home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit ee4811ce345796301bc070cd038070415fd6560d
parent cccc387fd1c9588d7b0531416bdcbad0c3c78b10
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Fri, 22 May 2020 14:42:46 +0200

tasks.org: braindump for self-contained configuration

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Mtasks.org | 76++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 70 insertions(+), 6 deletions(-)

diff --git a/tasks.org b/tasks.org @@ -220,7 +220,7 @@ Daily or weekly build -* TODO [#A] Pin channel versions +* TODO [#A] self-contained configuration (with pinned channel versions) Instead of relying on =nix-channel=, this should pin the version of all channel required (nixos, nixos-unstable, nixpkgs, nixpkgs-unstable, home-manager, nur, …). @@ -233,6 +233,25 @@ + … as the machines would have the exact same /channels/ as the ci - This would allow to run =nixos-rebuild switch= as a user without the mess of channels +Let's define a plan to experiment and work this out iteratively. + +** DONE Gather information +CLOSED: [2020-05-22 Fri 13:43] +:LOGBOOK: +- State "DONE" from "TODO" [2020-05-22 Fri 13:43] +:END: +- Pin different channels in the configuration (?) +- Run the configuration against multiple channels (?) +- Use =nix.path= or à-la-tazjin or [[https://github.com/nmattia/niv][=niv=]] (which is close to tazjin's approach) + +Some "good" examples + +- [[https://github.com/lovesegfault/nix-config][https://github.com/lovesegfault/nix-config]] +- [[https://github.com/utdemir/dotfiles]] +- [[https://github.com/davidtwco/veritas]] + +Those commands would work + #+begin_src nix nix.nixPath = [ "nixpkgs=${sources.nixos}" ]; #+end_src @@ -241,13 +260,58 @@ nixos-rebuild dry-build -I nixpkgs=$(nix eval --raw '(import nix/sources.nix).nixos.outPath') -I nixos-config=/etc/nixos/configuration.nix #+end_src -** TODO self-contained configuration +One trick to using =home-manager= as NixOS module makes it a bit tricky to use a different +package set. The question (to be answered at some point) is wether to use nixos-20.03 or +nixos-unstable. =nixos-20.03= with being able to use =unstable= package seems to be the +safest bet. -- Pin different channels in the configuration (?) -- Run the configuration against multiple channels (?) -- Use =nix.path= or à-la-tazjin or [[https://github.com/nmattia/niv][=niv=]] (which is close to tazjin's approach) +** TODO Define a plan to experiment with this -** TODO =ci.nix= build on multiple channels +The main requirement is that /while experimenting/, it should not affect the rest of the +machines. [[https://github.com/lovesegfault/nix-config][lovesegfault/dotfiles]] is a good idea to follow as I can keep the current +behavior for most machines and experiment separately on another one. I shouldn't even need +to branch out. + +The goal is: +- using niv =nix/= to update different sources +- being able to do =nix-build -A hokkaido= to build hokkaido from anywhere + + having a =switch= script to run this locally (so that we can automate this in a timer) +- being able to use different sources for different machines (nixpkgs, nixos-20.03, …) +- sharing (still) a lot of the code (modules, pkgs, …) +- having a CI that build and cache to cachix.org + + ideal world, auto-generate the ci configuration +- Use as much as =nix= as possible (most likely use scripts and nix) +- Still support using =home-manager= alone + +Open questions: +- How to manage secrets ? for bootstrap && on change. This is especially important in the + context of CI, if CI has to be able to build a configuration. + +Let's use =hokkaido= for this (thinkpad x220s). Long term, =hokkaido= might be the +nixos-unstable machine and the rest more stable (servers, …). Also let's make sure we +document this all the way (litterate configuration). + +** TODO Bootstrap =hokkaido.nix= machine file + +- Being able to do =nix-build -A hokkaido= +- Use nixos-20.30 as base + +** TODO Create switch script + +Being able to do =switch= (or =make -C Makefile.new switch=, or whatever) + +** TODO Try to use =nixos-unstable= as base + +** TODO How to manage secrets + +** TODO Define CI (where, how) + +* CANCELED =ci.nix= build on multiple channels +CLOSED: [2020-05-22 Fri 13:55] +:LOGBOOK: +- State "CANCELED" from "TODO" [2020-05-22 Fri 13:55] \\ + This will be done differently +:END: :PROPERTIES: :CREATED:[2020-05-05 Tue 12:45] :END: