Introduction
I’ve been using NixOS for a while now, and my biggest issue was that I have a lot of machines. Which leads to having a lot of different systems on my flake because of that hardware. The normal solution would be to use the module system, but a new issue arises when we add nix-darwin. We suddenly start to fail eval over issues because some modules don’t exist that are in the normal NixOS module system. So my new issue is that I can no longer use my small abstraction over lib.nixosSystem. I would have to expand the abstraction to include lib.darwinSystem since I can no longer unconditionally import all modules I use if they don’t exist in nix-darwin? But what if I don’t want to do that? What if I want to write my own lib.nixosSystem or my own lib.darwinSystem? What if I call it mkSystem. Well that’s exactly what I did. And this article covers how I got to that point and how my custom “builder” later evolved into easy-hosts.
The research
To start we should read the documentation for lib.evalModules. From which we find that there are 4 arguments, but 3 that we really care about. Those being modules, specialArgs and class. The modules argument is a list of modules, which are files, functions or attrsets that will be merged and then evaluated. The specialArgs argument is a attrset of arguments that are passed to the modules, but are not evaluated with the file structure in mind. The class argument is a nominal type that ensures that only compatible modules are imported. This is a very important argument, as it allows us to have different modules for different systems.
However, I’m not much a fan of reading documentation. So instead lets dig into the source code and pick it apart. To find out what we need to get our custom lib.nixosSystem working. To do this I identified 4 main files in the nixpkgs repository:
These files may seem somewhat arbitrary, but they are listed in the order they are called. The flake.nix file has our lib.nixosSystem function that calls our nixos/lib/eval-config.nix file which is a light wrapper around our final lib/modules.nix. So lets walk through those files in order and see what exactly they do.
flake.nix
This file contains our lib.nixosSystem function, which takes args as an argument. The documentation lists a set of known arguments being modules, specialArgs and modulesLocation, it also specifies some additional legacy arguments system and pkgs (both of which are now redundant).
The lib.nixosSystem then imports the nixos/lib/eval-config.nix file whilst passing lib, and the remaining args to it. It also sets system to null as well as adding nixpkgs.flake.source to nixpkgs output derivation.
nixos/lib/eval-config.nix
This file immediately points us to the fact that it is a “light wrapper” around lib.evalModules. This file also has a large collection of arguments most of which will be the defaults. A good example of this is baseModules which defaults to a list of modules from the nixpkgs repo. The most important arguments from this file are specialArgs, lib and modules. For the most part these come from the prior flake.nix file.
As we read down the file we notice that there are two additional modules that are going to be added. These are the pkgsModule and the modulesModule. These appear to be pretty strange names at first, but the pkgsModule will set nixpkgs.system if system was not null, and will set nixpkgs.pkgs if pkgs is not null. The modulesModule will add config._module.args as an attrset of noUserModules, baseModules, extraModules and modules. So now we know some of the arguments that are given to lib.evalModules lets see what that does.
nixos/lib/eval-config-minimal.nix
This file is a small wrapper upon lib.evalModules, but it gives us a little bit of guidance on how to use the class argument. As well as showing us the default for modulePath which is going to be passed as a special arg.
lib/modules.nix
This file won’t add much to our understanding of lib.evalModules, but it still is the definition of the function, so it’s good to keep in mind if we have any issues later down the line.
The implementation
Now that we have our key inputs of class, modules and specialArgs we can start implementing our own lib.nixosSystem.
Getting the basics
Let us start in our very own flake.nix by writing the following code. This will give us a basic template to work with and you, the reader, knows how to start.
{ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs = inputs: let mkSystem = import ./mksystem.nix { inherit inputs; }; in { nixosConfigurations = { mySystem = mkSystem { }; }; };}Now that we have a very bare bone flake.nix we can get started on the mkSystem function. Let’s also create the mksystem.nix file. We are going to add some basic args that we know we are going to need later such as modules, specialArgs and class. And we are going to add some defaults to these args such that we don’t get any errors if they are not provided.
