Home-Manager allowUnfree

cdenneen · June 5, 2024, 10:48pm

I have the following flake.nix:

{
  description = "Home Manager configuration";

  inputs = {
    # Specify the source of Home Manager and Nixpkgs.
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    home-manager = {
      url = "github:nix-community/home-manager/release-24.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs = { nixpkgs, flake-utils, home-manager, nixpkgs-unstable, ... }:
    let
      utils = flake-utils;
      user = import ./user.nix;
      nixpkgsConfig = {
        config = {
          allowUnfree = true;
          allowUnfreePredicate = (_: true);
        };
      };
    in
    utils.lib.eachDefaultSystem (system:
      let
        stable-pkgs = nixpkgs.legacyPackages.${system};
        unstable-pkgs = nixpkgs-unstable.legacyPackages.${system};
        pkgs = stable-pkgs // {
          # provides alias for all unstable pkgs
          unstable = unstable-pkgs;
          starship = unstable-pkgs.starship;
          git = unstable-pkgs.git;
        };
      in
      {
        formatter = pkgs.nixpkigs-fmt;
        useGlobalPkgs = true;
        useUserPackages = true;
        packages = {
          homeConfigurations.${user.name} = home-manager.lib.homeManagerConfiguration {
            inherit pkgs;


          # Specify your home configuration modules here, for example,
          # the path to your home.nix.
          modules = [
            ./home.nix
            {
              nixpkgs = nixpkgsConfig;
            }
            {
              home = {
                username = user.name;
                homeDirectory = user.homeDir;
                stateVersion = "24.05";
              };
              xdg = {
                cacheHome = user.homeDir + "/.local/cache";
              };
            }
          ];

          # Optionally use extraSpecialArgs
          # to pass through arguments to home.nix
          extraSpecialArgs = {
            inherit pkgs;
          };
        };
      };
  });
}

and the following home.nix:

{ config, pkgs, lib, ... }:

let
  my-scripts = import ./scripts { pkgs = pkgs; };
in
{
  # Install unfree programs
  nix.package = pkgs.nix;
  nixpkgs.config.allowUnfree = true;
  nixpkgs.config.allowUnfreePredicate = (_: true);

  # The home.packages option allows you to install Nix packages into your
  # environment.
  home.packages = my-scripts ++ (with pkgs; [
    _1password
    btop
    curl
    coreutils
    jq
    ruby
    fzf
    ripgrep
    shellcheck
    moreutils
    lazygit
    git
    tree
    yq
    sd
    fd
    neovim
    kubectl
    direnv
    gcc
    kubeswitch
    k9s
    terraform
    terragrunt
  ]);

  imports = [
    ./gnupg.nix
    ./programs/alacritty.nix
    ./programs/autojump.nix
    ./programs/bat.nix
    ./programs/direnv.nix
    ./programs/fzf.nix
    ./programs/atuin.nix
    ./programs/zsh.nix
    ./programs/tmux.nix
    ./programs/starship.nix
  ];

  xdg.configFile =
    with lib;
    mkMerge [
      {
        # "starship.toml".text =
        #   ''format = "$directory$git_branch$line_break$cmd_duration$character"''
        #   + builtins.readFile dotfiles/starship.toml;
        "starship.toml".source = dotfiles/starship.toml;
        "git".source = dotfiles/git;
        "nvim".source = dotfiles/nvim;
        "ripgrep.conf".source = dotfiles/ripgrep.conf;
        "zsh".source = dotfiles/zsh;
        "direnv/lib".source = dotfiles/direnv/lib;
        "aws".source = dotfiles/aws;
        "nixpkgs".source = dotfiles/nixpkgs;
      }
    ];

  # Home Manager is pretty good at managing dotfiles. The primary way to manage
  # plain files is through 'home.file'.
  home.file = {
    # # Building this configuration will create a copy of 'dotfiles/screenrc' in
    # # the Nix store. Activating the configuration will then make '~/.screenrc' a
    # # symlink to the Nix store copy.
    # ".screenrc".source = dotfiles/screenrc;
    ".kube/switch-config.yaml".source = dotfiles/kube/switch-config.yaml;

    # # You can also set the file content immediately.
    # ".gradle/gradle.properties".text = ''
    #   org.gradle.console=verbose
    #   org.gradle.daemon.idletimeout=3600000
    # '';
  };

