From 3962ada269879927fdcda80a62fe806726e375f2 Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 12:58:26 +0000 Subject: [PATCH 01/10] lon: update nix-modules MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 0cdf222c07b9cbd49857ae046fb41ae9f651cc3f → 44ccf96bd73c1bbbbcc849cb0f2e0d1f5f75f934 Last 3 commits: 44ccf96 feat(ntfy-sh): allow to manage hashed password directly 5612e8f chore: Remove substituteAll usage 1c4a60c fix(ntfy-sh): Write correct nix --- lon.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lon.lock b/lon.lock index 9e7b203..8466f0b 100644 --- a/lon.lock +++ b/lon.lock @@ -195,10 +195,10 @@ "type": "Git", "fetchType": "git", "branch": "dgnum", - "revision": "0cdf222c07b9cbd49857ae046fb41ae9f651cc3f", + "revision": "44ccf96bd73c1bbbbcc849cb0f2e0d1f5f75f934", "url": "https://git.hubrecht.ovh/hubrecht/nix-modules", - "hash": "sha256-VHlkJny+t1AhZ61JOeyYM1rLa4cPEoEt/5+vqAqAJgA=", - "lastModified": 1746016692, + "hash": "sha256-mkrCWowrCje3/TuAG0eAJplrtlz1hYmusSFn93/Ccok=", + "lastModified": 1749629064, "submodules": false }, "nix-pkgs": { From 599f97434d21c5abfaf166d0178e685465f4ec28 Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 13:01:10 +0000 Subject: [PATCH 02/10] lon: update nixos-unstable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit d89fc19e405c → 3e3afe5174c561dee0df6f2c2b2236990146329f Last 50 commits: bd1c971 dbeaver-bin: 25.0.5 -> 25.1.0 (#414411) d311c0e doc: call out 'src' should ideally point to sources cf85d81 shh: 2025.6.4 -> 2025.6.5 db5c622 Merge: matrix-synapse: 1.130.0 -> 1.131.0 (#413629) 9756867 firefox-devedition-bin-unwrapped: 140.0b4 -> 140.0b5 ca726ed copilot-language-server: 1.322.0 -> 1.330.0 (#411058) 8339848 lightning-loop: 0.28.8 -> 0.31.1 (#414283) 90f36a1 framework-tool: 0.4.2 -> 0.4.3 1619e5a framework-tool: add johnazoidberg as maintainer 1a58b25 python3Packages.py-machineid: 0.7.0 -> 0.8.0 (#414416) bd22d19 vimPlugins: update on 2025-06-05 (#414296) a1ea6c9 python3Packages.ipyvuetify: 1.11.1 -> 1.11.2 6e25d98 nixos/filesystems: chore replace 'with' statements ebd3748 attic-client: 0-unstable-2025-02-02 -> 0-unstable-2025-05-29 (#414408) e95626e mastodon: allow specifying missingHashes when overriding src 27c294b geteduroam: 0.11 -> 0.12 08d3857 pywal16: 3.8.6 -> 3.8.9 (#414451) 72e9f57 mobilizon: use lib.getExe 458b3d1 python3Packages.replicate: 1.0.4 -> 1.0.7 78aa5d7 kew: 3.3.2 -> 3.3.3 1019651 nixos/dnscrypt-proxy2: add `package` option 8b4e41e homebank: 5.9.1 -> 5.9.2 (#414144) e2443f7 python3Packages.markitdown: 0.1.1 -> 0.1.2 2e50149 mobilizon: 5.1.2 -> 5.1.4 65c2df8 python3Packages.craft-grammar: move pydantic to dependencies 1ec5ab7 snapcraft: pin Python 3.12 925fd2a python3Packages.craft-grammar: move pydantic to dependencies (#414488) 4e238e4 elmPackages.elm: Fix runtime TLS connection to package.elm-lang.org 45a2f12 doc: call out 'src' should ideally point to sources (#413559) fffc35b apacheHttpdPackages.php: 8.4.7 -> 8.4.8 dfa2b38 dorion: 5.0.1 → 6.7.1; dorion: build from source (#265771) 559987a shh: 2025.6.4 -> 2025.6.5 (#414457) 68b1422 geteduroam: 0.11 -> 0.12 (#414479) d0a93ec radicle-{explorer,httpd}: 0.18.2 → 0.19.1 585e6f6 labelife-label-printer: 1.2.1 -> 2.0.0 94bb902 firefox-devedition-bin-unwrapped: 140.0b4 -> 140.0b5 (#414460) 20eb58b snapcraft: pin Python 3.12 (#414493) 92e1950 elmPackages.elm: Fix runtime TLS connection to package.elm-lang.org (#414495) af0a73d ecapture: 1.0.2 -> 1.1.0 (#413011) a4ff0e3 nixos/kanidm: Fix bind paths (#409310) 69407aa maintainers: add yethal cc43028 nushellPlugins.hcl: init at 0.104.1 b0afabc zipline: 4.1.0 -> 4.1.1 1edd461 mobilizon: 5.1.2 -> 5.1.4 (#414487) c31d074 azure-cli: 2.73.0 -> 2.74.0 (#413503) c7a62d3 exploitdb: 2025-05-30 -> 2025-06-06 56353fd python313Packages.tencentcloud-sdk-python: 3.0.1393 -> 3.0.1394 24b3e36 python313Packages.publicsuffixlist: 1.0.2.20250603 -> 1.0.2.20250606 cf0749d checkov: 3.2.436 -> 3.2.437 144b478 python312Packages.mypy-boto3-cloudformation: 1.38.0 -> 1.38.31 --- lon.