {})
+, pkgs ? depot.third_party.nixpkgs
+, ... }:

 let
-  ignore = pkgs.gitignoreSource.gitignoreFilter ./.;
-in
-
-import (pkgs.haskellPackages.haskellSrc2nix {
+  ignore = depot.third_party.gitignoreSource.gitignoreFilter ./.;
+in import (pkgs.haskellPackages.haskellSrc2nix {
  name = "xanthous";
  src = builtins.path {
    name = "xanthous-source";
--- a/users/tazjin/aoc2020/default.nix
+++ b/users/tazjin/aoc2020/default.nix
@ -1,7 +1,7 @@
 # Solutions for Advent of Code 2020, written in Emacs Lisp.
 #
 # For each day a new file is created as "solution-day$n.el".
-{ depot, ... }:
+{ depot, pkgs, ... }:

 let
  inherit (builtins) attrNames filter head listToAttrs match readDir;
@ -16,7 +16,7 @@ let
      deps = p: with p; [ dash s ht p.f ];
      src = ./. + ("/" + f);
  }) solutionFiles;
-in depot.third_party.symlinkJoin {
+in pkgs.symlinkJoin {
  name = "aoc2020";
  paths = solutions;
 }
--- a/users/tazjin/atom-feed/default.nix
+++ b/users/tazjin/atom-feed/default.nix
@ -1,13 +1,13 @@
 # This file defines functions for generating an Atom feed.

-{ depot, lib, ... }:
+{ depot, lib, pkgs, ... }:

 with depot.nix.yants;

 let
  inherit (builtins) map readFile replaceStrings;
  inherit (lib) concatStrings concatStringsSep removeSuffix;
-  inherit (depot.third_party) runCommandNoCC;
+  inherit (pkgs) runCommandNoCC;

  # 'link' describes a related link to a feed, or feed element.
  #
--- a/users/tazjin/blog/default.nix
+++ b/users/tazjin/blog/default.nix
@ -2,7 +2,7 @@
 # files in this repository.
 #
 # All blog posts are rendered from Markdown by cheddar.
-{ depot, lib, ... }@args:
+{ depot, lib, pkgs, ... }@args:

 with depot.nix.yants;

@ -36,7 +36,7 @@ let
  posts = list post (import ./posts.nix);
  fragments = import ./fragments.nix args;

-  rendered = depot.third_party.runCommandNoCC "tazjins-blog" {} ''
+  rendered = pkgs.runCommandNoCC "tazjins-blog" {} ''
    mkdir -p $out

    ${lib.concatStringsSep "\n" (map (post:
--- a/users/tazjin/blog/fragments.nix
+++ b/users/tazjin/blog/fragments.nix
@ -7,11 +7,11 @@
 #
 # The post index is generated by //users/tazjin/homepage, not by this
 # code.
-{ depot, lib, ... }:
+{ depot, lib, pkgs, ... }:

 let
  inherit (builtins) filter map hasAttr replaceStrings;
-  inherit (depot.third_party) runCommandNoCC writeText;
+  inherit (pkgs) runCommandNoCC writeText;
  inherit (depot.users.tazjin) renderMarkdown;

  # Generate a post list for all listed, non-draft posts.
--- a/users/tazjin/dt/default.nix
+++ b/users/tazjin/dt/default.nix
@ -1,13 +1,11 @@
 { depot, pkgs, ... }:

-let
-  stdenv = with pkgs; overrideCC clangStdenv clang_11;
-  abseil_cpp = pkgs.abseil_cpp;
+let stdenv = with pkgs; overrideCC clangStdenv clang_11;
 in stdenv.mkDerivation {
  name = "dt";
  src = ./.;
  nativeBuildInputs = [ pkgs.cmake ];
-  buildInputs = with pkgs; [
+  buildInputs = with depot.third_party; [
    abseil_cpp
    farmhash
  ];
--- a/users/tazjin/emacs/default.nix
+++ b/users/tazjin/emacs/default.nix
@ -10,12 +10,10 @@
 { depot, lib, pkgs, ... }:

 let
-  inherit (depot) third_party;
-
-  emacsWithPackages = (third_party.emacsPackagesGen third_party.emacs27).emacsWithPackages;
+  emacsWithPackages = (pkgs.emacsPackagesGen pkgs.emacs27).emacsWithPackages;

  # $PATH for binaries that need to be available to Emacs
-  emacsBinPath = lib.makeBinPath [ third_party.emacsPackages.telega ];
+  emacsBinPath = lib.makeBinPath [ pkgs.emacsPackages.telega ];

  identity = x: x;

@ -109,7 +107,7 @@ let
    depot.third_party.emacs.vterm
    depot.third_party.emacs.explain-pause-mode
  ]))));
-in lib.fix(self: l: f: third_party.writeShellScriptBin "tazjins-emacs" ''
+in lib.fix(self: l: f: pkgs.writeShellScriptBin "tazjins-emacs" ''
  export PATH="${emacsBinPath}:$PATH"
  exec ${tazjinsEmacs f}/bin/emacs \
    --debug-init \
@ -129,7 +127,7 @@ in lib.fix(self: l: f: third_party.writeShellScriptBin "tazjins-emacs" ''

