Jump to content

FAQ/Pinning Nixpkgs: Difference between revisions

FAQ/Pinning Nixpkgs (view source)

Revision as of 01:01, 13 June 2024

824 bytes added ,  13 June
m
no edit summary
VisualWikitext
imported>Zie
(How to upgrade a single package and service to an unstable version)
mNo edit summary
 
(9 intermediate revisions by 6 users not shown)
Line 4: Line 4:
not impacted by other systems' requirements.
not impacted by other systems' requirements.


== Pinning an unstable service ==
Another reason why one would want to pin nixpkgs is to get older versions of a specific software. [https://lazamar.co.uk/nix-versions/ This site] can show you all the versions a package went through, and what nixpkgs revision to use to get your specific version.
How to upgrade a single package and service to an unstable version
 
There is probably a better way, especially once flakes comes around.  Some packages, let you specify which <code>package</code> to run as an option for instance.  Most don't in my experience. This is how you do it for one that doesn't.
 
add to configuration.nix a set allowing unstable packages.
This assumes a channel named <code>nixpkgs-unstable</code> exists, like so:
<syntaxhighlight lang="bash">
nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs-unstable
nix-channel --update
</syntaxhighlight>
 
<syntaxhighlight lang="nix">
# Allow unstable packages.
nixpkgs.config = {
  allowUnfree = true;
  packageOverrides = pkgs: {
    unstable = import <nixpkgs-unstable> {
      config = config.nixpkgs.config;
    };
  };
};
</syntaxhighlight>
 
This means you can now refer to unstable packages as <code>pkgs.unstable.nameofpackage</code> which is great. 
For example:
 
<syntaxhighlight lang="nix">
  environment.systemPackages = with pkgs; [
        unstable.bind
        unstable.dnsutils
        vim
  ];
</syntaxhighlight>
  will use unstable bind and dnsutils, but the stable vim.
 
  Except bind is a service, and if you want a service....
  usually you just
 
<syntaxhighlight lang="nix">
services.bind.enable = true;
...
</syntaxhighlight>
Except services will refer to <code>pkgs.bind</code>, not <code>pkgs.unstable.bind</code>
 
so disable services.bind and create your own:
<syntaxhighlight lang="nix">
  users.users.named =
      { uid = config.ids.uids.bind;
        description = "BIND daemon user";
      };
  systemd.services.mybind = {
        description = "BIND Domain Name Server";
        unitConfig.Documentation = "man:named(8)";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
        preStart = ''
        mkdir -m 0755 -p /etc/bind
        if ! [ -f "/etc/bind/rndc.key" ]; then
          ${pkgs.unstable.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u named -a -A hmac-sha256 2>/dev/null
        fi
        ${pkgs.coreutils}/bin/mkdir -p /run/named
        chown named /run/named
      '';
        serviceConfig = {
        ExecStart  = "${pkgs.unstable.bind.out}/sbin/named -u named -4 -c /cpd/serviceData/fw/bind/named.conf -f";
        ExecReload = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' reload";
        ExecStop  = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' stop";
      };
 
};
</syntaxhighlight>
 
where all the stuff just comes from the bind services definition(which you can get from the source link on the nixos options page.)
Just replace named variables, and replace `${pkgs.bind.out}` with `${pkgs.unstable.bind.out}`


Note: You can <code>sudo nix-channel --remove nixpkgs</code>, but you still need a nix-channel for nixos


<pre>
sudo nix-channel --list
nixos https://nixos.org/channels/nixos-21.05
</pre>


== Nix 2.0 onwards ==
== Nix 2.0 onwards ==
Line 222: Line 153:
  in import patchedPkgs {};
  in import patchedPkgs {};
</syntaxhighlight>
</syntaxhighlight>
== Pinning an unstable service ==
How to upgrade a single package and service to an unstable version
There is probably a better way, especially once flakes come around. Some packages let you specify which <code>package</code> to run as an option but most don't. The following is a generic way that also works for those which don't.
add to configuration.nix a set allowing unstable packages.
This assumes a channel named <code>nixpkgs-unstable</code> exists, like so:
<syntaxhighlight lang="bash">
nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs-unstable
nix-channel --update
</syntaxhighlight>
then in <code>configuration.nix</code> allow unstable packages:
<syntaxhighlight lang="nix">
# Allow unstable packages.
nixpkgs.config = {
  allowUnfree = true;
  packageOverrides = pkgs: {
    unstable = import <nixpkgs-unstable> {
      config = config.nixpkgs.config;
    };
  };
};
</syntaxhighlight>
This means you can now refer to unstable packages as <code>pkgs.unstable.nameofpackage</code> which is great. 
For example:
<syntaxhighlight lang="nix">
  environment.systemPackages = with pkgs; [
        unstable.bind
        unstable.dnsutils
        vim
  ];
</syntaxhighlight>
This will use unstable bind and dnsutils, but the stable vim.
Except bind is a service, and if you want a service....usually you just do something like:
<syntaxhighlight lang="nix">
services.bind.enable = true;
...
</syntaxhighlight>
Except services will refer to <code>pkgs.bind</code>, not <code>pkgs.unstable.bind</code>
so disable services.bind and create your own:
<syntaxhighlight lang="nix">
  users.users.named =
      { uid = config.ids.uids.bind;
        description = "BIND daemon user";
      };
  systemd.services.mybind = {
        description = "BIND Domain Name Server";
        unitConfig.Documentation = "man:named(8)";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
        preStart = ''
        mkdir -m 0755 -p /etc/bind
        if ! [ -f "/etc/bind/rndc.key" ]; then
          ${pkgs.unstable.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u named -a -A hmac-sha256 2>/dev/null
        fi
        ${pkgs.coreutils}/bin/mkdir -p /run/named
        chown named /run/named
      '';
        serviceConfig = {
        ExecStart  = "${pkgs.unstable.bind.out}/sbin/named -u named -4 -c /etc/bind/named.conf -f";
        ExecReload = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' reload";
        ExecStop  = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' stop";
      };
};
</syntaxhighlight>
where all the stuff just comes from the bind services definition(which you can get from the source link on the nixos options page.)
Just replace named variables, and replace <code>${pkgs.bind.out</code> with <code>${pkgs.unstable.bind.out}</code>
== See also ==
- [https://nix.dev/reference/pinning-nixpkgs Pinning Nixpkgs]
- [https://nix.dev/tutorials/first-steps/towards-reproducibility-pinning-nixpkgs Towards Reproducibility: Pinning Nixpkgs]
- [https://nix.dev/guides/recipes/dependency-management.html Dependency Management]
Retrieved from "https://wiki.nixos.org/wiki/Special:MobileDiff/4978...13158"