WIP: unify versioning - not sure how to port nixops4 bits so wait until #309?

closes #279

flake.nix

@@ -1,19 +1,11 @@
 {
-  inputs = {
+  outputs = { self, ... }: let
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
+    inherit sources = import ./npins;
-    flake-parts.url = "github:hercules-ci/flake-parts";
+    inherit (sources) nixpkgs flake-parts nixops4 nixops4-nixos git-hooks;
-    git-hooks.url = "github:cachix/git-hooks.nix";
+    pkgs = import nixpkgs;
-    agenix.url = "github:ryantm/agenix";
+    inherit (pkgs) lib;
-
+    flake-parts-lib = import "${flake-parts}/lib.nix" { inherit lib; };
-    disko.url = "github:nix-community/disko";
+  in flake-parts-lib.mkFlake { inherit self; } {
-
-    nixops4.url = "github:nixops4/nixops4";
-    nixops4-nixos.url = "github:nixops4/nixops4-nixos";
-  };
-
-  outputs =
-    inputs@{ flake-parts, ... }:
-    flake-parts.lib.mkFlake { inherit inputs; } {
       systems = [
         "x86_64-linux"
         "aarch64-linux"
@@ -22,8 +14,8 @@
       ];
 
       imports = [
-        inputs.git-hooks.flakeModule
+        (import "${git-hooks}/flake-module.nix")
-        inputs.nixops4.modules.flake.default
+        (lib.importApply "${nixops4}/nix/flake-parts/flake-parts.nix" { inherit self; })
 
         ./infra/flake-part.nix
         ./services/flake-part.nix
@@ -34,7 +26,6 @@
           config,
           pkgs,
           lib,
-          inputs',
           ...
         }:
         {
@@ -57,14 +48,20 @@
           devShells.default = pkgs.mkShell {
             packages = [
               pkgs.nil
-              inputs'.agenix.packages.default
+              (pkgs.callPackage "${agenix}/pkgs/agenix.nix" {})
               pkgs.openssh
               pkgs.httpie
               pkgs.jq
               # exposing this env var as a hack to pass info in from form
-              (inputs'.nixops4.packages.default.overrideAttrs {
+              (
-                impureEnvVars = [ "DEPLOYMENT" ];
+                (pkgs.callPackage "${nixops4}/package.nix" {
-              })
+                  # nixops4-cli-rust = config.packages.nixops4-release; # https://github.com/nixops4/nixops4/tree/main/rust/nixops4
+                  # nixops4-eval = config.packages.nixops4-eval-release; # https://github.com/nixops4/nixops4/tree/main/rust/nixops4-eval
+                })
+                .overrideAttrs {
+                  impureEnvVars = [ "DEPLOYMENT" ];
+                }
+              )
             ];
             shellHook = config.pre-commit.installationScript;
           };

infra/common/resource.nix

@@ -1,5 +1,4 @@
 {
-  inputs,
   lib,
   config,
   ...
@@ -9,6 +8,9 @@ let
   inherit (lib) attrValues elem mkDefault;
   inherit (lib.attrsets) concatMapAttrs optionalAttrs;
   inherit (lib.strings) removeSuffix;
+  # TODO: use thru nix path after #309
+  sources = import ../../npins;
+  inherit (sources) nixpkgs agenix disko;
 
   secretsPrefix = ../../secrets;
   secrets = import (secretsPrefix + "/secrets.nix");
@@ -25,15 +27,15 @@ in
     hostPublicKey = config.fediversityVm.hostPublicKey;
   };
 
-  nixpkgs = inputs.nixpkgs;
+  inherit nixpkgs;
 
   ## The configuration of the machine. We strive to keep in this file only the
   ## options that really need to be injected from the resource. Everything else
   ## should go into the `./nixos` subdirectory.
   nixos.module = {
     imports = [
-      inputs.agenix.nixosModules.default
+      (import "${agenix}/modules/age.nix")
-      inputs.disko.nixosModules.default
+      (import "${disko}/module.nix")
       ./options.nix
       ./nixos
     ];

infra/flake-part.nix

@@ -1,7 +1,7 @@
 {
   self,
-  inputs,
   lib,
+  withSystem,
   ...
 }:
 
@@ -14,6 +14,8 @@ let
     filterAttrs
     ;
   inherit (lib.attrsets) genAttrs;
+  # TODO: use thru nix path after #309
+  sources = import ../../npins;
 
