feat(forgejo-runners): Use /data/slow/nix and not /data/slow/nix/nix

The upstream module should be updated to reflect that, use rootPath
instead of storePath

.forgejo/workflows/check-meta.yaml

@@ -12,7 +12,7 @@ jobs:
     - name: Check the validity of meta options
       run: nix-build meta/verify.nix -A meta
 name: Check meta
-'on':
+on:
   pull_request:
     branches:
     - main

.forgejo/workflows/check-workflows.yaml

@@ -7,7 +7,7 @@ jobs:
       run: nix-shell -A check-workflows --run '[ $(git status --porcelain | wc -l)
         -eq 0 ]'
 name: Check workflows
-'on':
+on:
   pull_request:
     branches:
     - main

.forgejo/workflows/eval-nodes.yaml

@@ -110,7 +110,7 @@ jobs:
       name: Build and cache web03
       run: nix-shell -A eval-nodes --run cache-node
 name: Build all the nodes
-'on':
+on:
   pull_request:
     branches:
     - main

.forgejo/workflows/npins-update.yaml

@@ -7,19 +7,19 @@ jobs:
         depth: 0
         token: ${{ secrets.TEA_DGNUM_CHORES_TOKEN }}
     - name: Update dependencies and open PR if necessary
-      run: "npins update\n\nif [ ! -z \"$(git diff --name-only)\" ]; then\n  echo\
+      run: "npins update\n\nif [ ! -z \"$(git diff --name-only)\" ]; then\n  echo
-        \ \"[+] Changes detected, pushing updates.\"\n\n  git switch -C npins-update\n\
+        \"[+] Changes detected, pushing updates.\"\n\n  git switch -C npins-update\n\
-        \n  git add npins\n\n  git config user.name \"DGNum Chores\"\n  git config\
+        \n  git add npins\n\n  git config user.name \"DGNum Chores\"\n  git config
-        \ user.email \"tech@dgnum.eu\"\n\n  git commit --message \"chore(npins): Update\"\
+        user.email \"tech@dgnum.eu\"\n\n  git commit --message \"chore(npins): Update\"\
-        \n  git push --set-upstream origin npins-update --force\n\n  # Connect to\
+        \n  git push --set-upstream origin npins-update --force\n\n  # Connect to
-        \ the server with the cli\n  tea login add \\\n    -n dgnum-chores \\\n  \
+        the server with the cli\n  tea login add \\\n    -n dgnum-chores \\\n    -t
-        \  -t \"${{ secrets.TEA_DGNUM_CHORES_TOKEN }}\" \\\n    -u https://git.dgnum.eu\n\
+        \"${{ secrets.TEA_DGNUM_CHORES_TOKEN }}\" \\\n    -u https://git.dgnum.eu\n\
-        \n  # Create a pull request if needed\n  # i.e. no PR with the same title\
+        \n  # Create a pull request if needed\n  # i.e. no PR with the same title
-        \ exists\n  if [ -z \"$(tea pr ls -f='title,author' -o simple | grep 'chore(npins):\
+        exists\n  if [ -z \"$(tea pr ls -f='title,author' -o simple | grep 'chore(npins):
-        \ Update dgnum-chores')\" ]; then\n    tea pr create \\\n      --description\
+        Update dgnum-chores')\" ]; then\n    tea pr create \\\n      --description
-        \ \"Automatic npins update\" \\\n      --title \"chore(npins): Update\" \\\
+        \"Automatic npins update\" \\\n      --title \"chore(npins): Update\" \\\n\
-        \n      --head npins-update\n  fi\nfi\n"
+        \      --head npins-update\n  fi\nfi\n"
 name: npins update
-'on':
+on:
   schedule:
   - cron: 25 15 * * *

.forgejo/workflows/pre-commit.yaml

@@ -7,6 +7,6 @@ jobs:
       run: nix-shell -A pre-commit --run 'pre-commit run --all-files --hook-stage
         pre-push --show-diff-on-failure'
 name: Run pre-commit on all files
-'on':
+on:
 - push
 - pull_request

hive.nix

@@ -64,23 +64,12 @@ in
   };
 
   defaults =
-    {
+    { name, nodeMeta, ... }:
-      pkgs,
-      name,
-      nodeMeta,
-      ...
-    }:
     {
       # Import the default modules
       imports = [
         ./modules
-        (import "${sources.lix-module}/module.nix" {
+        (import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
-          lix = pkgs.applyPatches {
-            name = "lix-2.90.patched";
-            src = sources.lix;
-            patches = [ ./patches/00-disable-installChecks-lix.patch ];
-          };
-        })
       ];
 
       # Include default secrets

machines/compute01/ds-fr/default.nix

@@ -1,7 +1,14 @@
-{ config, ... }:
+{
+  config,
+  pkgs,
+  sources,
+  ...
+}:
 
 let
   host = "demarches.dgnum.eu";
+
+  dgn-id = "fca8f72cd60c00e74d7735ec13e4e3a22e8e1244";
 in
 {
   imports = [ ./module.nix ];
@@ -11,6 +18,18 @@ in
   services.demarches-simplifiees = {
     enable = true;
 
+    package =
+      ((import sources.nix-pkgs { inherit pkgs; }).demarches-simplifiees.override {
+        initialDeploymentDate = "20230923";
+      }).overrideAttrs
+        (old: {
+          dsModules = old.dsModules.overrideAttrs {
+            prePatch = ''
+              ${pkgs.lib.getExe pkgs.git} apply -p1 < ${builtins.fetchurl "https://git.dgnum.eu/DGNum/demarches-normaliennes/commit/${dgn-id}.patch"}
+            '';
+          };
+        });
+
     secretFile = config.age.secrets."ds-fr-secret_file".path;
 
     initialDeploymentDate = "20230923";

machines/storage01/forgejo-runners.nix

@@ -31,7 +31,7 @@ in
 
     inherit url;
 
-    storePath = "/data/slow/nix";
+    storePath = "/data/slow";
     tokenFile = config.age.secrets."forgejo_runners-token_file".path;
 
     dependencies = [

npins/sources.json

@@ -240,9 +240,9 @@
         "url": "https://git.hubrecht.ovh/hubrecht/nix-pkgs"
       },
       "branch": "main",
-      "revision": "e27e07f9c03a3bc756f9447a2288ca6f14130ffc",
+      "revision": "0a4b564221481b5c40a677f8bfd5760f7b3398f8",
       "url": null,
-      "hash": "06vydk09wniygpy04yjh07g9raswimhwwfj1cysigx2lxrg0997a"
+      "hash": "121fqmr1jvsnnc5marvnsj3ic0w9f11lq3sx9ly197kc5rc1naj3"
     },
     "nixos-24.05": {
       "type": "Channel",

patches/default.nix

@@ -1,4 +1,11 @@
 {
+  lix = [
+    {
+      _type = "static";
+      path = ./00-disable-installChecks-lix.patch;
+    }
+  ];
+
   "nixos-24.05" = [
     {
       _type = "static";