FAQ/Pinning Nixpkgs: Difference between revisions
imported>Zie m formatting cleanup |
imported>Profpatsch Move the unstable service section down, since it is less relevant to most people than general nixpkgs pinning |
||
Line 3: | Line 3: | ||
separately on their own terms, and to ensure their deployability is | separately on their own terms, and to ensure their deployability is | ||
not impacted by other systems' requirements. | not impacted by other systems' requirements. | ||
== Nix 2.0 onwards == | == Nix 2.0 onwards == | ||
Line 225: | Line 144: | ||
in import patchedPkgs {}; | in import patchedPkgs {}; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== Pinning an unstable service == | |||
How to upgrade a single package and service to an unstable version | |||
There is probably a better way, especially once flakes comes around. Some packages, let you specify which <code>package</code> to run as an option for instance. Most don't in my experience. This is how you do it for one that doesn't. | |||
add to configuration.nix a set allowing unstable packages. | |||
This assumes a channel named <code>nixpkgs-unstable</code> exists, like so: | |||
<syntaxhighlight lang="bash"> | |||
nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs-unstable | |||
nix-channel --update | |||
</syntaxhighlight> | |||
then in <code>configuration.nix</code> allow unstable packages: | |||
<syntaxhighlight lang="nix"> | |||
# Allow unstable packages. | |||
nixpkgs.config = { | |||
allowUnfree = true; | |||
packageOverrides = pkgs: { | |||
unstable = import <nixpkgs-unstable> { | |||
config = config.nixpkgs.config; | |||
}; | |||
}; | |||
}; | |||
</syntaxhighlight> | |||
This means you can now refer to unstable packages as <code>pkgs.unstable.nameofpackage</code> which is great. | |||
For example: | |||
<syntaxhighlight lang="nix"> | |||
environment.systemPackages = with pkgs; [ | |||
unstable.bind | |||
unstable.dnsutils | |||
vim | |||
]; | |||
</syntaxhighlight> | |||
This will use unstable bind and dnsutils, but the stable vim. | |||
Except bind is a service, and if you want a service....usually you just do something like: | |||
<syntaxhighlight lang="nix"> | |||
services.bind.enable = true; | |||
... | |||
</syntaxhighlight> | |||
Except services will refer to <code>pkgs.bind</code>, not <code>pkgs.unstable.bind</code> | |||
so disable services.bind and create your own: | |||
<syntaxhighlight lang="nix"> | |||
users.users.named = | |||
{ uid = config.ids.uids.bind; | |||
description = "BIND daemon user"; | |||
}; | |||
systemd.services.mybind = { | |||
description = "BIND Domain Name Server"; | |||
unitConfig.Documentation = "man:named(8)"; | |||
after = [ "network.target" ]; | |||
wantedBy = [ "multi-user.target" ]; | |||
preStart = '' | |||
mkdir -m 0755 -p /etc/bind | |||
if ! [ -f "/etc/bind/rndc.key" ]; then | |||
${pkgs.unstable.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u named -a -A hmac-sha256 2>/dev/null | |||
fi | |||
${pkgs.coreutils}/bin/mkdir -p /run/named | |||
chown named /run/named | |||
''; | |||
serviceConfig = { | |||
ExecStart = "${pkgs.unstable.bind.out}/sbin/named -u named -4 -c /etc/bind/named.conf -f"; | |||
ExecReload = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' reload"; | |||
ExecStop = "${pkgs.unstable.bind.out}/sbin/rndc -k '/etc/bind/rndc.key' stop"; | |||
}; | |||
}; | |||
</syntaxhighlight> | |||
where all the stuff just comes from the bind services definition(which you can get from the source link on the nixos options page.) | |||
Just replace named variables, and replace <code>${pkgs.bind.out</code> with <code>${pkgs.unstable.bind.out}</code> |