From 33f5ff901997bf1e1e300b32452a050098a6dccc Mon Sep 17 00:00:00 2001 From: TheK0tYaRa Date: Sat, 7 Mar 2026 10:53:27 +0200 Subject: [PATCH] fixup --- .gitignore | 3 + custom/modules/kernel.nix | 84 +++++++++++++++++---- custom/modules/llvm-ccache-stdenv.nix | 102 -------------------------- custom/override.nix | 50 +++++++++++++ devenv.nix | 2 +- flake.lock | 18 ++--- flake.nix | 20 ++--- home.nix | 13 +++- 8 files changed, 152 insertions(+), 140 deletions(-) delete mode 100644 custom/modules/llvm-ccache-stdenv.nix diff --git a/.gitignore b/.gitignore index d90015c..ee74d74 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,6 @@ devenv.local.yaml # ide .vscode/settings.json + +# nix +result diff --git a/custom/modules/kernel.nix b/custom/modules/kernel.nix index 4ddd67d..d37e611 100644 --- a/custom/modules/kernel.nix +++ b/custom/modules/kernel.nix @@ -5,6 +5,8 @@ structuredExtraConfig ? { }, kernelPatches ? [ ], extraConfig ? "", + sccacheDir ? "/var/cache/sccache", + enforceSccache ? true, }: let @@ -30,7 +32,41 @@ in pkgs.callPackage ( { buildLinux, ... }@args: let - # llvm = pkgs.llvmPackages_latest; + llvm = pkgs.llvmPackages_latest; + + # buildLinux uses common-flags.nix which sets CC to the *unwrapped* compiler: + # CC=${lib.getExe stdenv.cc.cc} + # and appends extraMakeFlags at the end. :contentReference[oaicite:1]{index=1} + realClang = lib.getExe llvm.clang-unwrapped; + + # Host tools are built with buildPackages.stdenv.cc (see common-flags HOSTCC). :contentReference[oaicite:2]{index=2} + buildPkgs = args.buildPackages or pkgs.buildPackages; + realHostCC = lib.getExe' buildPkgs.stdenv.cc "${buildPkgs.stdenv.cc.targetPrefix}cc"; + realHostCXX = lib.getExe' buildPkgs.stdenv.cc "${buildPkgs.stdenv.cc.targetPrefix}c++"; + + clangSccache = pkgs.writeShellScriptBin "clang" '' + set -euo pipefail + : "''${SCCACHE_ENFORCE_MARKER:?SCCACHE_ENFORCE_MARKER is not set}" + : > "''${SCCACHE_ENFORCE_MARKER}" + export SCCACHE_DIR=${lib.escapeShellArg sccacheDir} + exec ${pkgs.sccache}/bin/sccache ${realClang} "$@" + ''; + + hostccSccache = pkgs.writeShellScriptBin "cc" '' + set -euo pipefail + : "''${SCCACHE_ENFORCE_MARKER:?SCCACHE_ENFORCE_MARKER is not set}" + : > "''${SCCACHE_ENFORCE_MARKER}" + export SCCACHE_DIR=${lib.escapeShellArg sccacheDir} + exec ${pkgs.sccache}/bin/sccache ${realHostCC} "$@" + ''; + + hostcxxSccache = pkgs.writeShellScriptBin "c++" '' + set -euo pipefail + : "''${SCCACHE_ENFORCE_MARKER:?SCCACHE_ENFORCE_MARKER is not set}" + : > "''${SCCACHE_ENFORCE_MARKER}" + export SCCACHE_DIR=${lib.escapeShellArg sccacheDir} + exec ${pkgs.sccache}/bin/sccache ${realHostCXX} "$@" + ''; structuredExtraConfig' = (with lib.kernel; { @@ -45,25 +81,45 @@ pkgs.callPackage ( // { inherit kernelPatches extraConfig; - stdenv = pkgs.llvmPackages_latest.stdenv; - version = kver; modDirVersion = kver; src = kernel-src; - # nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ - # llvm.clang - # llvm.lld - # llvm.llvm - # ]; + stdenv = llvm.stdenv; - makeFlags = (args.makeFlags or [ ]) ++ [ - "LLVM=1" - "LLVM_IAS=1" + extraMakeFlags = + (args.extraMakeFlags or [ ]) + ++ [ + "LLVM=1" + "LLVM_IAS=1" + ] + ++ lib.optionals enforceSccache [ + "CC=${lib.getExe clangSccache}" + "HOSTCC=${lib.getExe hostccSccache}" + "HOSTCXX=${lib.getExe hostcxxSccache}" + ]; - "CC=${pkgs.ccache}/bin/ccache clang" - "HOSTCC=${pkgs.ccache}/bin/ccache clang" - ]; + # Enforce that the wrappers were actually invoked at least once. + # sccache is a compiler wrapper; this is the contract we’re enforcing. :contentReference[oaicite:4]{index=4} + preBuild = + (args.preBuild or "") + + lib.optionalString enforceSccache '' + export SCCACHE_ENFORCE_MARKER="$NIX_BUILD_TOP/.sccache-used" + rm -f "$SCCACHE_ENFORCE_MARKER" + ${pkgs.sccache}/bin/sccache --start-server || true + ${pkgs.sccache}/bin/sccache --zero-stats || true + ''; + + postBuild = + (args.postBuild or "") + + lib.optionalString enforceSccache '' + if [ ! -e "$SCCACHE_ENFORCE_MARKER" ]; then + echo "FATAL: sccache enforcement failed: compiler wrappers were not invoked." + echo "This means buildLinux did not use your CC/HOSTCC overrides." + exit 1 + fi + ${pkgs.sccache}/bin/sccache --show-stats --stats-format text || true + ''; structuredExtraConfig = structuredExtraConfig'; diff --git a/custom/modules/llvm-ccache-stdenv.nix b/custom/modules/llvm-ccache-stdenv.nix deleted file mode 100644 index 351f2bf..0000000 --- a/custom/modules/llvm-ccache-stdenv.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ config, lib, ... }: - -let - cfg = config.programs.ccache; -in -if false then { - config = lib.mkIf cfg.enable { - nix.settings.extra-sandbox-paths = [ cfg.cacheDir ]; - - nixpkgs.overlays = [ - (final: prev: - let - llvm = prev.llvmPackages_latest; - - realClang = llvm.clang-unwrapped; - realClangLib = prev.lib.getLib realClang; - - # "unwrapped clang", но с ccache + per-package CCACHE_DIR - clangUnwrappedCcache = - prev.stdenvNoCC.mkDerivation { - pname = "clang-unwrapped-ccache"; - version = realClang.version; - - outputs = [ "out" "lib" ]; - dontUnpack = true; - - installPhase = '' - mkdir -p "$out/bin" "$lib/lib" - - mkwrap() { - local name="$1" - local real="$2" - cat > "$out/bin/$name" <<'EOF' - #!${prev.bash}/bin/bash - set -euo pipefail - - # Kernel probes compiler via: $CC -E -P -x c - - # Bypass ccache + filesystem touching for preprocess-only probes. - for arg in "$@"; do - if [ "$arg" = "-E" ]; then - exec __REAL__ "$@" - fi - done - - # base cache dir from NixOS module - base='${cfg.cacheDir}' - - # prefer pname (no version), fallback to name, and strip "-..." if present - pkg="''${pname-}" - if [ -z "$pkg" ]; then pkg="''${name-unknown}"; fi - pkg="''${pkg%%-[0-9]*}" - - # If cache dir isn't writable/mounted in sandbox yet, don't break compiler detection. - if ! mkdir -p "$base/$pkg" 2>/dev/null; then - exec __REAL__ "$@" - fi - export CCACHE_DIR="$base/$pkg" - export CCACHE_UMASK=007 - - # improves hit rate for repeated local rebuilds - export CCACHE_BASEDIR="''${NIX_BUILD_TOP:-/build}" - export CCACHE_COMPRESS=1 - export CCACHE_SLOPPINESS=random_seed,time_macros - - exec ${prev.ccache}/bin/ccache __REAL__ "$@" - EOF - substituteInPlace "$out/bin/$name" --replace "__REAL__" "$real" - chmod +x "$out/bin/$name" - } - - mkwrap clang ${realClang}/bin/clang - mkwrap clang++ ${realClang}/bin/clang++ - - ln -s "$out/bin/clang" "$out/bin/cc" - ln -s "$out/bin/clang++" "$out/bin/c++" - - # make lib.getLib(stdenv.cc.cc) point to real clang builtin headers - ln -s ${realClangLib}/lib/clang "$lib/lib/clang" - ''; - - meta = (realClang.meta or { }) // { - mainProgram = "clang"; - }; - }; - - # Wrapped clang package that points its "unwrapped" to our ccache one - clangWrappedCcache = llvm.clang.override { cc = clangUnwrappedCcache; }; - - # New stdenv: same llvm stdenv, but compiler wrapper uses our ccache-unwrapped clang - llvmCcacheStdenv = prev.overrideCC llvm.stdenv clangWrappedCcache; - - in - { - llvmPackages_latest = llvm // { - stdenv = llvmCcacheStdenv; - clang = clangWrappedCcache; - clang-unwrapped = clangUnwrappedCcache; - }; - }) - ]; - }; -} else {} \ No newline at end of file diff --git a/custom/override.nix b/custom/override.nix index 5dd54e3..d869133 100644 --- a/custom/override.nix +++ b/custom/override.nix @@ -31,6 +31,56 @@ final: prev: { # "$unitDir/xdg-desktop-portal-cosmic.service" # ''; # }); + # codex = prev.codex.overrideAttrs ( + # old: + # let + # version = "0.111.0"; + # src = prev.fetchFromGitHub { + # owner = "openai"; + # repo = "codex"; + # tag = "rust-v${version}"; + # hash = "sha256-hdR70BhiMg9G/ibLCeHnRSY3PcGZDv0vnqBCbzSRD6I="; + # }; + # in + # { + # cargoDeps = old.cargoDeps.overrideAttrs (_: { + # inherit src; + # name = "codex-${version}-vendor.tar.gz"; + # sourceRoot = "${src.name}/codex-rs"; + # outputHash = "sha256-FR0GQenZ6CFhHUdi3FnuwIsqo0argAJo5STBwlGCsdg="; + # outputHashMode = "recursive"; + # }); + # } + # ); + codex = prev.codex.overrideAttrs ( + old: + let + version = "0.111.0"; + src = prev.fetchFromGitHub { + owner = "openai"; + repo = "codex"; + tag = "rust-v${version}"; + hash = "sha256-hdR70BhiMg9G/ibLCeHnRSY3PcGZDv0vnqBCbzSRD6I="; + }; + in + { + inherit version src; + sourceRoot = "${src.name}/codex-rs"; + + cargoDeps = prev.rustPlatform.fetchCargoVendor { + inherit src; + sourceRoot = "${src.name}/codex-rs"; + hash = "sha256-h+TIwNz+A6aYcMACWl//LiavABITZxwYa4CvawR/0RQ="; + }; + + buildInputs = (old.buildInputs or [ ]) ++ [ prev.libcap ]; + + preBuild = (old.preBuild or "") + '' + export CARGO_PROFILE_RELEASE_LTO=thin + export CARGO_PROFILE_RELEASE_CODEGEN_UNITS=8 + ''; + } + ); llama-cpp = prev.llama-cpp.overrideAttrs (old: rec { version = "8124"; src = prev.fetchFromGitHub { diff --git a/devenv.nix b/devenv.nix index e2ac278..957a409 100644 --- a/devenv.nix +++ b/devenv.nix @@ -17,7 +17,7 @@ nix flake check ''; build.exec = '' - sudo nixos-rebuild switch --flake '.#' $@ + nixos-rebuild switch --sudo --flake '.#' $@ ''; }; diff --git a/flake.lock b/flake.lock index fec81e8..047c74a 100644 --- a/flake.lock +++ b/flake.lock @@ -413,11 +413,11 @@ ] }, "locked": { - "lastModified": 1772633327, - "narHash": "sha256-jl+DJB2DUx7EbWLRng+6HNWW/1/VQOnf0NsQB4PlA7I=", + "lastModified": 1772845525, + "narHash": "sha256-Dp5Ir2u4jJDGCgeMRviHvEQDe+U37hMxp6RSNOoMMPc=", "owner": "nix-community", "repo": "home-manager", - "rev": "5a75730e6f21ee624cbf86f4915c6e7489c74acc", + "rev": "27b93804fbef1544cb07718d3f0a451f4c4cd6c0", "type": "github" }, "original": { @@ -502,10 +502,10 @@ "kernel-src": { "flake": false, "locked": { - "lastModified": 1772720557, - "narHash": "sha256-lfOprDbqvgOqHzLuhsiuXdHk20qQJ9b8t97zOkTBxu4=", + "lastModified": 1772838933, + "narHash": "sha256-77MlrOVBethsi2wbq0eQx+m6AzNoBWCD8b82B1yUX04=", "ref": "drm-tip", - "rev": "9565ad1c312903452467b9f685c59e2f47f512e5", + "rev": "fce8d7fb2107068c269b868d51aba5f9cf85998a", "shallow": true, "type": "git", "url": "https://gitlab.freedesktop.org/drm/tip.git" @@ -960,11 +960,11 @@ ] }, "locked": { - "lastModified": 1772653484, - "narHash": "sha256-kHwbXkMrlKxo261U0oamF4YXGuUBbwexa8BWYErgKv0=", + "lastModified": 1772751120, + "narHash": "sha256-4cBOTPXv6Pkqa6qL1SH3UZTShciQWpyKJy3c3cQEU8I=", "owner": "mozilla", "repo": "sccache", - "rev": "30ed851a2b56ff3d754117895c76dbd8d10bbf13", + "rev": "2b65ac80ed3a3ff63c41711d65ae10106a163a09", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 445286c..85ce8b7 100644 --- a/flake.nix +++ b/flake.nix @@ -52,16 +52,6 @@ inherit system; overlays = [ sccache.overlays.default ]; }; - # - # sccacheWrapper = pkgs.writeShellScriptBin "clang-sccache" '' - # export SCCACHE_DIR=/var/cache/sccache - # exec ${pkgs.sccache}/bin/sccache ${pkgs.llvmPackages_latest.clang}/bin/clang "$@" - # ''; - # stdenvSccache = pkgs.overrideCC pkgs.llvmPackages_latest.stdenv ( - # pkgs.llvmPackages_latest.clang.override { - # cc = sccacheWrapper; - # } - # ); in { nixosConfigurations.testenv = nixpkgs.lib.nixosSystem { @@ -72,7 +62,6 @@ }; modules = [ # ./custom/modules - # ./custom/modules/llvm-ccache-stdenv.nix ragenix.nixosModules.default niri-flake.nixosModules.niri nix-index-database.nixosModules.default @@ -122,9 +111,15 @@ "root" "thek0tyara" ]; - extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; + extra-sandbox-paths = [ + "/var/cache/sccache" + ]; download-buffer-size = 160000000; }; + systemd.tmpfiles.rules = [ + # setgid, чтобы файлы/папки сохраняли группу nixbld + "d /var/cache/sccache 2770 root nixbld - -" + ]; boot = { loader = { systemd-boot.enable = true; @@ -165,6 +160,7 @@ LLAMA_CACHE = "/home/thek0tyara/Downloads/llm"; # CCACHE_DIR = "/mnt/HDD_A_DATA/ccache"; + # SCCACHE_DIR = "/home/thek0tyara/Documents/cache/sccache"; # LLVM = "1"; # UV_CACHE_DIR = ""; diff --git a/home.nix b/home.nix index 3bfdcf9..ac2696b 100644 --- a/home.nix +++ b/home.nix @@ -66,6 +66,7 @@ ### development # idea-community-bin + sccache ### visuals gnome-themes-extra @@ -170,7 +171,7 @@ extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr - # xdg-desktop-portal-gnome + xdg-desktop-portal-gnome xdg-desktop-portal-cosmic ]; config = { @@ -179,7 +180,7 @@ "gtk" ]; "org.freedesktop.impl.portal.FileChooser" = "gnome"; - # "org.freedesktop.impl.portal.ScreenCast" = "gnome"; + "org.freedesktop.impl.portal.ScreenCast" = "gnome"; }; }; }; @@ -434,6 +435,14 @@ ### default aria2.enable = true; btop.enable = true; + codex = { + enable = true; + settings = { + model = "gpt-5.4"; + approval_policy = "on-request"; + model_reasoning_effort = "medium"; + }; + }; # command-not-found.enable = true; direnv = { enable = true;