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lon.lock b/lon.lock index 9e7b203..ce5a97d 100644 --- a/lon.lock +++ b/lon.lock @@ -257,9 +257,9 @@ "owner": "NixOS", "repo": "nixpkgs", "branch": "nixos-unstable", - "revision": "d89fc19e405c", - "url": "https://github.com/NixOS/nixpkgs/archive/d89fc19e405c.tar.gz", - "hash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=" + "revision": "3e3afe5174c561dee0df6f2c2b2236990146329f", + "url": "https://github.com/NixOS/nixpkgs/archive/3e3afe5174c561dee0df6f2c2b2236990146329f.tar.gz", + "hash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=" }, "proxmox-nixos": { "type": "Git", From ff1920acf67fe72c2d0dc973ead97cb4fa771dcf Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 12:59:02 +0000 Subject: [PATCH 03/10] lon: update nixos-24.05 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit b134951a4c9f → b134951a4c9f3c995fd7be05f3243f8ecd65d798 Last 0 commits: --- lon.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lon.lock b/lon.lock index 8466f0b..f2b0841 100644 --- a/lon.lock +++ b/lon.lock @@ -227,8 +227,8 @@ "owner": "NixOS", "repo": "nixpkgs", "branch": "nixos-24.05", - "revision": "b134951a4c9f", - "url": "https://github.com/NixOS/nixpkgs/archive/b134951a4c9f.tar.gz", + "revision": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", + "url": "https://github.com/NixOS/nixpkgs/archive/b134951a4c9f3c995fd7be05f3243f8ecd65d798.tar.gz", "hash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=" }, "nixos-24.11": { From 07a3435f9055b4ef9b59c229ff90c78f494058bc Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 12:58:14 +0000 Subject: [PATCH 04/10] lon: update lix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit d169c092fc28838a253be136d17fe7de1292c728 → ee0655240270480d7f6063dcf12ec47f04d2ded6 Last 50 commits: ee06552 libstore: asyncify RemoteStore::Connection::processStderr 7a10df6 libstore: asyncify RemoteStore connection setup cc04a43 libstore: remove flushing from processStderr 8b3fdbc libstore: add framed data support to sendCommand 1a22475 libstore: encapsulate reading simple command results 2128a2d libstore: encapsulate sending of simple commands ec374bc libstore: deserialize findRoots data as vector-of-tuples ab8f4ae libstore: add CommonProto code for bool/unsigned/uint64_t 87fbc15 libutil: make the pool element factory a promise 56847dc libutil: make Buffered{Sink,Source} io buffer shareable 7d681a5 libutil: add io buffer abstraction cc56070 libstore: have SSH use a socketpair, not two pipes 9c4fd3d libstore: remove unused RemoteStore::Connection::closeWrite bea24c8 libutil/cgroup: destroy state record at destroy time 7bd8271 libstore/platform/linux: destroy cgroup before we release user locks 797c6d4 libutil/file-system: make `AutoDelete` not copyable and movable 9f9fced libstore/build/worker: clean up cgroup error messages typos a527bb2 libstore/build: cgroup delegation to sandbox 1783d5b libstore/build: drop cgroups experimental feature 21dbd77 