ragusa-it/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: chaotic-nyx with CachyOS kernel #7

Merged
ragusa-it merged 1 commits from claude/add-chaotic-nyx-cachyos-o0LDX into main 2026-02-02 15:14:46 +00:00
Conversation 1 Commits 1 Files Changed 2 +8 -2
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
configuration.nix
View File

@@ -27,7 +27,8 @@
# ═══════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_zen; boot.kernelPackages = pkgs.linuxPackages_cachyos;
chaotic.scx.enable = true; # Enable sched-ext schedulers for CachyOS
# ═══════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════
# NETWORKING # NETWORKING

7
flake.nix
View File

@@ -27,6 +27,8 @@
url = "github:vicinaehq/vicinae"; url = "github:vicinaehq/vicinae";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
copilot-pull-request-reviewer[bot] commented 2026-02-02 15:18:17 +00:00 (Migrated from github.com)
Review
Copy Link

The chaotic input is missing the inputs.nixpkgs.follows directive that is consistently used for all other flake inputs in this codebase (see lines 9, 14, 19, and 28). This can lead to multiple versions of nixpkgs being pulled in, increasing closure size and potentially causing version conflicts. Add inputs.nixpkgs.follows = "nixpkgs"; to maintain consistency with the existing pattern.

The chaotic input is missing the `inputs.nixpkgs.follows` directive that is consistently used for all other flake inputs in this codebase (see lines 9, 14, 19, and 28). This can lead to multiple versions of nixpkgs being pulled in, increasing closure size and potentially causing version conflicts. Add `inputs.nixpkgs.follows = "nixpkgs";` to maintain consistency with the existing pattern.
copilot-pull-request-reviewer[bot] commented 2026-02-02 15:18:17 +00:00 (Migrated from github.com)
Review
Copy Link

The new chaotic flake input pulls code from github:chaotic-cx/nyx/nyxpkgs-unstable using a mutable branch/tag reference, creating a supply-chain risk if that third-party repository is compromised or the branch is force-pushed. Because this input’s NixOS modules and packages will be evaluated and used in system builds, an attacker controlling that ref could silently inject malicious kernel or system code. To mitigate this, pin the input to an immutable commit SHA (or equivalent verified reference) and update it deliberately when you intend to trust new upstream changes.

The new `chaotic` flake input pulls code from `github:chaotic-cx/nyx/nyxpkgs-unstable` using a mutable branch/tag reference, creating a supply-chain risk if that third-party repository is compromised or the branch is force-pushed. Because this input’s NixOS modules and packages will be evaluated and used in system builds, an attacker controlling that ref could silently inject malicious kernel or system code. To mitigate this, pin the input to an immutable commit SHA (or equivalent verified reference) and update it deliberately when you intend to trust new upstream changes.
}; };
# Binary caches for faster builds # Binary caches for faster builds
@@ -49,7 +51,10 @@
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem { nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ ./configuration.nix ]; modules = [
./configuration.nix
inputs.chaotic.nixosModules.default
];
}; };
}; };
} }