diff --git a/nix/flake.lock b/nix/flake.lock index 28342dc..2f1658c 100644 --- a/nix/flake.lock +++ b/nix/flake.lock @@ -227,17 +227,17 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1731133565, - "narHash": "sha256-tCErjTdCUWK06LzkcvwUM+3pyrrmdf8e0VDBBTgqznE=", + "lastModified": 1730940508, + "narHash": "sha256-sXS72AYXN/V1Ehp82/46Rqjw5Q6ayCy28ku3980+LSM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "11f65b4b0405cff5b54c813626bddcf5435d7ad2", + "rev": "f39f1d2a8fe191e442ce641a6dc1320f6aa17d04", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-24.05", "repo": "nixpkgs", + "rev": "f39f1d2a8fe191e442ce641a6dc1320f6aa17d04", "type": "github" } }, diff --git a/nix/flake.nix b/nix/flake.nix index 2146b17..f019efe 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -37,7 +37,8 @@ }; inputs = { - nixpkgs-stable.url = "github:NixOS/nixpkgs/release-24.05"; + # nixpkgs-stable.url = "github:NixOS/nixpkgs/release-24.05"; # FIXME: p11-kit failed to build + nixpkgs-stable.url = "github:NixOS/nixpkgs/f39f1d2a8fe191e442ce641a6dc1320f6aa17d04"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53"; nur.url = "github:nix-community/NUR"; diff --git a/nix/lib/mkCommon.nix b/nix/lib/mkCommon.nix index a4eebd7..7b08122 100644 --- a/nix/lib/mkCommon.nix +++ b/nix/lib/mkCommon.nix @@ -8,7 +8,16 @@ let py.dnspython ])); }; - custom.inkscape = if pkgs.stdenv.isDarwin then pkgs.casks.inkscape else (pkgs.inkscape.override { python3 = custom.python; }); + custom.inkscape = + if pkgs.stdenv.isDarwin then + pkgs.casks.inkscape + else + (pkgs.inkscape.override { python3 = custom.python; }); + custom.fastfetch = + if pkgs.stdenv.isDarwin then + pkgs.fastfetch.override { imagemagick_light = pkgs.imagemagick; } + else + pkgs.fastfetch; in { inherit custom; packages = [ @@ -17,6 +26,7 @@ in { pkgs.zoxide pkgs.ruby pkgs._7zz + custom.fastfetch pkgs.enchive (pkgs.pass.withExtensions (exts: [ exts.pass-otp ])) diff --git a/nix/systems/darwin/configuration.nix b/nix/systems/darwin/configuration.nix index f6f8582..240e93d 100644 --- a/nix/systems/darwin/configuration.nix +++ b/nix/systems/darwin/configuration.nix @@ -2,6 +2,24 @@ let libFixup = import ../../lib/darwin/libFixup.nix; + nix-srisum = pkgs.writeShellScriptBin "nix-srisum" '' + nix-hash --to-sri --type sha256 $(nix-prefetch-url ''$1) + ''; + nix-srisum-unzip = pkgs.writeShellScriptBin "nix-srisum-unzip" '' + FILES_TO_DOWNLOAD=($@) + mkdir -p /tmp/nix-srisum-unzip-files + for i in "''${FILES_TO_DOWNLOAD[@]}"; do + filename="''$(uuidgen):archive.zip" + wget -q -O /tmp/nix-srisum-unzip-files/$filename ''$i + + dirname="$(uuidgen):extract" + mkdir -p /tmp/nix-srisum-unzip-files/$dirname + unzip -qq -d /tmp/nix-srisum-unzip-files/$dirname /tmp/nix-srisum-unzip-files/$filename + + hash=$(nix-hash --to-sri --type sha256 $(nix-hash --type sha256 /tmp/nix-srisum-unzip-files/$dirname)) + echo "''$hash - ''$i" + done + ''; in { # I don't want to risk breaking my hackintosh setup in case Apple decided to # turn on auto install by default. @@ -19,7 +37,6 @@ in { pkgs.eza pkgs.coreutils-full pkgs.rclone - pkgs.fastfetch pkgs.casks.iterm2 pkgs.nmap pkgs.cargo @@ -28,6 +45,8 @@ in { pkgs.undmg pkgs.mkalias pkgs.jq + nix-srisum + nix-srisum-unzip # lan-mouse deps # FIXME: Find a better way to link /lib to /usr/local/opt//lib