libstore/binary-cache-store: skip NAR listings if it's not possible to serialize it 1e71df3 doc/manual/rl-next: mention symbol value reuse ebc8f56 libexpr/primops: pass the underlying `Value` of symbols if possible 5e98a21 libexpr/symbol-table: introduce `InternedSymbol` 364e94f libexpr/value: do not depend on `Symbol` 95ea358 libexpr/print: drop redundant constructor in emplace_back call ac3b742 libexpr/symbol-table: remove unused field from `SymbolTable::symbols` 5db71cf libutil: `add` should emplace inside a `ChunkedVector` d8b1bb5 build: fix Meson warning about lix-clang-tidy not having meson_version b70bbbe misc/pre-commit: add automatic `clang-format` of changed lines c19a0fe devshell: add `git-clang-format` 004a505 tests/functional2/nix: fix config serialization 0625e69 tests/functional2: fix bad error message when merging files afa5b92 tests/functional2: improve type checking util 60830ca libstore: add derivation wire generator 4ebf79b libstore: associate wire connection states with stores ce9acd5 libstore: use proper connection handle for narFromPath 2cd44d2 libstore: don't wrap&unwrap connection handles b33669b libutil: remove withFramedSink c135710 libstore: send worker options packet as one blob cf93814 libutil: remove unused FdSource::read 8c30a16 libutil: remove long-dead create_coro_gc_hook dd31a23 libstore: add worker serializer for SubstitutablePathInfo fca0a30 libstore: remove pre-2.18 protocols 019b17f tests/functional2/lang: Migrate trivial `eval-okay` tests 9673c64 tests/functional2/lang: Migrate trivial `parse-okay` tests 0219434 tests/functional2/lang: Migrate trivial `parse-fail` tests 63edb9c tests/functional2/lang: Migrate trivial `eval-fail` tests a7e5ff0 tests/functional2: Make symlink handling less confusing e753fcb gc: delay throwing error until cleanup is complete 530b40a tests/functional2: fix overly broad xfail test passing --- lon.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lon.lock b/lon.lock index f2b0841..bd0eb58 100644 --- a/lon.lock +++ b/lon.lock @@ -135,10 +135,10 @@ "type": "Git", "fetchType": "git", "branch": "main", - "revision": "d169c092fc28838a253be136d17fe7de1292c728", + "revision": "ee0655240270480d7f6063dcf12ec47f04d2ded6", "url": "https://git.lix.systems/lix-project/lix.git", - "hash": "sha256-gsPA3AAGi3pucRpzJbhWWyyOBv2/2OjAjU/SlcSE8Vc=", - "lastModified": 1743274305, + "hash": "sha256-DDhns3NS6L5OlYR0mSX03I5D7uGLyyd3MZegd1wTCyc=", + "lastModified": 1749682763, "submodules": false }, "lix-module": { From 05a7477a8e2feda8adc2a82f0a6880d58f1456a6 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Thu, 12 Jun 2025 15:55:27 +0200 Subject: [PATCH 05/10] fix(lix): Drop fetchGit-locked patch as it is included upstream --- patches/default.nix | 1 - patches/lix/02-fetchGit-locked.patch | 86 ---------------------------- 2 files changed, 87 deletions(-) delete mode 100644 patches/lix/02-fetchGit-locked.patch diff --git a/patches/default.nix b/patches/default.nix index 0aeb365..d352deb 100644 --- a/patches/default.nix +++ b/patches/default.nix @@ -18,7 +18,6 @@ with { lix = [ (local ./lix/01-disable-installChecks.patch) - (local ./lix/02-fetchGit-locked.patch) ]; lon = [ diff --git a/patches/lix/02-fetchGit-locked.patch b/patches/lix/02-fetchGit-locked.patch deleted file mode 100644 index 9f97117..0000000 --- a/patches/lix/02-fetchGit-locked.patch +++ /dev/null @@ -1,86 +0,0 @@ -diff --git i/lix/libexpr/primops/fetchTree.cc w/lix/libexpr/primops/fetchTree.cc -index 93b08ecc9..6d04ce24b 