You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This also includes two other changes:
- Upgrade the Nix / Nixpkgs version
- Lock the flake files
Unfortunately it will be a bit tricky to decouple those changes so I'm
bundling them together.
Copy file name to clipboardexpand all lines: manuscript/AdvancedModules.md
+3-3
Original file line number
Diff line number
Diff line change
@@ -36,7 +36,7 @@ I will make use of this trick in a few examples below, so that we can simulate m
36
36
37
37
## `lib` utilities
38
38
39
-
Nixpkgs provides several utility functions for NixOS modules that are stored underneath the "`lib`" hierarchy, and you can find the source code for those functions in [`lib/modules.nix`](https://github.com/NixOS/nixpkgs/blob/22.05/lib/modules.nix).
39
+
Nixpkgs provides several utility functions for NixOS modules that are stored underneath the "`lib`" hierarchy, and you can find the source code for those functions in [`lib/modules.nix`](https://github.com/NixOS/nixpkgs/blob/23.11/lib/modules.nix).
40
40
41
41
{blurb, class: information}
42
42
If you want to become a NixOS module system expert, take the time to read and understand all of the code in `lib/modules.nix`.
@@ -318,7 +318,7 @@ error: The option `systemd.services.nginx.serviceConfig.RestartSec' has conflict
318
318
(use '--show-trace' to show detailed location information)
319
319
```
320
320
321
-
The problem is that when we enable `nginx` that automatically defines a whole bunch of other NixOS options, [including `systemd.services.nginx.serviceConfig.RestartSec`](https://github.com/NixOS/nixpkgs/blob/nixos-22.05/nixos/modules/services/web-servers/nginx/default.nix#L890). This option is a scalar string option that disallows multiple distinct values because the NixOS module system by default has no way to known which one to pick to resolve the conflict.
321
+
The problem is that when we enable `nginx` that automatically defines a whole bunch of other NixOS options, [including `systemd.services.nginx.serviceConfig.RestartSec`](https://github.com/NixOS/nixpkgs/blob/23.11/nixos/modules/services/web-servers/nginx/default.nix#L1234). This option is a scalar string option that disallows multiple distinct values because the NixOS module system by default has no way to known which one to pick to resolve the conflict.
322
322
323
323
However, we can use `mkOverride` to annotate our value with a higher priority so that it overrides the other conflicting definition:
324
324
@@ -472,7 +472,7 @@ If you launch the above NixOS configuration you should be able to verify that th
@@ -336,7 +336,7 @@ So `sops` doesn't completely solve the problem of secrets management (you still
336
336
To use the `sops` command-line tool we'll need to convert our SSH primary key pair into an age key pair. This step is performed by the admin who has access to both the SSH public key and the SSH private key and requires the `ssh-to-age` command-line tool, which you can obtain like this:
The public key of our age key pair will be stored in a `.sops.yaml` configuration file which lives in version control. To create the age public key, run:
@@ -380,7 +380,7 @@ Create a [fine-grained personal access token](https://docs.github.com/en/authent
380
380
Fetch the `sops` command-line tool by running:
381
381
382
382
```bash
383
-
$ nix shell 'github:NixOS/nixpkgs/22.11#sops'
383
+
$ nix shell 'github:NixOS/nixpkgs/23.11#sops'
384
384
```
385
385
386
386
… and then create a new secrets file by running:
@@ -461,7 +461,7 @@ Now we can distribute the GitHub personal access token stored inside of `secrets
0 commit comments