diff --git a/flake.lock b/flake.lock index bb3cc52..897ee17 100644 --- a/flake.lock +++ b/flake.lock @@ -1,30 +1,12 @@ { "nodes": { "crane": { - "inputs": { - "flake-compat": [ - "lanzaboote", - "flake-compat" - ], - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ], - "rust-overlay": [ - "lanzaboote", - "rust-overlay" - ] - }, "locked": { - "lastModified": 1681177078, - "narHash": "sha256-ZNIjBDou2GOabcpctiQykEQVkI8BDwk7TyvlWlI4myE=", + "lastModified": 1731098351, + "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", "owner": "ipetkov", "repo": "crane", - "rev": "0c9f468ff00576577d83f5019a66c557ede5acf6", + "rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", "type": "github" }, "original": { @@ -36,11 +18,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -57,11 +39,11 @@ ] }, "locked": { - "lastModified": 1680392223, - "narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -91,24 +73,6 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "gitignore": { "inputs": { "nixpkgs": [ @@ -118,11 +82,11 @@ ] }, "locked": { - "lastModified": 1660459072, - "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "type": "github" }, "original": { @@ -138,11 +102,11 @@ ] }, "locked": { - "lastModified": 1745557122, - "narHash": "sha256-eqSo9ugzsqhFgaDFYUZj943nurlX4L6f+AW0skJ4W+M=", + "lastModified": 1746171682, + "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", "owner": "nix-community", "repo": "home-manager", - "rev": "dd26f75fb4ec1c731d4b1396eaf4439ce40a91c1", + "rev": "50eee705bbdbac942074a8c120e8194185633675", "type": "github" }, "original": { @@ -157,22 +121,21 @@ "crane": "crane", "flake-compat": "flake-compat", "flake-parts": "flake-parts", - "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1682802423, - "narHash": "sha256-Fb5TeRTdvUlo/5Yi2d+FC8a6KoRLk2h1VE0/peMhWPs=", + "lastModified": 1737639419, + "narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "64b903ca87d18cef2752c19c098af275c6e51d63", + "rev": "a65905a09e2c43ff63be8c0e86a93712361f871e", "type": "github" }, "original": { "owner": "nix-community", - "ref": "v0.3.0", + "ref": "v0.4.2", "repo": "lanzaboote", "type": "github" } @@ -216,11 +179,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1745503349, - "narHash": "sha256-bUGjvaPVsOfQeTz9/rLTNLDyqbzhl0CQtJJlhFPhIYw=", + "lastModified": 1746621361, + "narHash": "sha256-T9vOxEqI1j1RYugV0b9dgy0AreiZ9yBDKZJYyclF0og=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f7bee55a5e551bd8e7b5b82c9bc559bc50d868d1", + "rev": "2ea3ad8a1f26a76f8a8e23fc4f7757c46ef30ee5", "type": "github" }, "original": { @@ -232,11 +195,11 @@ }, "nixos-unstable": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1746461020, + "narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae", "type": "github" }, "original": { @@ -248,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1682741954, - "narHash": "sha256-RPZxzRu8XU0YD2WeYUFYzJy5yAvWUsxkuK+zWw+6WVk=", + "lastModified": 1731919951, + "narHash": "sha256-vOM6ETpl1yu9KLi/icTmLJIPbbdJCdAVYUXZceO/Ce4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "373e9eb4c42b2fc0611d794de5ea715a35d72393", + "rev": "04386ac325a813047fc314d4b4d838a5b1e3c7fe", "type": "github" }, "original": { @@ -264,27 +227,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1745733216, - "narHash": "sha256-UTgWyFHohRQ8rOcsb6yMClNLwrQtBeyx5uHWGd7qdM8=", + "lastModified": 1746557022, + "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8ad8b9d65444c358b86bf75f73a036b3fd35bce4", + "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", "type": "github" }, "original": { @@ -296,11 +259,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1746461020, + "narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae", "type": "github" }, "original": { @@ -317,11 +280,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1745672678, - "narHash": "sha256-+3HDClco9BTgWovVMODc0e8Gh3+LNTt1EXZW2tJaXjA=", + "lastModified": 1746740791, + "narHash": "sha256-4o0Aj9BXpybfAkcxY3h9+y0AuC5TtIVztuTdVXYubrI=", "owner": "nix-community", "repo": "NUR", - "rev": "34c80a75bf09085cfd04a476389a4162c6154d42", + "rev": "228d29ab7ffa3f89d0088917883b179c7bce05f2", "type": "github" }, "original": { @@ -336,10 +299,6 @@ "lanzaboote", "flake-compat" ], - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], "gitignore": "gitignore", "nixpkgs": [ "lanzaboote", @@ -348,11 +307,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1681413034, - "narHash": "sha256-/t7OjNQcNkeWeSq/CFLYVBfm+IEnkjoSm9iKvArnUUI=", + "lastModified": 1731363552, + "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "d3de8f69ca88fb6f8b09e5b598be5ac98d28ede5", + "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", "type": "github" }, "original": { @@ -377,21 +336,17 @@ }, "rust-overlay": { "inputs": { - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], "nixpkgs": [ "lanzaboote", "nixpkgs" ] }, "locked": { - "lastModified": 1682129965, - "narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=", + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "2c417c0460b788328220120c698630947547ee83", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", "type": "github" }, "original": { @@ -415,21 +370,6 @@ "type": "github" } }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "treefmt-nix": { "inputs": { "nixpkgs": [ @@ -458,11 +398,11 @@ ] }, "locked": { - "lastModified": 1730321837, - "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", + "lastModified": 1746216483, + "narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", + "rev": "29ec5026372e0dec56f890e50dbe4f45930320fd", "type": "github" }, "original": { @@ -473,7 +413,7 @@ }, "utils": { "inputs": { - "systems": "systems_2" + "systems": "systems" }, "locked": { "lastModified": 1731533236, diff --git a/flake.nix b/flake.nix index 2fe6f6b..470ae9b 100644 --- a/flake.nix +++ b/flake.nix @@ -10,7 +10,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { - url = "github:nix-community/lanzaboote/v0.3.0"; + url = "github:nix-community/lanzaboote/v0.4.2"; # deliberately do _not_ follow the nixpkgs input here, because paranoia and test coverage }; utils.url = "github:numtide/flake-utils"; @@ -46,6 +46,16 @@ let # FIXME: allow different systems systems = utils.lib.system; + + # ability to extend nixpkgs with patches, e.g. from PRs or staging. See https://ertt.ca/nix/patch-nixpkgs/ + mkNixpkgs-patched = + system: + (import nixpkgs { inherit system; }).applyPatches { + name = "nixpkgs-patched"; + src = nixpkgs; + patches = [ ./patches/nixos-nixpkgs-362c2bc76d359b908ad1389ee28c23ee0e862324.patch ]; + }; + # necessary to make the top-level inputs available to system configuration # inspired by https://jade.fyi/blog/flakes-arent-real/ inputInjection = @@ -78,7 +88,7 @@ mkHomeManager = confName: user: system: # unfortunately, home-manager configs are still system-specific home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.${system}; + pkgs = import (mkNixpkgs-patched system) { inherit system; }; modules = [ { imports = [ diff --git a/hosts/thinknix/default.nix b/hosts/thinknix/default.nix index 75bd887..431f3ba 100644 --- a/hosts/thinknix/default.nix +++ b/hosts/thinknix/default.nix @@ -22,6 +22,8 @@ speed = 180; }; + boot.extraModprobeConfig = "options thinkpad_acpi fan_control=1"; # enable fan control via echo to /proc/acpi/ibm/fan + schmittlauch.guestUser.enable = true; networking.hostName = "thinknix"; diff --git a/patches/nixos-nixpkgs-362c2bc76d359b908ad1389ee28c23ee0e862324.patch b/patches/nixos-nixpkgs-362c2bc76d359b908ad1389ee28c23ee0e862324.patch new file mode 100644 index 0000000..dbaf9ee --- /dev/null +++ b/patches/nixos-nixpkgs-362c2bc76d359b908ad1389ee28c23ee0e862324.patch @@ -0,0 +1,26 @@ +From 362c2bc76d359b908ad1389ee28c23ee0e862324 Mon Sep 17 00:00:00 2001 +From: Ihar Hrachyshka +Date: Mon, 7 Apr 2025 21:03:09 -0400 +Subject: [PATCH] nodejs_20: fix test failure on darwin on latest MacOS 15.4 + +Signed-off-by: Ihar Hrachyshka +(cherry picked from commit 9674c1f688d12b99fbde26e6068ab62609fef3b1) +--- + pkgs/development/web/nodejs/v20.nix | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/pkgs/development/web/nodejs/v20.nix b/pkgs/development/web/nodejs/v20.nix +index b9c9345c441afa..20cceb5b5d1cda 100644 +--- a/pkgs/development/web/nodejs/v20.nix ++++ b/pkgs/development/web/nodejs/v20.nix +@@ -50,5 +50,10 @@ buildNodejs { + stripLen = 1; + hash = "sha256-6y3aEqxNC4iTQEv1oewodJrhOHxjp5xZMq1P1QL94Rg="; + }) ++ # fix test failure on macos 15.4 ++ (fetchpatch2 { ++ url = "https://github.com/nodejs/node/commit/33f6e1ea296cd20366ab94e666b03899a081af94.patch?full_index=1"; ++ hash = "sha256-aVBMcQlhQeviUQpMIfC988jjDB2BgYzlMYsq+w16mzU="; ++ }) + ] ++ gypPatches; + }