nix-config/config/basic/nix.nix

84 lines
2.4 KiB
Nix
Raw Normal View History

2024-12-07 15:05:58 +01:00
{
inputs,
stateVersion,
...
}:
2023-05-04 06:17:03 +02:00
{
nix = {
2024-12-04 22:47:40 +01:00
channel.enable = false;
settings = {
auto-optimise-store = true;
2024-07-26 22:12:48 +02:00
allowed-users = [ "@wheel" ];
trusted-users = [
"root"
2024-11-27 21:03:50 +01:00
"@nix-build"
];
2024-07-26 22:12:48 +02:00
system-features = [
"recursive-nix"
"repl-flake"
"big-parallel"
];
substituters = [
"https://nix-community.cachix.org"
2023-09-05 21:00:29 +02:00
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
2023-12-13 17:29:19 +01:00
"https://ai.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
2023-09-05 21:00:29 +02:00
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
2023-12-13 17:29:19 +01:00
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
2024-12-07 15:05:58 +01:00
(builtins.readFile ../../secrets/nix-key.pub)
];
cores = 0;
max-jobs = "auto";
2023-09-26 22:25:58 +02:00
# make agenix rekey find the secrets even without trusted user
2024-07-26 22:12:48 +02:00
extra-sandbox-paths = [ "/var/tmp/agenix-rekey?" ];
2024-12-04 22:47:40 +01:00
log-lines = 25;
};
daemonCPUSchedPolicy = "batch";
2024-12-04 22:47:40 +01:00
daemonIOSchedClass = "idle";
daemonIOSchedPriority = 5;
2024-12-04 22:47:40 +01:00
distributedBuilds = true;
extraOptions = ''
2023-05-27 07:12:18 +02:00
builders-use-substitutes = true
experimental-features = nix-command flakes recursive-nix
flake-registry = /etc/nix/registry.json
'';
2024-07-26 22:12:48 +02:00
nixPath = [ "nixpkgs=/run/current-system/nixpkgs" ];
optimise.automatic = true;
gc = {
2024-10-25 14:45:38 +02:00
# collect garbage(oddlama for example)
automatic = true;
2024-10-25 14:45:38 +02:00
dates = "weekly";
};
2023-05-04 06:17:03 +02:00
registry = {
nixpkgs.flake = inputs.nixpkgs;
p.flake = inputs.nixpkgs;
pkgs.flake = inputs.nixpkgs;
2024-04-26 22:06:02 +02:00
templates.flake = inputs.templates;
2023-05-04 06:17:03 +02:00
};
};
2024-02-09 01:33:07 +01:00
system = {
extraSystemBuilderCmds = ''
ln -sv ${inputs.nixpkgs} $out/nixpkgs
'';
};
2023-10-09 15:07:30 +02:00
programs.nix-ld.enable = true;
2023-06-02 10:23:40 +02:00
system.stateVersion = stateVersion;
2024-12-04 22:47:40 +01:00
systemd.services.nix-gc.serviceConfig = {
CPUSchedulingPolicy = "batch";
IOSchedulingClass = "idle";
IOSchedulingPriority = 7;
};
# Make builds to be more likely killed than important services.
# 100 is the default for user slices and 500 is systemd-coredumpd@
# We rather want a build to be killed than our precious user sessions as builds can be easily restarted.
systemd.services.nix-daemon.serviceConfig.OOMScoreAdjust = 250;
}