nixos/sourcehut: no pin on nixos version

nixos/modules/services/misc/sourcehut/base-system-configuration.nix

@@ -0,0 +1,53 @@
+{ pkgs, ... }:
+
+{
+  # passwordless ssh server
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "yes";
+    extraConfig = "PermitEmptyPasswords yes";
+  };
+
+  users = {
+    mutableUsers = false;
+    # build user
+    extraUsers."build" = {
+      isNormalUser = true;
+      uid = 1000;
+      extraGroups = [ "wheel" ];
+      password = "";
+    };
+    users.root.password = "";
+  };
+  security.sudo.wheelNeedsPassword = false;
+  nix.trustedUsers = [ "root" "build" ];
+
+  # builds.sr.ht-image-specific network settings
+  networking = {
+    hostName = "build";
+    dhcpcd.enable = false;
+    defaultGateway.address = "10.0.2.2";
+    usePredictableInterfaceNames = false; # so that we just get eth0 and not some weird id
+    interfaces."eth0".ipv4.addresses = [{
+      address = "10.0.2.15";
+      prefixLength = 25;
+    }];
+    enableIPv6 = false;
+    nameservers = [
+      # OpenNIC anycast
+      "185.121.177.177"
+      "169.239.202.202"
+      # Google as a fallback :(
+      "8.8.8.8"
+    ];
+    firewall.allowedTCPPorts = [ 22 ]; # allow ssh
+  };
+
+  environment.systemPackages = with pkgs; [
+    gitMinimal
+    mercurial
+    curl
+    gnupg
+  ];
+}
+

nixos/modules/services/misc/sourcehut/builds.nix

@@ -61,12 +61,37 @@ in
               rev = "ff96a0fa5635770390b184ae74debea75c3fd534";
               ref = "nixos-unstable";
           };
-          image_from_nixpkgs = pkgs_unstable: (import ("${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") {
-            pkgs = (import pkgs_unstable {});
-          });
+          image_from_nixpkgs = pkgs: 
+let
+  makeDiskImage = import ../../../lib/make-disk-image.nix;
+  evalConfig = import ../../../lib/eval-config.nix;
+  config = (evalConfig {
+    modules = [ (import ./qemu-system-configuration.nix) ];
+    inherit pkgs;
+  }).config;
+in
+  makeDiskImage {
+    inherit pkgs config;
+    lib = pkgs.lib;
+    diskSize = 16000;
+    format = "qcow2-compressed";
+    contents = [{
+      source = pkgs.writeText "gitconfig" '''
+        [user]
+          name = builds.sr.ht
+          email = builds@sr.ht
+      ''';
+      target = "/home/build/.gitconfig";
+      user = "build";
+      group = "users";
+      mode = "644";
+    }];
+  };
+
+
         in
         {
-          nixos.unstable.x86_64 = image_from_nixpkgs pkgs_unstable;
+          nixos.unstable.x86_64 = image_from_nixpkgs pkgs;
         }
       )'';
       description = ''

nixos/modules/services/misc/sourcehut/image.nix

@@ -0,0 +1,29 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+let
+  #makeDiskImage = import (pkgs.path +"/nixos/lib/make-disk-image.nix");
+  makeDiskImage = import ../../../../lib/make-disk-image.nix;
+  evalConfig = import ../../../../lib/eval-config.nix;
+  config = (evalConfig {
+    modules = [ (import ./qemu-system-configuration.nix) ];
+    system = "x86_64-linux";
+  }).config;
+in
+  makeDiskImage {
+    inherit pkgs config;
+    lib = pkgs.lib;
+    diskSize = 16000;
+    format = "qcow2-compressed";
+    contents = [{
+      source = pkgs.writeText "gitconfig" ''
+        [user]
+          name = builds.sr.ht
+          email = builds@sr.ht
+      '';
+      target = "/home/build/.gitconfig";
+      user = "build";
+      group = "users";
+      mode = "644";
+    }];
+  }
+

nixos/modules/services/misc/sourcehut/qemu-system-configuration.nix

@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+
+{
+  imports = [ ./base-system-configuration.nix ];
+  fileSystems."/".device = "/dev/disk/by-label/nixos";
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "virtio_balloon" "virtio_blk" "virtio_pci" "virtio_ring" ];
+  boot.loader = {
+    grub = {
+      version = 2;
+      device = "/dev/vda";
+    };
+    timeout = 0;
+  };
+}
+