feat(infra): Rework nixpkgs version management

hive.nix

@@ -16,23 +16,34 @@ let
     ];
   };
 
-  mkPatchedNixpkgs =
+  nixpkgs' = import ./meta/nixpkgs.nix;
-    version:
+  # All supported nixpkgs versions, instanciated
+  nixpkgs = lib.mapSingleFuse mkNixpkgs nixpkgs'.supported;
+
+  # Get the configured nixos version for the node,
+  # defaulting to the one defined in meta/nixpkgs
+  version = node: nodes'.${node}.nixpkgs or nixpkgs'.default;
+
+  # Builds a patched version of nixpkgs, only as the source
+  mkNixpkgs' =
+    v:
+    let
+      version = "nixos-${v}";
+    in
     patch.mkNixpkgsSrc {
       src = sources.${version};
       inherit version;
     };
 
-  mkNixpkgs = version: import (mkPatchedNixpkgs version) { };
+  # Instanciates the required nixpkgs version
-
+  mkNixpkgs = version: import (mkNixpkgs' version) { };
-  mkNixpkgsVersion = node: "nixos-${nodes'.${node}.nixpkgs or (import ./meta/nixpkgs.nix)}";
 
   ###
   # Function to create arguments based on the node
   #
   mkArgs = node: rec {
     lib = import sources.nix-lib {
-      inherit (mkNixpkgs (mkNixpkgsVersion node)) lib;
+      inherit (nixpkgs.${version node}) lib;
 
       keysRoot = ./keys;
     };
@@ -40,14 +51,13 @@ let
     meta = (import ./meta) lib;
   };
 in
-# nodes = builtins.attrNames metadata.nodes;
+
 {
   meta = {
-    nodeNixpkgs = lib.mapSingleFuse (n: mkNixpkgs (mkNixpkgsVersion n)) nodes;
+    nodeNixpkgs = lib.mapSingleFuse (n: nixpkgs.${version n}) nodes;
 
     specialArgs = {
-      inherit sources;
+      inherit nixpkgs sources;
-      inherit mkNixpkgs;
     };
 
     nodeSpecialArgs = lib.mapSingleFuse mkArgs nodes;
@@ -66,7 +76,7 @@ in
       inherit (meta.nodes.${name}) deployment;
 
       # Set NIX_PATH to the patched version of nixpkgs
-      nix.nixPath = [ "nixpkgs=${mkPatchedNixpkgs (mkNixpkgsVersion name)}" ];
+      nix.nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
       nix.optimise.automatic = true;
 
       # Allow unfree packages

machines/compute01/kanidm/default.nix

@@ -1,4 +1,4 @@
-{ config, sources, ... }:
+{ config, nixpkgs, ... }:
 
 let
   domain = "sso.dgnum.eu";
@@ -18,7 +18,7 @@ in
   services.kanidm = {
     enableServer = true;
 
-    package = (import sources.nixos-unstable { }).kanidm;
+    package = nixpkgs.unstable.kanidm;
 
     serverSettings = {
       inherit domain;

machines/storage01/forgejo-runners.nix

@@ -1,7 +1,7 @@
 {
   config,
   pkgs,
-  sources,
+  nixpkgs,
   ...
 }:
 
@@ -43,7 +43,7 @@ in
       pkgs.colmena
       pkgs.npins
       pkgs.tea
-      (import sources.nixpkgs { }).nixfmt-rfc-style
+      nixpkgs.unstable.nixfmt-rfc-style
     ];
 
     containerOptions = [ "--cpus=4" ];

machines/web01/netbox.nix

@@ -1,7 +1,7 @@
 {
   config,
   lib,
-  mkNixpkgs,
+  nixpkgs,
   ...
 }:
 
@@ -13,7 +13,7 @@ in
   services = {
     netbox = {
       enable = true;
-      package = (mkNixpkgs "nixos-unstable").netbox_3_7;
+      package = nixpkgs.unstable.netbox_3_7;
       secretKeyFile = "/dev/null";
       listenAddress = "127.0.0.1";
       plugins = p: [ p.netbox-qrcode ];

meta/nixpkgs.nix

@@ -1,2 +1,10 @@
-# Default version of nixpkgs to use
+{
-"23.11"
+  # Default version of nixpkgs to use
+  default = "23.11";
+
+  # Supported nixpkgs versions
+  supported = [
+    "unstable"
+    "23.11"
+  ];
+}

meta/options.nix

@@ -89,7 +89,7 @@ in
 
               nixpkgs = mkOption {
                 type = str;
-                default = import ./nixpkgs.nix;
+                inherit (import ./nixpkgs.nix) default;
                 description = ''
                   Version of nixpkgs to use.
                 '';

modules/dgn-netbox-agent/default.nix

@@ -6,7 +6,6 @@
   ...
 }:
 let
-  inherit (config.deployment) tags;
   inherit (config.networking) hostName domain;
 in
 {