nixos/config/nix.nix

46 lines
1.1 KiB
Nix
Raw Normal View History

2023-09-11 20:23:04 +02:00
{
nixpkgs,
nixpkgs-git,
nixpkgs-stable,
pkgs,
config,
lib,
...
}: let
cfg = config.machine;
2023-06-28 09:00:41 +02:00
emptyGlobalRegistry = pkgs.writeText "registry.json" ''{ "flakes": [], "version": 2 }'';
in {
2019-02-26 13:44:40 +01:00
nix = {
package = pkgs.nix;
registry = {
nixpkgs.flake = nixpkgs;
nixpkgs-git.flake = nixpkgs-git;
nixpkgs-stable.flake = nixpkgs-stable;
};
2022-02-02 20:21:14 +01:00
settings = {
max-jobs = 4;
cores = 1;
sandbox = true;
auto-optimise-store = true;
2023-09-11 20:23:04 +02:00
trusted-substituters =
[
"https://cache.nixos.org"
]
++ cfg.binaryCaches;
# TODO: integrate into sops
# trusted-public-keys = [ (lib.fileContents "${cfg.secretPath}/hydra_cache.pub") ];
2023-09-11 20:23:04 +02:00
substituters =
[
"https://cache.nixos.org"
]
++ cfg.binaryCaches;
allowed-users = ["root"] ++ (map (n: n.name) cfg.administrators);
2022-02-02 20:21:14 +01:00
};
2019-02-26 13:44:40 +01:00
extraOptions = ''
build-timeout = 86400 # 24 hours
2021-11-02 09:44:06 +01:00
experimental-features = nix-command flakes
2023-06-28 09:00:41 +02:00
flake-registry = ${emptyGlobalRegistry}
2019-02-26 13:44:40 +01:00
'';
};
}