    # Build a derivation that uses the specified local Emacs (i.e.
    # built outside of Nix) instead
-    withLocalEmacs = emacsBin: third_party.writeShellScriptBin "tazjins-emacs" ''
+    withLocalEmacs = emacsBin: pkgs.writeShellScriptBin "tazjins-emacs" ''
      export PATH="${emacsBinPath}:$PATH"
      export EMACSLOADPATH="${(tazjinsEmacs f).deps}/share/emacs/site-lisp:"
      exec ${emacsBin} \
--- a/users/tazjin/homepage/default.nix
+++ b/users/tazjin/homepage/default.nix
@ -5,14 +5,14 @@
 # elements for things such as blog posts and projects.
 #
 # Content for the blog is in //users/tazjin/blog instead of here.
-{ depot, lib, ... }@args:
+{ depot, lib, pkgs, ... }@args:

 with depot;
 with nix.yants;

 let
  inherit (builtins) readFile replaceStrings sort;
-  inherit (third_party) writeFile runCommandNoCC;
+  inherit (pkgs) writeFile runCommandNoCC;

  # The different types of entries on the homepage.
  entryClass = enum "entryClass" [ "blog" "project" "misc" ];
@ -58,7 +58,7 @@ let
    </a>
  '');

-  index = entries: third_party.writeText "index.html" (lib.concatStrings (
+  index = entries: pkgs.writeText "index.html" (lib.concatStrings (
    [ (builtins.readFile ./header.html) ]
    ++ (map entryToDiv (sort (a: b: a.date > b.date) entries))
    ++ [ (builtins.readFile ./footer.html) ]
--- a/users/tazjin/nixos/camden/default.nix
+++ b/users/tazjin/nixos/camden/default.nix
@ -2,7 +2,7 @@
 { depot, pkgs, lib, ... }:

 config: let
-  nixpkgs = import depot.third_party.nixpkgsSrc {
+  nixpkgs = import pkgs.path {
    config.allowUnfree = true;
  };

@ -85,7 +85,7 @@ in lib.fix(self: {

    nixPath = [
      "depot=/home/tazjin/depot"
-      "nixpkgs=${depot.third_party.nixpkgsSrc}"
+      "nixpkgs=${pkgs.path}"
    ];

    trustedUsers = [ "root" "tazjin" ];
@ -131,7 +131,6 @@ in lib.fix(self: {
    (with depot; [
      fun.idual.script
      fun.idual.setAlarm
-      third_party.pounce
    ]) ++

    # programs from nixpkgs
--- a/users/tazjin/nixos/frog/default.nix
+++ b/users/tazjin/nixos/frog/default.nix
@ -1,23 +1,20 @@
-{ depot, lib, ... }:
+{ depot, lib, pkgs, ... }:

 config: let
  inherit (depot.third_party) lieer;
-  nixpkgs = import depot.third_party.nixpkgsSrc {
-    config.allowUnfree = true;
-  };

  # add google-c-style here because other machines get it from, eh,
  # elsewhere.
  frogEmacs = (depot.users.tazjin.emacs.overrideEmacs(epkgs: epkgs ++ [
-    depot.third_party.emacsPackages.google-c-style
+    pkgs.emacsPackages.google-c-style
  ]));

-  quasselClient = depot.third_party.quassel.override {
+  quasselClient = pkgs.quassel.override {
    client = true;
    enableDaemon = false;
    monolithic = false;
  };
-in depot.lib.fix(self: {
+in lib.fix(self: {
  imports = [
    "${depot.depotPath}/ops/nixos/v4l2loopback.nix"
  ];
@ -37,7 +34,7 @@ in depot.lib.fix(self: {
      kernelModules = [ "dm-snapshot" ];
    };

-    kernelPackages = nixpkgs.linuxPackages_latest;
+    kernelPackages = pkgs.linuxPackages_latest;
    kernel.sysctl = {
      "kernel.perf_event_paranoid" = -1;
    };
@ -58,7 +55,7 @@ in depot.lib.fix(self: {

    pulseaudio = {
      enable = true;
-      package = nixpkgs.pulseaudioFull;
+      package = pkgs.pulseaudioFull;
    };

    bluetooth = {
@ -70,14 +67,14 @@ in depot.lib.fix(self: {
    maxJobs = 48;
    nixPath = [
      "depot=/depot"
-      "nixpkgs=${depot.third_party.nixpkgsSrc}"
+      "nixpkgs=${pkgs.path}"
    ];

    binaryCaches = ["ssh://nix-ssh@whitby.tvl.fyi"];
    binaryCachePublicKeys = ["cache.tvl.fyi:fd+9d1ceCPvDX/xVhcfv8nAa6njEhAGAEe+oGJDEeoc="];
  };