100644 ---- i/lix/libexpr/primops/fetchTree.cc -+++ w/lix/libexpr/primops/fetchTree.cc -@@ -168,6 +168,11 @@ static void fetchTree( - "attribute 'name' isn’t supported in call to 'fetchTree'" - ).atPos(pos).debugThrow(); - -+ // HACK: When using `fetchGit`, locking with only the hash should happen -+ // as we don't care about flake hallucinations about `lastModified` -+ if (type == "git" && attrs.contains("narHash")) -+ attrs["type"] = "git-locked"; -+ - input = fetchers::Input::fromAttrs(std::move(attrs)); - } else { - auto url = state.coerceToString(pos, *args[0], context, -diff --git i/lix/libfetchers/builtin-fetchers.hh w/lix/libfetchers/builtin-fetchers.hh -index d3be7f7f2..d1389b8ba 100644 ---- i/lix/libfetchers/builtin-fetchers.hh -+++ w/lix/libfetchers/builtin-fetchers.hh -@@ -10,6 +10,7 @@ std::unique_ptr makePathInputScheme(); - std::unique_ptr makeFileInputScheme(); - std::unique_ptr makeTarballInputScheme(); - std::unique_ptr makeGitInputScheme(); -+std::unique_ptr makeGitLockedInputScheme(); - std::unique_ptr makeMercurialInputScheme(); - std::unique_ptr makeGitHubInputScheme(); - std::unique_ptr makeGitLabInputScheme(); -diff --git i/lix/libfetchers/fetchers.cc w/lix/libfetchers/fetchers.cc -index 0dc9f5e0c..91cd9332d 100644 ---- i/lix/libfetchers/fetchers.cc -+++ w/lix/libfetchers/fetchers.cc -@@ -22,6 +22,7 @@ void initLibFetchers() - registerInputScheme(makeTarballInputScheme()); - registerInputScheme(makeFileInputScheme()); - registerInputScheme(makeGitInputScheme()); -+ registerInputScheme(makeGitLockedInputScheme()); - registerInputScheme(makeMercurialInputScheme()); - registerInputScheme(makeGitHubInputScheme()); - registerInputScheme(makeGitLabInputScheme()); -diff --git i/lix/libfetchers/git.cc w/lix/libfetchers/git.cc -index 21fa1904d..f9573eacd 100644 ---- i/lix/libfetchers/git.cc -+++ w/lix/libfetchers/git.cc -@@ -812,4 +812,40 @@ std::unique_ptr makeGitInputScheme() - return std::make_unique(); - } - -+struct GitLockedInputScheme : GitInputScheme { -+ -+ std::optional inputFromAttrs(const Attrs & attrs) const override -+ { -+ if (maybeGetStrAttr(attrs, "type") != "git-locked") return {}; -+ -+ for (auto & [name, value] : attrs) -+ if (name != "type" && name != "url" && name != "ref" && name != "rev" && name != "shallow" && name != "submodules" && name != "lastModified" && name != "revCount" && name != "narHash" && name != "allRefs" && name != "name" && name != "dirtyRev" && name != "dirtyShortRev") -+ throw Error("unsupported Git input attribute '%s'", name); -+ -+ parseURL(getStrAttr(attrs, "url")); -+ maybeGetBoolAttr(attrs, "shallow"); -+ maybeGetBoolAttr(attrs, "submodules"); -+ maybeGetBoolAttr(attrs, "allRefs"); -+ -+ if (auto ref = maybeGetStrAttr(attrs, "ref")) { -+ if (std::regex_search(*ref, badGitRefRegex)) -+ throw BadURL("invalid Git branch/tag name '%s'", *ref); -+ } -+ -+ Input input; -+ input.attrs = attrs; -+ return input; -+ } -+ -+ bool hasAllInfo(const Input & input) const override { -+ return true; -+ } -+ -+}; -+ -+std::unique_ptr makeGitLockedInputScheme() -+{ -+ return std::make_unique(); -+} -+ - } - From 8c09de15293b6766418a5bad1bca82536d289394 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Thu, 12 Jun 2025 16:00:42 +0200 Subject: [PATCH 06/10] fix(build01/nix-builder): Remove impure-derivations from experimental-features Lix no longer supports it --- machines/nixos/build01/nix-builder.