1
0
Fork 0
nix-configuration/modules/base/nix.nix

72 lines
1.8 KiB
Nix
Raw Normal View History

2024-05-01 13:35:38 +00:00
# Nix configuration
{
pkgs,
config,
lib,
inputs,
...
}:
{
nix = {
settings = {
# Enable Flakes
experimental-features = [
"nix-command"
"flakes"
];
2024-05-01 13:35:38 +00:00
# Use Lix instead of Nix
2024-05-24 21:33:37 +00:00
extra-substituters = [
"https://cache.lix.systems"
config.secrets.services.cache.url
];
trusted-public-keys = [
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"${config.secrets.services.cache.url}:mTYvveYNhoXttGOxJj2uP0MQ/ZPJce5hY+xSvOxswls=%"
];
2024-05-06 12:38:54 +00:00
2024-05-09 16:19:33 +00:00
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
];
# Avoid signature verification messages when doing remote builds
2024-05-22 03:54:41 +00:00
trusted-users = [
config.users.users.aires.name
2024-05-22 03:59:48 +00:00
] ++ lib.optionals (config.host.users.gremlin.enable) [ config.users.users.gremlin.name ];
};
2024-05-01 13:35:38 +00:00
# Enable periodic nix store optimization
optimise.automatic = true;
2024-05-01 13:35:38 +00:00
# Configure NixOS to use the same software channel as Flakes
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
2024-05-01 13:35:38 +00:00
# Configure remote build machines (mainly Haven)
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
buildMachines = [
{
hostName = "haven";
systems = [
"x86_64-linux"
"aarch64-linux"
];
protocol = "ssh-ng";
supportedFeatures = [
"nixos-test"
"kvm"
"benchmark"
2024-05-17 00:08:57 +00:00
"big-parallel"
];
}
];
2024-05-01 13:35:38 +00:00
# When using a builder, use its package store
extraOptions = ''
builders-use-substitutes = true
'';
};
2024-05-06 18:34:29 +00:00
}