-  nixpkgs.pkgs = nixpkgs;
+  nixpkgs.pkgs = pkgs;

  networking = {
    hostName = "frog";
@ -95,7 +92,7 @@ in depot.lib.fix(self: {
  # Generate an immutable /etc/resolv.conf from the nameserver settings
  # above (otherwise DHCP overwrites it):
  environment.etc."resolv.conf" = with lib; {
-    source = depot.third_party.writeText "resolv.conf" ''
+    source = pkgs.writeText "resolv.conf" ''
      ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
      options edns0
    '';
@ -114,7 +111,7 @@ in depot.lib.fix(self: {
    extraGroups = [ "wheel" "audio" "docker" ];
    isNormalUser = true;
    uid = 1000;
-    shell = nixpkgs.fish;
+    shell = pkgs.fish;
  };

  security.sudo = {
@ -123,7 +120,7 @@ in depot.lib.fix(self: {
  };

  fonts = {
-    fonts = with nixpkgs; [
+    fonts = with pkgs; [
      corefonts
      dejavu_fonts
      jetbrains-mono
@ -158,7 +155,7 @@ in depot.lib.fix(self: {
  # Required for Yubikey usage as smartcard
  services.pcscd.enable = true;
  services.udev.packages = [
-    nixpkgs.yubikey-personalization
+    pkgs.yubikey-personalization
  ];

  # Enable Docker for Nixery testing
@ -175,7 +172,7 @@ in depot.lib.fix(self: {
    videoDrivers = [ "amdgpu" ];
    displayManager = {
      # Give EXWM permission to control the session.
-      sessionCommands = "${nixpkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER";
+      sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER";

      lightdm.enable = true;
      lightdm.greeters.gtk.clock-format = "%H·%M"; # TODO(tazjin): TZ?
@ -224,15 +221,12 @@ in depot.lib.fix(self: {
      lieer
      ops.kontemplate
      quasselClient
-      third_party.ffmpeg
      third_party.git
-      third_party.lutris
-      third_party.rr
      tools.nsfv-setup
    ]) ++

    # programs from nixpkgs
-    (with nixpkgs; [
+    (with pkgs; [
      age
      bat
      chromium
@ -245,6 +239,7 @@ in depot.lib.fix(self: {
      emacs27 # mostly for emacsclient
      exa
      fd
+      ffmpeg-full
      file
      gdb
      gnupg
@ -259,6 +254,7 @@ in depot.lib.fix(self: {
      jq
      kubectl
      linuxPackages.perf
+      # lutris
      manpages
      miller
      msmtp
@ -276,6 +272,7 @@ in depot.lib.fix(self: {
      pmutils
      pwgen
      ripgrep
+      rr
      rustup
      screen
      scrot
--- a/users/tazjin/nixos/tverskoy/default.nix
+++ b/users/tazjin/nixos/tverskoy/default.nix
@ -1,17 +1,17 @@
-{ depot, lib, ... }:
+{ depot, lib, pkgs, ... }:

 config: let
  # add google-c-style here because other machines get it from, eh,
  # elsewhere.
  emacs = (depot.users.tazjin.emacs.overrideEmacs(epkgs: epkgs ++ [
-    depot.third_party.emacsPackages.google-c-style
+    pkgs.emacsPackages.google-c-style
  ]));

-  nixpkgs = import depot.third_party.nixpkgsSrc {
+  nixpkgs = import pkgs.path {
    config.allowUnfree = true;
  };

-  quasselClient = depot.third_party.quassel.override {
+  quasselClient = pkgs.quassel.override {
    client = true;
    enableDaemon = false;
    monolithic = false;
@ -33,8 +33,8 @@ in lib.fix(self: {

  nix = {
    nixPath = lib.mkForce [
-      "nixpkgs=${depot.third_party.nixpkgsSrc}"
-      "nixos=${depot.third_party.nixpkgsSrc}"
+      "nixpkgs=${pkgs.path}"
+      "nixos=${pkgs.path}"
      "depot=/depot"
    ];

--- a/users/tazjin/renderMarkdown.nix
+++ b/users/tazjin/renderMarkdown.nix
@ -1,9 +1,9 @@
 # Render a Markdown file to HTML.
-{ depot, ... }:
+{ depot, pkgs, ... }:

 with depot.nix.yants;

-defun [ path drv ] (file: depot.third_party.runCommandNoCC "${file}.rendered.html" {} ''
+defun [ path drv ] (file: pkgs.runCommandNoCC "${file}.rendered.html" {} ''
  cat ${file} | ${depot.tools.cheddar}/bin/cheddar --about-filter ${file} > $out
 '')

--- a/users/tazjin/rlox/default.nix
+++ b/users/tazjin/rlox/default.nix
@ -1,5 +1,5 @@
-{ pkgs, ... }:
+{ depot, ... }:

-pkgs.naersk.buildPackage {
+depot.third_party.naersk.buildPackage {
  src = ./.;
 }