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/machines/nixos/build01/nix-builder.nix b/machines/nixos/build01/nix-builder.nix index 53dce67..79ff63e 100644 --- a/machines/nixos/build01/nix-builder.nix +++ b/machines/nixos/build01/nix-builder.nix @@ -69,7 +69,6 @@ # "ca-derivations" this feature is really extremely broken. "cgroups" "fetch-closure" - "impure-derivations" ]; }; }; From fc6c88543e4236769d10e72fc634be87c515749d Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 12:58:21 +0000 Subject: [PATCH 07/10] lon: update lix-module MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fa69ae26cc32dda178117b46487c2165c0e08316 → 3c23c6ae2aecc1f76ae7993efe1a78b5316f0700 Last 6 commits: 3c23c6a Merge pull request 'nix-eval-jobs: add `__intentionallyOverridingVersion`' (#65) from isabelroses/nixos-module:eval-jobs-fix into main aaedf4e nix-eval-jobs: add `__intentionallyOverridingVersion` 58baedd Begin 2.94.x 4ca269a Merge tag '2.93.0' cd2a9c0 Module 2.93.0 ad0a6a9 flake.lock: Update --- lon.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lon.lock b/lon.lock index bd0eb58..041bd9d 100644 --- a/lon.lock +++ b/lon.lock @@ -145,10 +145,10 @@ "type": "Git", "fetchType": "git", "branch": "main", - "revision": "fa69ae26cc32dda178117b46487c2165c0e08316", + "revision": "3c23c6ae2aecc1f76ae7993efe1a78b5316f0700", "url": "https://git.lix.systems/lix-project/nixos-module.git", - "hash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", - "lastModified": 1742945498, + "hash": "sha256-7EICjbmG6lApWKhFtwvZovdcdORY1CEe6/K7JwtpYfs=", + "lastModified": 1747667424, "submodules": false }, "lon": { From 124d9b72b01a1b9688fc3356d71a46f033324214 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Thu, 12 Jun 2025 16:09:42 +0200 Subject: [PATCH 08/10] feat(workflows/eval-nodes): Print evaluation statistics --- .forgejo/workflows/eval-nodes.yaml | 25 +++++++++++++++++++++++++ workflows/eval-nodes.nix | 5 ++++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/eval-nodes.yaml b/.forgejo/workflows/eval-nodes.yaml index 87ed659..6fad666 100644 --- a/.forgejo/workflows/eval-nodes.yaml +++ b/.forgejo/workflows/eval-nodes.yaml @@ -7,6 +7,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: Jaccess01 + NIX_SHOW_STATS: 1 name: Eval Jaccess01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -26,6 +27,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: Jaccess04 + NIX_SHOW_STATS: 1 name: Eval Jaccess04 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -45,6 +47,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: ap01 + NIX_SHOW_STATS: 1 name: Eval ap01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -64,6 +67,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: bridge01 + NIX_SHOW_STATS: 1 name: Eval bridge01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -83,6 +87,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: build01 + NIX_SHOW_STATS: 1 name: Eval build01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -102,6 +107,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: cof02 + NIX_SHOW_STATS: 1 name: Eval cof02 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -121,6 +127,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: compute01 + NIX_SHOW_STATS: 1 name: Eval compute01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -140,6 +147,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: geo01 + NIX_SHOW_STATS: 1 name: Eval geo01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -159,6 +167,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: geo02 + NIX_SHOW_STATS: 1 name: Eval geo02 