{ inputs ? throw "No inputs provided", lib ? inputs.nixpkgs.lib, ...}:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: lib.evalModules { inherit modules specialArgs class;}Adding modulesPath
Now that we have our basic template down. Let’s start by adding the modulesPath, most people probably recognize this from when they first installed nix and read their hardware-configuration.nix file and saw something along the lines of modulesPath + /installer/scan/not-detected.nix. That is why we are starting with this, so that our hardware-configuration.nix will work.
The key to this is going to be including modulesPath in our specialArgs. This is because specialArgs should only be used with arguments that need to be evaluated when resolving module structure.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let modulesPath = "${inputs.nixpkgs}/nixos/modules";inlib.evalModules { inherit modules class;
# here we are merging the user provided specialArgs with the modulesPath specialArgs = { inherit modulesPath; } // specialArgs;}So close and yet so far
Only adding modulePath is a bit useless however, so we can’t exactly replace our lib.nixosSystem’s yet. So let’s work on that. We are going to start by importing baseModules, this will provide us with a base set of modules that provide abstractions over configuring your system. We can use the modulePath and get the module list.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let modulesPath = "${inputs.nixpkgs}/nixos/modules";
baseModules = import "${modulesPath}/module-list.nix";inlib.evalModules { inherit class;
specialArgs = { inherit modulesPath; } // specialArgs;
modules = baseModules ++ modules;}It actually works?
We now have a mostly functional replacement. Depending on your configuration may actually work as it is now! To keep progressing we are going to have to go back to the modulesModule from earlier. we need this such that some nixpkgs modules will work, one of these is the documentation module which will be a hard module to ignore, when so many people use it.
To fix this we are going to introduce a new module which contains config._module.args and takes a set of attrs that will be passed to each module. I’m sure most of you recognize these when writing a module and adding something like { pkgs, config, ... } to the top of a file. The config._module.args option should be used when trying to pass arguments to all modules, but should not be evaluated with file structure in mind.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let modulesPath = "${inputs.nixpkgs}/nixos/modules";
baseModules = import "${modulesPath}/module-list.nix";inlib.evalModules { inherit class;
specialArgs = { inherit modulesPath; } // specialArgs;
modules = baseModules ++ modules ++ [ { config._module.args = { inherit baseModules modules; }; } ];}Adding some of our own modules
Even better, now we have completely replaced lib.nixosSystem with our own mkSystem function. But let’s be real. That’s not enough for us. We should start abstracting some common themes between our systems. Some big examples of this are networking.hostName and nixpkgs.hostPlatform. And while were at it lets also re-add the nixpkgs.flake.source from the original lib.nixoSystem, as well as adding inputs as a special arg. As most people do this anyway, I think it’s a safe assumption we should add it. For further reading about passing inputs to modules check nobbz’s blog on getting inputs to flake modules.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:name:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let modulesPath = "${inputs.nixpkgs}/nixos/modules";
baseModules = import "${modulesPath}/module-list.nix";inlib.evalModules { inherit class;
specialArgs = { inherit inputs modulesPath; } // specialArgs;
modules = baseModules ++ modules ++ [ { config. = { _module.args = { inherit baseModules modules; };
networking.hostName = name;
nixpkgs.flake.source = inputs.nixpkgs.outPath; }; } ];}I just added name as an additional argument to our mkSystem function. This allows us to set the hostname of our system. The way I opted to write it allows for us to use mapAttrs on our nixosConfigurations. This will mean that we need to change how the original flake.nix works though.
{ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs = inputs: let mkSystem = import ./mksystem.nix { inherit inputs; }; in { nixosConfigurations = builtins.mapAttrs mkSystem { mySystem = { }; }; };}Furthermore, notice how I lied about settings nixpkgs.hostPlatform. If your curious why, maybe you should read my last blog post about it. (Shameless plug)
Darwin compatibility
One of the main reasons I wanted to make this was to support lib.darwinSystem. So let’s address that now.
To introduce Darwin support we are allowing users to set the class argument to darwin from there we can determine what modules to import. As a result of this you may notice that Darwin has a different set of modules which introduced some new options to set for this system type. This includes nixpkgs.source and darwinVersionSuffix and darwinRevision. Some of these are for commands like darwin-version.
