|
|
| Line 8: |
Line 8: |
|
| |
|
| Note: You can <code>sudo nix-channel --remove nixpkgs</code>, but you still need a nix-channel for nixos | | Note: You can <code>sudo nix-channel --remove nixpkgs</code>, but you still need a nix-channel for nixos |
| | |
| | Be aware that this also pins all dependencies of the application which often causes issues for GUI applications and also brings in back outdated and potentially vulnerable dependencies. |
|
| |
|
| <pre> | | <pre> |
| Line 13: |
Line 15: |
| nixos https://nixos.org/channels/nixos-21.05 | | nixos https://nixos.org/channels/nixos-21.05 |
| </pre> | | </pre> |
|
| |
| == Nix 2.0 onwards ==
| |
|
| |
|
| Nix 2.0 introduces new builtins, <code>fetchTarball</code> and <code>fetchGit</code>, which make it possible to fetch a specific version of nixpkgs without depending on an existing one: | | Nix 2.0 introduces new builtins, <code>fetchTarball</code> and <code>fetchGit</code>, which make it possible to fetch a specific version of nixpkgs without depending on an existing one: |
| Line 29: |
Line 29: |
| </syntaxhighlight> | | </syntaxhighlight> |
|
| |
|
| Or, to use git for fetching<!-- (this has the advantage of being somewhat faster for updates, but is slower for the initial fetch) [not true anymore, the repository sharing mechanism has been disabled (https://github.com/NixOS/nix/pull/2358)]-->: | | Or, to use git for fetching: |
|
| |
|
| <syntaxhighlight lang="nix"> | | <syntaxhighlight lang="nix"> |
| Line 51: |
Line 51: |
| while evaluating anonymous function at /nix/store/b93cq865x6qxpn4dw9ivrk3yjcsm8r97-nixos-19.09/pkgs/stdenv/generic/make-derivation.nix:142:17, called from undefined position: | | while evaluating anonymous function at /nix/store/b93cq865x6qxpn4dw9ivrk3yjcsm8r97-nixos-19.09/pkgs/stdenv/generic/make-derivation.nix:142:17, called from undefined position: |
| program 'git' failed with exit code 128 | | program 'git' failed with exit code 128 |
| </syntaxhighlight>
| |
|
| |
| == Before 2.0 ==
| |
|
| |
| The following code uses the host's Nixpkgs as a
| |
| springboard to fetch and import a specific, pinned version of Nixpkgs.
| |
| This is safe because the specific code we're using from the variable
| |
| host Nixpkgs is using a very stable API, and will be thrown away as
| |
| soon as we are done importing the pinned version of Nixpkgs.
| |
|
| |
| Where before you would use <code>pkgs = import <nixpkgs> {}</code>
| |
| (which uses the host's Nixpkgs version) you can pin to an exact
| |
| version of Nixpkgs by instead using:
| |
|
| |
|
| |
| <syntaxhighlight lang="nix">
| |
| pkgs = let
| |
| hostPkgs = import <nixpkgs> {};
| |
| pinnedPkgs = hostPkgs.fetchFromGitHub {
| |
| owner = "NixOS";
| |
| repo = "nixpkgs";
| |
| # nixos-unstable as of 2017-11-13T08:53:10-00:00
| |
| rev = "ac355040656de04f59406ba2380a96f4124ebdad";
| |
| sha256 = "0frhc7mnx88sird6ipp6578k5badibsl0jfa22ab9w6qrb88j825";
| |
| };
| |
| in import pinnedPkgs {}
| |
| </syntaxhighlight>
| |
|
| |
| This can also be instead used to pull nixpkgs from an internal fork of
| |
| Nixpkgs, with your own changes on top. Note, however, as it stands
| |
| Nix 1.11 has difficulties fetching repositories which require
| |
| authentication, this is to be fixed in Nix 1.12.
| |
|
| |
| The package <code>nix-prefetch-git</code> can be used to automatically
| |
| calculate the current version and hash of a branch, and output the
| |
| information to a file:
| |
|
| |
| <syntaxhighlight>
| |
| $ nix-shell -p nix-prefetch-git
| |
|
| |
| [nix-shell:~]$ nix-prefetch-git https://github.com/nixos/nixpkgs.git refs/heads/nixos-unstable > nixpkgs-version.json
| |
|
| |
| ...
| |
|
| |
| [nix-shell:~]$ cat nixpkgs-version.json
| |
| {
| |
| "url": "https://github.com/nixos/nixpkgs.git",
| |
| "rev": "f607771d0f5e4fa905afff1c772febd9f3103e1a",
| |
| "date": "2018-01-09T11:18:25-05:00",
| |
| "sha256": "1icphqpdcl8akqhfij2pxkfr7wfn86z5sr3jdjh88p9vv1550dx7",
| |
| "fetchSubmodules": true
| |
| }
| |
| </syntaxhighlight>
| |
|
| |
| This file can then be used to specify the version of Nixpkgs:
| |
|
| |
| <syntaxhighlight lang="nix">
| |
| pkgs = let
| |
| hostPkgs = import <nixpkgs> {};
| |
| pinnedVersion = hostPkgs.lib.importJSON ./nixpkgs-version.json;
| |
| pinnedPkgs = hostPkgs.fetchFromGitHub {
| |
| owner = "NixOS";
| |
| repo = "nixpkgs";
| |
| inherit (pinnedVersion) rev sha256;
| |
| };
| |
| in import pinnedPkgs {};
| |
| </syntaxhighlight>
| |
|
| |
| Finally, this can be taken a step further, and you can apply extra
| |
| patches to the pinned version of Nixpkgs, for perhaps PRs that are not
| |
| yet merged, or private internal changes that you need. If you take
| |
| this route, probably best to move the following in to its own file
| |
| that you then import.
| |
|
| |
| <syntaxhighlight lang="nix">
| |
| pkgs = let
| |
| hostPkgs = import <nixpkgs> {};
| |
| pinnedVersion = hostPkgs.lib.importJSON ./nixpkgs-version.json;
| |
| pinnedPkgs = hostPkgs.fetchFromGitHub {
| |
| owner = "NixOS";
| |
| repo = "nixpkgs";
| |
| inherit (pinnedVersion) rev sha256;
| |
| };
| |
|
| |
| patches = [
| |
| ./patches/0001-my-nixpkgs-change.patch
| |
| ];
| |
|
| |
| patchedPkgs = hostPkgs.runCommand "nixpkgs-${pinnedVersion.rev}"
| |
| {
| |
| inherit pinnedPkgs;
| |
| inherit patches;
| |
| }
| |
| ''
| |
| cp -r $pinnedPkgs $out
| |
| chmod -R +w $out
| |
| for p in $patches; do
| |
| echo "Applying patch $p";
| |
| patch -d $out -p1 < "$p";
| |
| done
| |
| '';
| |
| in import patchedPkgs {};
| |
| </syntaxhighlight> | | </syntaxhighlight> |
|
| |
|