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -178,6 +187,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: hypervisor01 + NIX_SHOW_STATS: 1 name: Eval hypervisor01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -197,6 +207,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: hypervisor02 + NIX_SHOW_STATS: 1 name: Eval hypervisor02 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -216,6 +227,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: hypervisor03 + NIX_SHOW_STATS: 1 name: Eval hypervisor03 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -235,6 +247,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: iso + NIX_SHOW_STATS: 1 name: Eval iso run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -254,6 +267,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: krz01 + NIX_SHOW_STATS: 1 name: Eval krz01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -273,6 +287,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: lab-router01 + NIX_SHOW_STATS: 1 name: Eval lab-router01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -292,6 +307,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: netcore01 + NIX_SHOW_STATS: 1 name: Eval netcore01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -311,6 +327,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: netcore02 + NIX_SHOW_STATS: 1 name: Eval netcore02 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -330,6 +347,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: rescue01 + NIX_SHOW_STATS: 1 name: Eval rescue01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -349,6 +367,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: storage01 + NIX_SHOW_STATS: 1 name: Eval storage01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -368,6 +387,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: tower01 + NIX_SHOW_STATS: 1 name: Eval tower01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -387,6 +407,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: vault01 + NIX_SHOW_STATS: 1 name: Eval vault01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -406,6 +427,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: web01 + NIX_SHOW_STATS: 1 name: Eval web01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -425,6 +447,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: web02 + NIX_SHOW_STATS: 1 name: Eval web02 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -444,6 +467,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: web03 + NIX_SHOW_STATS: 1 name: Eval web03 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" @@ -463,6 +487,7 @@ jobs: - uses: actions/checkout@v3 - env: BUILD_NODE: zulip01 + NIX_SHOW_STATS: 1 name: Eval zulip01 run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'" diff --git a/workflows/eval-nodes.nix b/workflows/eval-nodes.nix index acbe3f4..94f585f 100644 --- a/workflows/eval-nodes.nix +++ b/workflows/eval-nodes.nix @@ -30,7 +30,10 @@ in ''; shell = "eval-nodes"; }; - env.BUILD_NODE = node; + env = { + BUILD_NODE = node; + NIX_SHOW_STATS = 1; + }; } { name = "Build ${node}"; From 8e407daa0bbdbe06db7d4f495803e70663ecd181 Mon Sep 17 00:00:00 2001 From: catvayor Date: Fri, 6 Jun 2025 16:04:23 +0200 Subject: [PATCH 09/10] fix(patch): pr 403844 has conflict now --- REUSE.toml | 2 +- default.nix | 1 + patches/default.nix | 2 +- patches/nixpkgs/06-netbird-dashboard.patch | 35 ++++++++++++++++++++++ 4 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 patches/nixpkgs/06-netbird-dashboard.patch