profiles/core: add comments for each option

profiles/core/default.nix

@@ -2,12 +2,21 @@
 let inherit (lib) fileContents;
 in
 {
+  # Sets nrdxp.cachix.org binary cache which just speeds up some builds
   imports = [ ../cachix ];
 
+  # For rage encryption, all hosts need a ssh key pair
+  services.openssh = {
+    enable = true;
+    openFirewall = lib.mkDefault false;
+  };
+
+  # This is just a representation of the nix default
   nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
 
   environment = {
 
+    # Selection of sysadmin tools that can come in handy
     systemPackages = with pkgs; [
       binutils
       coreutils
@@ -33,6 +42,8 @@ in
       whois
     ];
 
+    # Starship is a fast and featureful shell prompt
+    # starship.toml has sane defaults that can be changed there
     shellInit = ''
       export STARSHIP_CONFIG=${
         pkgs.writeText "starship.toml"
@@ -113,18 +124,18 @@ in
 
   nix = {
 
+    # Improve nix store disk usage
     autoOptimiseStore = true;
-
     gc.automatic = true;
-
     optimise.automatic = true;
 
+    # Prevents impurities in builds
     useSandbox = true;
 
-    allowedUsers = [ "@wheel" ];
+    # give root and @wheel special privileges with nix
-
     trustedUsers = [ "root" "@wheel" ];
 
+    # Generally useful nix option defaults
     extraOptions = ''
       min-free = 536870912
       keep-outputs = true
@@ -135,20 +146,17 @@ in
   };
 
   programs.bash = {
+    # Enable starship
     promptInit = ''
       eval "$(${pkgs.starship}/bin/starship init bash)"
     '';
+    # Enable direnv, a tool for managing shell environments
     interactiveShellInit = ''
       eval "$(${pkgs.direnv}/bin/direnv hook bash)"
     '';
   };
 
-  # For rage encryption, all hosts need a ssh key pair
+  # Service that makes Out of Memory Killer more effective
-  services.openssh = {
-    enable = true;
-    openFirewall = lib.mkDefault false;
-  };
-
   services.earlyoom.enable = true;
 
 }