  # Home Manager can also manage your environment variables through
  # 'home.sessionVariables'. These will be explicitly sourced when using a
  # shell provided by Home Manager. If you don't want to manage your shell
  # through Home Manager then you have to manually source 'hm-session-vars.sh'
  # located at either
  #
  #  ~/.nix-profile/etc/profile.d/hm-session-vars.sh
  #
  # or
  #
  #  ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
  #
  # or
  #
  #  /etc/profiles/per-user/cdenneen/etc/profile.d/hm-session-vars.sh
  #
  home.sessionVariables = {
    EDITOR = "nvim";
  };

  home.activation.installAsdfVm = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
    [ ! -d $HOME/.asdf ] && \
      $DRY_RUN_CMD ${pkgs.git}/bin/git clone --branch v0.14.0 $VERBOSE_ARG \
        https://github.com/asdf-vm/asdf.git ~/.asdf;
    mkdir -p ${config.home.homeDirectory}/.kube/switch-state;
  '';

  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
}

I am running this on Debian, Ubuntu and eventually my Mac once I can get some nuances fixed.

When running a build I get the following error still:

error:
       … while calling the 'derivationStrict' builtin
         at <nix/derivation-internal.nix>:9:12:
            8|
            9|   strict = derivationStrict drvAttrs;
             |            ^
           10|

       … while evaluating derivation 'home-manager-generation'
         whose name attribute is located at /nix/store/i1aw9jjgxcvyd642s12kw3iasmarwd42-source/pkgs/stdenv/generic/make-derivation.nix:331:7

       … while evaluating attribute 'buildCommand' of derivation 'home-manager-generation'
         at /nix/store/i1aw9jjgxcvyd642s12kw3iasmarwd42-source/pkgs/build-support/trivial-builders/default.nix:68:17:
           67|         enableParallelBuilding = true;
           68|         inherit buildCommand name;
             |                 ^
           69|         passAsFile = [ "buildCommand" ]

       … while evaluating the option `home.activation.installPackages.data':

       … while evaluating definitions from `/nix/store/69xnjv9zg8a0gsyhsn8lp8937wy0a392-source/modules/home-environment.nix':

       (stack trace truncated; use '--show-trace' to show the full, detailed trace)

       error: Package ‘1password-cli-2.28.0’ in /nix/store/i1aw9jjgxcvyd642s12kw3iasmarwd42-source/pkgs/applications/misc/1password/default.nix:73 has an unfree license (‘unfree’), refusing to evaluate.

       a) To temporarily allow unfree packages, you can use an environment variable
          for a single invocation of the nix tools.

            $ export NIXPKGS_ALLOW_UNFREE=1

          Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake,
                then pass `--impure` in order to allow use of environment variables.

       b) For `nixos-rebuild` you can set
         { nixpkgs.config.allowUnfree = true; }
       in configuration.nix to override this.

       Alternatively you can configure a predicate to allow specific packages:
         { nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
             "1password-cli"
           ];
         }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
         { allowUnfree = true; }
       to ~/.config/nixpkgs/config.nix.

I’ve done a lot of Google searching and a lot of the posts are for configuration.nix with NixOS not really geared towards Home-Manager but the ones I did find mentioned adding:

        config = {
          allowUnfree = true;
          allowUnfreePredicate = (_: true);
        };

Which I did above but still seem to be getting this error. Any help? I’ve even tried to export NIXPKGS_ALLOW_UNFREE=1 but I think with how my flake/hm setup is configured it’s getting overwritten.

Thanks in advance for the help.

jtojnar · June 5, 2024, 11:28pm

In pure evaluation (default in Flakes), Nix expressions do not have access to environment variables.

The legacyPackages flake output already contains a fully-configured instance of Nixpkgs. You need to use

stable-pkgs = import nixpkgs {
  inherit system;
  config = { /* … */ };
};

Same for unstable, if you want unfree packages from there.

Note that merging the attribute sets will not update any references to git in the stable-pkgs, so if a package from a stable has git as a dependency instead of picking it from PATH environment variable at runtime, it might keep using git from stable.

If you wanted to ensure that dependencies are replaced, you would need to use overlays. Of course, that has the downside that every package depending on git would be updated (and therefore rebuilt), which is not always feasible,

I think this is redundant.

Hasnep · June 5, 2024, 11:28pm

When you used NIXPKGS_ALLOW_UNFREE=1, did you also use --impure? That’s normally why it fails for me. I haven’t been able to figure out any other way to use non free packages with flakes.