diff --git a/REUSE.toml b/REUSE.toml index c25eb47..bd72fbd 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -38,7 +38,7 @@ precedence = "closest" [[annotations]] SPDX-FileCopyrightText = "2024 Lubin Bailly " SPDX-License-Identifier = "EUPL-1.2" -path = ["modules/nixos/extranix/0001-revert-don-t-parse-md-in-js.patch", "modules/nixos/extranix/0002-chore-remove-useless-dependencies.patch", "modules/nixos/extranix/0003-feat-separate-HTML-description-of-MD-description.patch", "modules/nixos/extranix/0004-fix-indentation-of-ul.patch", "modules/nixos/extranix/0005-feat-match-all-substring-by-default.patch", "patches/nixpkgs/02-action-validator.patch", "machines/nixos/vault01/k-radius/packages/04-request-dgsi-vlan.patch"] +path = ["modules/nixos/extranix/0001-revert-don-t-parse-md-in-js.patch", "modules/nixos/extranix/0002-chore-remove-useless-dependencies.patch", "modules/nixos/extranix/0003-feat-separate-HTML-description-of-MD-description.patch", "modules/nixos/extranix/0004-fix-indentation-of-ul.patch", "modules/nixos/extranix/0005-feat-match-all-substring-by-default.patch", "patches/nixpkgs/02-action-validator.patch", "machines/nixos/vault01/k-radius/packages/04-request-dgsi-vlan.patch", "patches/nixpkgs/06-netbird-dashboard.patch"] precedence = "closest" [[annotations]] diff --git a/default.nix b/default.nix index 8e71ffc..9ffad4c 100644 --- a/default.nix +++ b/default.nix @@ -154,6 +154,7 @@ let "modules/nixos/extranix/0005-feat-match-all-substring-by-default.patch" "patches/nixpkgs/02-action-validator.patch" "machines/nixos/vault01/k-radius/packages/04-request-dgsi-vlan.patch" + "patches/nixpkgs/06-netbird-dashboard.patch" ]; copyright = "2024 Lubin Bailly "; } diff --git a/patches/default.nix b/patches/default.nix index d352deb..0e1fce8 100644 --- a/patches/default.nix +++ b/patches/default.nix @@ -53,7 +53,7 @@ with { (local ./nixpkgs/05-netbird-relay.patch) # netbird-dashboard: 2.9.0 -> 2.12.0 - (npr 403844 "sha256-oQUc/UEvWOdZ5IyemnZeFS5dVysblqdV9fm6t790Kms=") + (local ./nixpkgs/06-netbird-dashboard.patch) ]; "agenix" = [ diff --git a/patches/nixpkgs/06-netbird-dashboard.patch b/patches/nixpkgs/06-netbird-dashboard.patch new file mode 100644 index 0000000..35ede48 --- /dev/null +++ b/patches/nixpkgs/06-netbird-dashboard.patch @@ -0,0 +1,35 @@ +diff --git a/pkgs/by-name/ne/netbird-dashboard/package.nix b/pkgs/by-name/ne/netbird-dashboard/package.nix +index 0670d3333e6bce..fcd2f4df65fce9 100644 +--- a/pkgs/by-name/ne/netbird-dashboard/package.nix ++++ b/pkgs/by-name/ne/netbird-dashboard/package.nix +@@ -6,16 +6,16 @@ + + buildNpmPackage rec { + pname = "netbird-dashboard"; +- version = "2.9.0"; ++ version = "2.12.0"; + + src = fetchFromGitHub { + owner = "netbirdio"; + repo = "dashboard"; + rev = "v${version}"; +- hash = "sha256-PY/jK96FK6Y0++Ie4Yg/7GrGoLtLcgCSzXIkqySxe2M="; ++ hash = "sha256-AZ8vrDtpVADW8NMq/MBpYd6VSMcuFzk67UXoXdPeiPk="; + }; + +- npmDepsHash = "sha256-TELyc62l/8IaX9eL2lxRFth0AAZ4LXsV2WNzXSHRnTw="; ++ npmDepsHash = "sha256-XNAphh1zNi4enf0Mz9TUgWyZHezTuctMPTBswKO4eW8="; + npmFlags = [ "--legacy-peer-deps" ]; + + installPhase = '' +@@ -30,6 +30,9 @@ buildNpmPackage rec { + description = "NetBird Management Service Web UI Panel"; + homepage = "https://github.com/netbirdio/dashboard"; + license = licenses.bsd3; +- maintainers = with maintainers; [ ]; ++ maintainers = with maintainers; [ ++ vrifox ++ patrickdag ++ ]; + }; + } From cc2f1ce24517c220ba24fdca434573eb64206fed Mon Sep 17 00:00:00 2001 From: "DGNum [bot]" Date: Thu, 12 Jun 2025 13:01:10 +0000 Subject: [PATCH 10/10] lon: update nixos-unstable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit d89fc19e405c → 3e3afe5174c561dee0df6f2c2b2236990146329f Last 50 commits: bd1c971 dbeaver-bin: 25.0.5 -> 25.1.0 (#414411) d311c0e doc: call out 'src' should ideally point to sources cf85d81 shh: 2025.6.4 -> 2025.6.5 db5c622 Merge: matrix-synapse: 1.130.0 -> 1.131.0 (#413629) 9756867 firefox-devedition-bin-unwrapped: 140.0b4 -> 140.0b5 ca726ed copilot-language-server: 1.322.0 -> 1.330.0 (#411058) 8339848 lightning-loop: 0.28.8 -> 0.31.1 (#414283) 90f36a1 framework-tool: 0.4.2 -> 0.4.3 1619e5a framework-tool: add johnazoidberg as maintainer 1a58b25 python3Packages.py-machineid: 0.7.0 -> 0.8.0 (#414416) bd22d19 vimPlugins: update on 2025-06-05 (#414296) a1ea6c9 python3Packages.ipyvuetify: 1.11.1 -> 1.11.2 6e25d98 nixos/filesystems: chore replace 'with' statements ebd3748 attic-client: 0-unstable-2025-02-02 -> 0-unstable-2025-05-29 (#414408) e95626e mastodon: allow specifying missingHashes when overriding src 27c294b geteduroam: 0.11 -> 0.12 08d3857 pywal16: 3.8.6 -> 3.8.9 (#414451) 72e9f57 mobilizon: use lib.getExe 458b3d1 python3Packages.replicate: 1.0.4 -> 1.0.7 78aa5d7 kew: 3.3.2 -> 3.3.3 1019651 nixos/dnscrypt-proxy2: add `package` option 8b4e41e homebank: 5.9.1 -> 5.9.2 (#414144) e2443f7 python3Packages.markitdown: 0.1.1 -> 0.1.2 2e50149 mobilizon: 5.1.2 -> 5.1.4 65c2df8 python3Packages.craft-grammar: move pydantic to dependencies 1ec5ab7 snapcraft: pin Python 3.12 925fd2a python3Packages.craft-grammar: move pydantic to dependencies (#414488) 4e238e4 elmPackages.elm: Fix runtime TLS connection to package.elm-lang.org 45a2f12 doc: call out 'src' should ideally point to sources (#413559) fffc35b apacheHttpdPackages.php: 8.4.7 -> 8.4.8 dfa2b38 dorion: 5.0.1 → 6.7.1; dorion: build from source (#265771) 559987a shh: 2025.6.4 -> 2025.6.5 (#414457) 68b1422 geteduroam: 0.11 -> 0.12 (#414479) d0a93ec radicle-{explorer,httpd}: 0.18.2 → 0.19.1 585e6f6 labelife-label-printer: 1.2.1 -> 2.0.0 94bb902 firefox-devedition-bin-unwrapped: 140.0b4 -> 140.0b5 (#414460) 20eb58b snapcraft: pin Python 3.12 (#414493) 92e1950 elmPackages.elm: Fix runtime TLS connection to package.elm-lang.org (#414495) af0a73d ecapture: 1.0.2 -> 1.1.0 (#413011) a4ff0e3 nixos/kanidm: Fix bind paths (#409310) 69407aa maintainers: add yethal cc43028 nushellPlugins.hcl: init at 0.104.1 b0afabc zipline: 4.1.0 -> 4.1.1 1edd461 mobilizon: 5.1.2 -> 5.1.4 (#414487) c31d074 azure-cli: 2.73.0 -> 2.74.0 (#413503) c7a62d3 exploitdb: 2025-05-30 -> 2025-06-06 56353fd python313Packages.tencentcloud-sdk-python: 3.0.1393 -> 3.0.1394 24b3e36 python313Packages.publicsuffixlist: 1.0.2.20250603 -> 1.0.2.20250606 cf0749d checkov: 3.2.436 -> 3.2.437 144b478 python312Packages.mypy-boto3-cloudformation: 1.38.0 -> 1.38.31 --- lon.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lon.lock b/lon.lock index 041bd9d..abd1235 100644 --- a/lon.lock +++ b/lon.lock @@ -257,9 +257,9 @@ "owner": "NixOS", "repo": "nixpkgs", "branch": "nixos-unstable", - "revision": "d89fc19e405c", - "url": "https://github.com/NixOS/nixpkgs/archive/d89fc19e405c.tar.gz", - "hash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=" + "revision": "3e3afe5174c561dee0df6f2c2b2236990146329f", + "url": "https://github.com/NixOS/nixpkgs/archive/3e3afe5174c561dee0df6f2c2b2236990146329f.tar.gz", + "hash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=" }, "proxmox-nixos": { "type": "Git",