Fix flake resolution issues due to unpinned go version

[ApprenticeofEnder]

Why

• Nix flakes should now successfully build even when the Go version changes in nixpkgs-unstable

What

• Pinned the go version to a specific revision of nixpkgs
• Applied an overlay that solely modifies the go package

References

• Git bisect tutorial (very handy reference for this change)

Evidence

Recently, attempting to build the flake resulted in issues like this:

error:
       … while evaluating an expression to select 'drvPath' on it
         at «internal»:1:552:
       … while evaluating strict
         at «internal»:1:552:
       (stack trace truncated; use '--show-trace' to show the full trace)

       error: go.mod specified Go version 1.25.8, but no compatible Go attribute could be found.

       note: trace involved the following derivations:
       derivation 'terramaid-2.6.2'

Git Bisect Result

Summary by CodeRabbit

• Chores
  • Updated build configuration to source an alternate Go toolchain for builds.
  • Ensures the Go toolchain is selected per target system, improving consistency of Go-based builds across platforms.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 622923de-1e44-4c8a-9b88-0e658820bbaa

📥 Commits

Reviewing files that changed from the base of the PR and between 6973a34 and 6912751.

📒 Files selected for processing (1)

• flake.nix

🚧 Files skipped from review as they are similar to previous changes (1)

• flake.nix

---

📝 Walkthrough

Walkthrough

The flake adds a nixpkgs-go input and updates outputs and the Nixpkgs import overlays so the go package in the resulting package set comes from nixpkgs-go while still applying the existing gomod2nix overlay.

Changes

Cohort / File(s)	Summary
Flake Configuration flake.nix	Added nixpkgs-go input; updated outputs destructuring; replaced single gomod2nix overlay with a composite overlay that applies gomod2nix.overlays.default and then overrides go to come from nixpkgs-go (used for both import and terramaid package construction).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: add Nix flake for package management #193: Modifies the same flake.nix to add nixpkgs-go and adjust overlays for the Go package.
• Bypass Nix Vendor Hashing #476: Continues changes to flake/overlay usage, keeping gomod2nix while integrating an external Go package source.

Suggested labels

patch

Suggested reviewers

• RoseSecurity

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: pinning the Go version in the Nix flake to resolve build failures caused by unpinned Go versions changing in nixpkgs-unstable.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 7/8 reviews remaining, refill in 7 minutes and 30 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@flake.nix`:
- Around line 26-31: The overlays list currently includes
gomod2nix.overlays.default separately from the custom overlay that pins go,
which means consumers importing overlays.default won't get the pinned Go; update
overlays.default (the exported overlay from gomod2nix) so it also sets go =
nixpkgs-go.packages.${system}.go or replace gomod2nix.overlays.default in the
overlays array with an overridden version (e.g., (final: prev:
(gomod2nix.overlays.default final prev) // { go =
nixpkgs-go.packages.${system}.go; })) so that both gomod2nix.overlays.default
and your custom overlay consistently apply the same pinned Go to prevent
downstream resolution errors.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 05b8911c-8334-4896-a8fa-1a4face2714a

📥 Commits

Reviewing files that changed from the base of the PR and between 3e4b650 and 6973a34.

⛔ Files ignored due to path filters (1)

• flake.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• flake.nix

[ApprenticeofEnder]

I'm realizing that this may have been more easily solved by just bumping the patch number in go.mod, but considering Dependabot isn't configured to update language versions, I'm not sure if changing the language version itself would affect anything else.