62 lines
1.7 KiB
Nix
62 lines
1.7 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
# Enable flakes
|
|
nix.settings.experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
];
|
|
|
|
# Allow unfree if set in config
|
|
nixpkgs.config.allowUnfreePredicate = lib.mkIf config.nixpkgs.config.allowUnfree (pkg: true);
|
|
environment.variables = lib.mkIf config.nixpkgs.config.allowUnfree {
|
|
NIXPKGS_ALLOW_UNFREE = "1";
|
|
};
|
|
|
|
nix.settings = {
|
|
max-jobs = "auto";
|
|
# Fallback quickly if substituters are not available.
|
|
connect-timeout = 5;
|
|
download-attempts = 3;
|
|
download-buffer-size = 524288000; # default is 67108864, this increases to ~500MB
|
|
# The default at 10 is rarely enough.
|
|
log-lines = 50;
|
|
# Avoid disk full issues
|
|
max-free = (3000 * 1024 * 1024);
|
|
min-free = (1000 * 1024 * 1024);
|
|
# Avoid copying unnecessary stuff over SSH
|
|
builders-use-substitutes = true;
|
|
auto-optimise-store = true;
|
|
trusted-users = [
|
|
"root"
|
|
"@wheel"
|
|
];
|
|
substituters = [
|
|
"https://cache.nixos.org/"
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-substituters = config.nix.settings.substituters;
|
|
trusted-public-keys = [
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
};
|
|
nix.extraOptions = ''
|
|
keep-outputs = true
|
|
keep-derivations = true
|
|
${lib.optionalString (
|
|
# TODO revisit this should it move?
|
|
config ? age && config.age ? secrets && config.age.secrets ? github_read_token
|
|
) "!include ${config.age.secrets.github_read_token.path}"}
|
|
'';
|
|
|
|
# nix helper
|
|
programs.nh = {
|
|
enable = true;
|
|
# clean.enable = true; # TODO revist does this solve my re-building issues?
|
|
clean.extraArgs = "--keep 10";
|
|
};
|
|
}
|