NixOS Wiki

FAQ/Pinning Nixpkgs: Difference between revisions

← Older edit
VisualWikitext
imported>Eyeinsky
Vater (talk | contribs)
37 edits
mNo edit summary
 
(5 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{FAQ/breadcrumb}}
It is possible (and indeed, fairly easy) to pin a specific version of
It is possible (and indeed, fairly easy) to pin a specific version of
Nixpkgs. This can be used to upgrade individual applications
Nixpkgs. This can be used to upgrade individual applications
Line 183: Line 184:


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
  environment.systemPackages = with pkgs; [
environment.systemPackages = with pkgs; [
        unstable.bind
  unstable.bind
        unstable.dnsutils
  unstable.dnsutils
        vim
  vim
  ];
];
</syntaxhighlight>
</syntaxhighlight>


Line 195: Line 196:


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
services.bind.enable = true;
services.bind.enable = true;
...
...
</syntaxhighlight>
</syntaxhighlight>


Line 204: Line 205:


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
  users.users.named =
users.users.named = {
      { uid = config.ids.uids.bind;
  uid = config.ids.uids.bind;
        description = "BIND daemon user";
  description = "BIND daemon user";
      };
};
  systemd.services.mybind = {
systemd.services.mybind = {
        description = "BIND Domain Name Server";
  description = "BIND Domain Name Server";
        unitConfig.Documentation = "man:named(8)";
  unitConfig.Documentation = "man:named(8)";
        after = [ "network.target" ];
  after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
  wantedBy = [ "multi-user.target" ];
        preStart = ''
  preStart = ''
        mkdir -m 0755 -p /etc/bind
    mkdir -m 0755 -p /etc/bind
        if ! [ -f "/etc/bind/rndc.key" ]; then
    if ! [ -f "/etc/bind/rndc.key" ]; then
          ${pkgs.unstable.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u named -a -A hmac-sha256 2>/dev/null
      ${pkgs.unstable.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u named -a -A hmac-sha256 2>/dev/null
        fi
    fi
        ${pkgs.coreutils}/bin/mkdir -p /run/named
    ${pkgs.coreutils}/bin/mkdir -p /run/named
        chown named /run/named
    chown named /run/named
      '';
  '';
        serviceConfig = {
  serviceConfig = {
        ExecStart = "${pkgs.unstable.bind.out}/sbin/named -u named -4 -c /etc/bind/named.conf -f";
    ExecStart = "${pkgs.unstable.bind.out}/sbin/named -u named -4 -c /etc/bind/named.conf -f";
        ExecReload = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' reload";
    ExecReload = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' reload";
        ExecStop   = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' stop";
    ExecStop = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' stop";
      };
  };
 
};
};
</syntaxhighlight>
</syntaxhighlight>
Line 232: Line 232:
where all the stuff just comes from the bind services definition(which you can get from the source link on the nixos options page.)
where all the stuff just comes from the bind services definition(which you can get from the source link on the nixos options page.)
Just replace named variables, and replace <code>${pkgs.bind.out</code> with <code>${pkgs.unstable.bind.out}</code>
Just replace named variables, and replace <code>${pkgs.bind.out</code> with <code>${pkgs.unstable.bind.out}</code>
== See also ==
* [https://nix.dev/reference/pinning-nixpkgs Pinning Nixpkgs]
* [https://nix.dev/tutorials/first-steps/towards-reproducibility-pinning-nixpkgs Towards Reproducibility: Pinning Nixpkgs]
* [https://nix.dev/guides/recipes/dependency-management.html Dependency Management]
Retrieved from "https://wiki.nixos.org/wiki/FAQ/Pinning_Nixpkgs"