   ## Given a machine's name and whether it is a test VM, make a resource module,
   ## except for its missing provider. (Depending on the use of that resource, we
@@ -21,7 +23,6 @@ let
   makeResourceModule =
     { vmName, isTestVm }:
     {
-      _module.args = { inherit inputs; };
       imports =
         [
           ./common/resource.nix
@@ -51,11 +52,11 @@ let
     vmNames:
     { providers, ... }:
     {
-      providers.local = inputs.nixops4.modules.nixops4Provider.local;
+      providers.local = lib.importApply "${nixop4s}/nix/providers/local.nix" { inherit withSystem; };
       resources = genAttrs vmNames (vmName: {
         type = providers.local.exec;
         imports = [
-          inputs.nixops4-nixos.modules.nixops4Resource.nixos
+          (lib.importApply "${nixop4s}/modules/nixops4Resource/nixos.nix" { inherit self withSystem; })
           (makeResourceModule {
             inherit vmName;
             isTestVm = false;
@@ -72,7 +73,7 @@ let
     (import ../deployment)
       {
         inherit lib;
-        inherit (inputs) nixops4 nixops4-nixos;
+        inherit (sources) nixops4 nixops4-nixos;
         inherit (self.nixosModules) fediversity;
       }
       {
@@ -121,7 +122,7 @@ let
   ## Given a VM name, make a NixOS configuration for this machine.
   makeConfiguration =
     isTestVm: vmName:
-    inputs.nixpkgs.lib.nixosSystem {
+    import "${nixpkgs}/nixos" {
       modules = [
         (makeResourceConfig { inherit vmName isTestVm; }).nixos.module
       ];

npins/sources.json

@@ -1,5 +1,31 @@
 {
   "pins": {
+    "flake-parts": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "hercules-ci",
+        "repo": "flake-parts"
+      },
+      "branch": "main",
+      "submodules": false,
+      "revision": "c621e8422220273271f52058f618c94e405bb0f5",
+      "url": "https://github.com/hercules-ci/flake-parts/archive/c621e8422220273271f52058f618c94e405bb0f5.tar.gz",
+      "hash": "09j2dafd75ydlcw8v48vcpfm2mw0j6cs8286x2hha2lr08d232w4"
+    },
+    "git-hooks": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "cachix",
+        "repo": "git-hooks.nix"
+      },
+      "branch": "master",
+      "submodules": false,
+      "revision": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
+      "url": "https://github.com/cachix/git-hooks.nix/archive/dcf5072734cb576d2b0c59b2ac44f5050b5eac82.tar.gz",
+      "hash": "1jmdxmx29xghjiaks6f5amnxld8w3kmxb2zv8lk2yzpgp6kr60qg"
+    },
     "htmx": {
       "type": "GitRelease",
       "repository": {
@@ -29,6 +55,32 @@
       "url": "https://github.com/nix-community/nix-unit/archive/e9d81f6cffe67681e7c04a967d29f18c2c540af5.tar.gz",
       "hash": "1wms0wxwvxac1r1daihj5wsx1nghfk5hwdvy5cpgq481bp9x4cjn"
     },
+    "nixops4": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "nixops4",
+        "repo": "nixops4"
+      },
+      "branch": "main",
+      "submodules": false,
+      "revision": "337d537e8ffd9ecfc0d9a91cf4071d2a5e9dec91",
+      "url": "https://github.com/nixops4/nixops4/archive/337d537e8ffd9ecfc0d9a91cf4071d2a5e9dec91.tar.gz",
+      "hash": "0bdbbgm1hr8wmdm35kjjiphgzkm52bpg47qq741bmcqmxz3c1cnl"
+    },
+    "nixops4-nixos": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "nixops4",
+        "repo": "nixops4-nixos"
+      },
+      "branch": "main",
+      "submodules": false,
+      "revision": "1cf497c17fac268a1a9ec31de15a18453c1aff81",
+      "url": "https://github.com/nixops4/nixops4-nixos/archive/1cf497c17fac268a1a9ec31de15a18453c1aff81.tar.gz",
+      "hash": "0n85j6c26k5mxl9ppndxd24sxmv9h7ari5ffvplsd6jsrbpkfwkj"
+    },
     "nixpkgs": {
       "type": "Channel",
       "name": "nixpkgs-unstable",