You may also notice that we had to add system = eval.config.system.build.toplevel back into the final eval produced by our Darwin eval. This is required to swap to the configuration, otherwise it won’t work at all. This is because the system output is used by darwin-rebuild, to identify the final build output.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:name:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let # this is new? what is it? # I'm glad you asked, this is a nice way of checking if we have our darwin and nixpkgs inputs nixpkgs = inputs.nixpkgs or (throw "No nixpkgs input found"); darwin = inputs.darwin or inputs.nix-darwin or (throw "No nix-darwin input found");
modulesPath = if class == "darwin" then "${darwin}/modules" else "${nixpkgs}/nixos/modules";
baseModules = import "${modulesPath}/module-list.nix";
eval = lib.evalModules { inherit class;
specialArgs = { inherit inputs modulesPath; } // specialArgs;
modules = baseModules ++ modules ++ [ { config. = { _module.args = { inherit baseModules modules; };
networking.hostName = name;
nixpkgs.flake.source = nixpkgs.outPath; }; } ] ++ lib.optionals (class == "darwin") [ { config = { nixpkgs.source = nixpkgs.outPath;
system = { checks.verifyNixPath = false;
darwinVersionSuffix = ".${darwin.shortRev or darwin.dirtyShortRev or "dirty"}"; darwinRevision = darwin.rev or darwin.dirtyRev or "dirty"; }; }; } ]; };in if class == "darwin" then (eval // { system = eval.config.system.build.toplevel; }) else eval;The final touch
The final and maybe the best bit is adding inputs'. For those who are unaware of flake-parts, you probably are not aware of the greatness that is inputs'. The diff below shows the advantage of using inputs' over inputs for accessing packages.
inputs.input-name.packages.${pkgs.stdenv.hostPlatform.system}.package-nameinputs'.input-name.packages.package-nameIs that not awesome? So how can we replicate that for ourselves?
What we will need to do is map over all inputs, and their outputs and select the output dependent on the host platform, if a system dependent output exists, otherwise it will leave it as is. We can achieve that with the following code:
inputs' = lib.mapAttrs (_: lib.mapAttrs (_: v: v.${config.nixpkgs.hostPlatform} or v)) inputs;Or if you are using flake-parts, you may prefer using the following code instead:
withSystem config.nixpkgs.hostPlatform ({ inputs', ... }: { inherit inputs'; });So let’s add that to our mkSystem function.
{ inputs, lib ? inputs.nixpkgs.lib, ...}:name:{ modules ? [ ], specialArgs ? { }, class ? "nixos",}: let nixpkgs = inputs.nixpkgs or (throw "No nixpkgs input found"); darwin = inputs.darwin or inputs.nix-darwin or (throw "No nix-darwin input found");
modulesPath = if class == "darwin" then "${darwin}/modules" else "${nixpkgs}/nixos/modules";
baseModules = import "${modulesPath}/module-list.nix";
eval = lib.evalModules { inherit class;
specialArgs = { inherit inputs modulesPath; } // specialArgs;
modules = baseModules ++ modules ++ [ ({ config, ... }: { config = { _module.args = { inherit baseModules modules;
inputs' = lib.mapAttrs (_: lib.mapAttrs (_: v: v.${config.nixpkgs.hostPlatform} or v)) inputs; };
networking.hostName = name;
nixpkgs.flake.source = nixpkgs.outPath; }; }) ] ++ lib.optionals (class == "darwin") [ { config = { nixpkgs.source = nixpkgs.outPath;
system = { checks.verifyNixPath = false;
darwinVersionSuffix = ".${darwin.shortRev or darwin.dirtyShortRev or "dirty"}"; darwinRevision = darwin.rev or darwin.dirtyRev or "dirty"; }; }; } ]; };in if class == "darwin" then (eval // { system = eval.config.system.build.toplevel; }) else eval;Conclusion
And that’s it! We have a fully functional mkSystem function that can replace both lib.nixosSystem and lib.darwinSystem. This was quite the task, and although this blog post seems to reduce the quite simple. I’ve spent a lot of time on this, both when researching how to create the custom builder and writing and maintaining the latest rendition in the form of a flake module called easy-hosts. If you enjoyed this post, please consider donating on ko-fi or github sponsors.