[PATCH v2 1/2] Add flakes support
Signed-off-by: Valentin Kharin <valentin.kharin@unikie.com> --- flake.lock | 43 ++++++++++++++++++++++++++++++++ flake.lock.license | 3 +++ flake.nix | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+) create mode 100644 flake.lock create mode 100644 flake.lock.license create mode 100644 flake.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..aa4ee5e --- /dev/null +++ b/flake.lock @@ -0,0 +1,43 @@ +{ + "nodes": { + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1669635185, + "narHash": "sha256-vYg6GjnsEWNWt/4TmfFN9WtQmSXb4S796J2UOfyTcW0=", + "ref": "refs/heads/rootfs", + "rev": "3176ddef4b4cec85faa2f49d29ce74816d452dc0", + "revCount": 429673, + "type": "git", + "url": "https://spectrum-os.org/git/nixpkgs/" + }, + "original": { + "ref": "refs/heads/rootfs", + "type": "git", + "url": "https://spectrum-os.org/git/nixpkgs/" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.lock.license b/flake.lock.license new file mode 100644 index 0000000..a8a7980 --- /dev/null +++ b/flake.lock.license @@ -0,0 +1,3 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2022 Unikie + diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..ab54fed --- /dev/null +++ b/flake.nix @@ -0,0 +1,62 @@ +# SPDX-License-Identifier: MIT +# SPDX-FileCopyrightText: 2022 Unikie + +{ + description = "A compartmentalized operating system"; + + # NOTE: Revision specification format is ?ref=refs%2fheads%2f<BRANCH>&rev=<COMMIT_REVISION> + inputs.nixpkgs.url = + "git+https://spectrum-os.org/git/nixpkgs/?ref=refs%2fheads%2frootfs"; + inputs.flake-utils.url = "github:numtide/flake-utils"; + + nixConfig = { + extra-substituters = [ "https://cache.dataaturservice.se/spectrum/" ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-1:rnnSumz3+Dbs5uewPlwZSTP0k3g/5SRG4hD7Wbr9YuQ=" + ]; + }; + + outputs = { self, nixpkgs, flake-utils }: + let + supportedSystems = with flake-utils.lib.system; [ x86_64-linux aarch64-linux ]; + in flake-utils.lib.eachSystem supportedSystems (system: + let + pkgs = nixpkgs.legacyPackages.${system}; + config = { inherit pkgs; }; + lib = pkgs.lib; + + mkEntryPoint = { name ? builtins.baseNameOf path, path + , enableShell ? true, enablePackage ? true }: + let + shell = { + # NOTE: https://stackoverflow.com/a/43850372 + devShells.${name} = + import (path + "/shell.nix") { inherit config; }; + }; + package = { packages.${name} = import path { inherit config; }; }; + in (if enableShell then shell else { }) + // (if enablePackage then package else { }); + + # Entry point is a directory with shell.nix and default.nix + # This function maps every entry point to corresponding devShell and package + mapEntryPoints = epoints: + builtins.foldl' lib.recursiveUpdate { } (map mkEntryPoint epoints); + in lib.recursiveUpdate (mapEntryPoints [ + { + path = ./.; + enablePackage = false; + } + { path = ./host/initramfs; } + { path = ./host/rootfs; } + { path = ./host/start-vm; } + { path = ./img/app; } + { path = ./release/live; } + { path = ./vm/sys/net; } + ]) { + # Add some other flake schema related stuff here. + # NOTE: flake-utils.lib.eachDefaultSystem automagically adds ${system}. + devShells.documentation = import ./Documentation { inherit config; }; + packages.documentation = import ./Documentation { inherit config; }; + }); +} -- 2.38.1
Signed-off-by: Valentin Kharin <valentin.kharin@unikie.com> --- .../installation/getting-spectrum.adoc | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/Documentation/installation/getting-spectrum.adoc b/Documentation/installation/getting-spectrum.adoc index 6aec34f..ec13145 100644 --- a/Documentation/installation/getting-spectrum.adoc +++ b/Documentation/installation/getting-spectrum.adoc @@ -22,6 +22,13 @@ If you want to try Spectrum out to get a feel for it, without installing it, you can run it in a development VM with some example applications. +This builds just enough of Spectrum to try it out in a VM, but it will +still take a very long time. + +You can use one of the following methods to build Spectrum. + +=== Default + [source,shell] ---- git clone https://spectrum-os.org/git/spectrum @@ -32,8 +39,17 @@ cd spectrum/host/rootfs nix-shell -I nixpkgs=../../../nixpkgs-spectrum --run 'make run' ---- -This builds just enough of Spectrum to try it out in a VM, but it will -still take a very long time. +=== Flakes + +Flakes is more hermetic, fast, and reproducable way of building. + +[source,shell] +---- +git clone https://spectrum-os.org/git/spectrum && cd spectrum +nix develop .#rootfs && cd host/rootfs/ && make run +---- + +For more information on flakes, see https://nixos.wiki/wiki/Flakes[NixOS Wiki]. == Building Installer -- 2.38.1
On Tue, Dec 27, 2022 at 11:16:03AM +0200, Valentin Kharin wrote:
Signed-off-by: Valentin Kharin <valentin.kharin@unikie.com> --- flake.lock | 43 ++++++++++++++++++++++++++++++++ flake.lock.license | 3 +++ flake.nix | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+) create mode 100644 flake.lock create mode 100644 flake.lock.license create mode 100644 flake.nix
Hi! Thanks for v2! I've actually tried this out now, and it's nice! :) I have a couple of questions about how particular concepts will map to flakes: - How will custom configurations work? There are a few mechanisms that can be used today (NIX_PATH, config.nix in the source tree, passing an argument when importing Spectrum), but I don't think the flake exposes any of these? - How would using img/app/shell.nix to test different appvms work? Currently, I do e.g. nix-shell --arg run ../../vm/app/lynx.nix to get a shell where I can do a test run of that VM, but --arg apparently can't be used with flakes either. What would an equivalent workflow be? One code comment below as well.
diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..ab54fed --- /dev/null +++ b/flake.nix @@ -0,0 +1,62 @@ +# SPDX-License-Identifier: MIT +# SPDX-FileCopyrightText: 2022 Unikie + +{ + description = "A compartmentalized operating system"; + + # NOTE: Revision specification format is ?ref=refs%2fheads%2f<BRANCH>&rev=<COMMIT_REVISION> + inputs.nixpkgs.url = + "git+https://spectrum-os.org/git/nixpkgs/?ref=refs%2fheads%2frootfs"; + inputs.flake-utils.url = "github:numtide/flake-utils"; + + nixConfig = { + extra-substituters = [ "https://cache.dataaturservice.se/spectrum/" ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-1:rnnSumz3+Dbs5uewPlwZSTP0k3g/5SRG4hD7Wbr9YuQ=" + ]; + }; + + outputs = { self, nixpkgs, flake-utils }: + let + supportedSystems = with flake-utils.lib.system; [ x86_64-linux aarch64-linux ]; + in flake-utils.lib.eachSystem supportedSystems (system: + let + pkgs = nixpkgs.legacyPackages.${system}; + config = { inherit pkgs; }; + lib = pkgs.lib; + + mkEntryPoint = { name ? builtins.baseNameOf path, path + , enableShell ? true, enablePackage ? true }: + let + shell = { + # NOTE: https://stackoverflow.com/a/43850372 + devShells.${name} = + import (path + "/shell.nix") { inherit config; }; + }; + package = { packages.${name} = import path { inherit config; }; }; + in (if enableShell then shell else { }) + // (if enablePackage then package else { }); + + # Entry point is a directory with shell.nix and default.nix + # This function maps every entry point to corresponding devShell and package + mapEntryPoints = epoints: + builtins.foldl' lib.recursiveUpdate { } (map mkEntryPoint epoints);
This set of helper functions (plus the flake-utils dependency) was a bit scary to me, so I did some experimentation on my own and came up with this: (I didn't bother adding every component.) outputs = { self, nixpkgs }: let inherit (nixpkgs.lib) foldAttrs mergeAttrs; in foldAttrs mergeAttrs {} (map (system: let config = { pkgs = nixpkgs.legacyPackages.${system}; }; in { devShells.${system} = { root = import ./shell.nix { inherit config; }; appvm = import img/app/shell.nix { inherit config; }; documentation = import ./Documentation { inherit config; }; initramfs = import host/initramfs/shell.nix { inherit config; }; }; packages.${system} = { documentation = import ./Documentation { inherit config; }; appvm = import img/app { inherit config; }; initramfs = import host/initramfs { inherit config; }; }; }) [ "aarch64-linux" "x86_64-linux" ]); So from what I can tell, flake-utils in particular wasn't really buying us much? IMO, it also ends up being a lot easier to understand without to have the components inlined like this, even at the expense of having to list a component twice if it needs to have both a package and a devShell. It saves people from having to figure out what a couple of fairly complicated functions are doing when they want to understand how things work or debug a problem. What do you think?
+ in lib.recursiveUpdate (mapEntryPoints [ + { + path = ./.; + enablePackage = false; + } + { path = ./host/initramfs; } + { path = ./host/rootfs; } + { path = ./host/start-vm; } + { path = ./img/app; } + { path = ./release/live; } + { path = ./vm/sys/net; } + ]) { + # Add some other flake schema related stuff here. + # NOTE: flake-utils.lib.eachDefaultSystem automagically adds ${system}. + devShells.documentation = import ./Documentation { inherit config; }; + packages.documentation = import ./Documentation { inherit config; }; + }); +} -- 2.38.1
participants (2)
-
Alyssa Ross -
Valentin Kharin