Nixos 22.11 Racoon #153

Merged
teutat3s merged 8 commits from nixos-22-11-racoon into main 2023-01-28 14:11:00 +00:00
5 changed files with 46 additions and 35 deletions
Showing only changes of commit f97cf1d0e9 - Show all commits

View file

@ -1,10 +1,12 @@
{ config, pkgs, lib, ... }:
with lib;
let cfg = config.pub-solar.core;
in
{ {
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.pub-solar.core;
in {
options.pub-solar.core = { options.pub-solar.core = {
enableCaddy = mkOption { enableCaddy = mkOption {
type = types.bool; type = types.bool;
@ -17,12 +19,12 @@ in
binaryCaches = mkOption { binaryCaches = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "Binary caches to use."; description = "Binary caches to use.";
}; };
publicKeys = mkOption { publicKeys = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "Public keys of binary caches."; description = "Public keys of binary caches.";
}; };
}; };
@ -39,15 +41,16 @@ in
networking.firewall.enable = true; networking.firewall.enable = true;
# Customized binary caches list (with fallback to official binary cache) # Customized binary caches list (with fallback to official binary cache)
nix.binaryCaches = cfg.binaryCaches; nix.settings.substituters = cfg.binaryCaches;
nix.binaryCachePublicKeys = cfg.publicKeys; nix.settings.trusted-public-keys = cfg.publicKeys;
# These entries get added to /etc/hosts # These entries get added to /etc/hosts
networking.hosts = { networking.hosts = {
"127.0.0.1" = [ ] "127.0.0.1" =
++ lib.optionals cfg.enableCaddy [ "caddy.local" ] []
++ lib.optionals config.pub-solar.printing.enable [ "cups.local" ] ++ lib.optionals cfg.enableCaddy ["caddy.local"]
++ lib.optionals cfg.enableHelp [ "help.local" ]; ++ lib.optionals config.pub-solar.printing.enable ["cups.local"]
++ lib.optionals cfg.enableHelp ["help.local"];
}; };
# Caddy reverse proxy for local services like cups # Caddy reverse proxy for local services like cups

View file

@ -1,19 +1,25 @@
{ config, pkgs, lib, inputs, ... }:
{ {
config,
pkgs,
lib,
inputs,
...
}: {
nix = { nix = {
# Use default version alias for nix package # Use default version alias for nix package
package = pkgs.nix; package = pkgs.nix;
# Improve nix store disk usage
autoOptimiseStore = true;
gc.automatic = true; gc.automatic = true;
optimise.automatic = true; optimise.automatic = true;
# Prevents impurities in builds settings = {
useSandbox = true; # Improve nix store disk usage
# give root and @wheel special privileges with nix auto-optimise-store = true;
trustedUsers = [ "root" "@wheel" ]; # Prevents impurities in builds
# This is just a representation of the nix default sandbox = true;
systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; # give root and @wheel special privileges with nix
trusted-users = ["root" "@wheel"];
# This is just a representation of the nix default
system-features = ["nixos-test" "benchmark" "big-parallel" "kvm"];
};
# Generally useful nix option defaults # Generally useful nix option defaults
extraOptions = '' extraOptions = ''
min-free = 536870912 min-free = 536870912

View file

@ -1,11 +1,13 @@
{ pkgs, lib, ... }: {
let pkgs,
lib,
...
}: let
folder = ./.; folder = ./.;
toImport = name: value: folder + ("/" + name); toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix"; filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix";
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in in {
{
inherit imports; inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ]; nix.settings.substituters = ["https://cache.nixos.org/"];
} }

View file

@ -1,9 +1,9 @@
{ {
nix = { nix.settings = {
binaryCaches = [ substituters = [
"https://nix-community.cachix.org" "https://nix-community.cachix.org"
]; ];
binaryCachePublicKeys = [ trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
]; ];
}; };

View file

@ -1,9 +1,9 @@
{ {
nix = { nix.settings = {
binaryCaches = [ substituters = [
"https://nrdxp.cachix.org" "https://nrdxp.cachix.org"
]; ];
binaryCachePublicKeys = [ trusted-public-keys = [
"nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=" "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="
]; ];
}; };