Overhaul and modernize Nix flake setup #706
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
this was already used by several developers, this just makes it official
this also allows us to remove our single 'spago test' invocation in a github workflow, so all CI checks are in the Nix checks for Garnix to execute while i was at it, i removed the nix flakes wrapper, shell.nix, and flake-compat inclusions as at this point pretty much everyone is on a flake-compatible version of Nix
slimlock was the homegrown npm dependency builder from ps-overlay from before when buildNpmPackage was a suitable choice for the registry, but at this point it's well-suited to be the standard choice for us.
our homegrown nix setup has diverged quite a bit from modern
best practices and is hard to read. it also included some
unnecessary helpers (like run-vm to work on a local vm) which
we can remove.
this change overhauls the full setup while maintaining the
existing tests to make it simpler, more performant, and more
usable for contributors.
the deployments are still simple ('colmena apply').
f-f
approved these changes
Dec 2, 2025
Member
f-f
left a comment
f-f
left a comment
There was a problem hiding this comment.
This is great, thanks!
I would like to eventually get rid of the Nix VM (and replace it with something more agnostic, e.g. docker), but this is a good start 👏 👏
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When setting up a new machine and looking at the Nix setup we have I noticed a lot of quirkiness, nonstandard patterns, and relying on one-off little utilities like
slimlock(thankfully in #701 we moved tomkSpagoDerivationfrom our homegrownpurix). We also have some essentially dead code in Nix modules likerun-vm, as AFAIK no one actually deploys the app to a VM and issues requests against it.So I took a pass through everything to update to current best practices, improve performance especially in the dev shell, and make the codebase easier for contributors to work with. Here are some high-level changes:
flake.nixis broken into a few smaller modules (overlays, lib) with the integration test extracted out, so itas more like 250 lines instead of 900 linesbuildNpmPackagefrom the customslimlocktoolspago testscript, as we can just run it as part of the overallnix flake checkchecks like everything else is.envrcfor developers using direnv — I personally need this, don't want to commit it on all fresh clones, and I think @f-f and I both already were on itThe codebase works the same as before, all the same commands (minus running the test VM), just a better setup internally.