forked from pub-solar/os
83 lines
1.9 KiB
Nix
83 lines
1.9 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
flake,
|
|
...
|
|
}:
|
|
{
|
|
nixpkgs.config.allowUnfreePredicate =
|
|
pkg:
|
|
builtins.elem (lib.getName pkg) [
|
|
"1password"
|
|
"1password-cli"
|
|
"brscan5"
|
|
"brscan5-etc-files"
|
|
"cnijfilter2"
|
|
"facetimehd-firmware"
|
|
"slack"
|
|
"uhk-agent"
|
|
"uhk-udev-rules"
|
|
"veracrypt"
|
|
"zoom"
|
|
];
|
|
|
|
system.activationScripts.diff-closures = {
|
|
text = ''
|
|
if [[ -e /run/current-system ]]; then
|
|
${config.nix.package}/bin/nix store diff-closures \
|
|
/run/current-system "$systemConfig" \
|
|
--extra-experimental-features nix-command
|
|
fi
|
|
'';
|
|
supportsDryActivation = true;
|
|
};
|
|
|
|
nix = {
|
|
# Use lix (forked nix)
|
|
# now set globally using lix-module
|
|
#package = pkgs.lix;
|
|
gc.automatic = true;
|
|
optimise.automatic = true;
|
|
|
|
registry = {
|
|
nixpkgs.flake = flake.inputs.nixpkgs;
|
|
unstable.flake = flake.inputs.unstable;
|
|
system.flake = flake.self;
|
|
};
|
|
|
|
settings = {
|
|
# Improve nix store disk usage
|
|
auto-optimise-store = true;
|
|
# Prevents impurities in builds
|
|
sandbox = true;
|
|
# Give root and @wheel special privileges with nix
|
|
trusted-users = [
|
|
"root"
|
|
"@wheel"
|
|
];
|
|
# Allow only group wheel to connect to the nix daemon
|
|
allowed-users = [ "@wheel" ];
|
|
|
|
substituters = [ "https://pub-solar.cachix.org/" ];
|
|
|
|
trusted-public-keys = [ "pub-solar.cachix.org-1:ZicXIxKgdxMtgSJECWR8iihZxHRvu8ObL4n2cuBmtos=" ];
|
|
};
|
|
|
|
# Generally useful nix option defaults
|
|
extraOptions = lib.mkForce ''
|
|
experimental-features = flakes nix-command
|
|
min-free = 536870912
|
|
keep-outputs = true
|
|
keep-derivations = true
|
|
fallback = true
|
|
'';
|
|
|
|
nixPath = [
|
|
"nixpkgs=${flake.inputs.nixpkgs}"
|
|
"nixos-config=${../../lib/compat/nixos}"
|
|
"home-manager=${flake.inputs.home-manager}"
|
|
];
|
|
};
|
|
}
|