kitten.sh / system
Personal Nix setup
fork atom
system / modules / base / nix-config.nix
at main 1.9 kB view raw
1{ lib, pkgs, inputs, helpers, user, config, ... }: 2 3with lib; mkMerge [ 4 { 5 age.secrets."nix-access-tokens.conf".file = ./encrypt/nix-access-tokens.conf.age; 6 7 nix = { 8 package = pkgs.lix; 9 channel.enable = mkForce false; 10 11 # make flake registry and nix path match flake inputs 12 registry = mkForce (mapAttrs (_: flake: {inherit flake;}) inputs); 13 nixPath = mapAttrsToList (n: _: "${n}=flake:${n}") inputs; 14 15 settings = { 16 # Enable flakes and new 'nix' command 17 experimental-features = "nix-command flakes"; 18 # disable global registry 19 flake-registry = ""; 20 # Workaround for https://github.com/NixOS/nix/issues/9574 21 nix-path = config.nix.nixPath; 22 # Use xdg spec for .nix-defexpr 23 use-xdg-base-directories = true; 24 # binary caches 25 substituters = [ 26 "https://cache.nixos.org" 27 "https://nix-community.cachix.org" 28 ]; 29 trusted-public-keys = [ 30 "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" 31 "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" 32 ]; 33 trusted-users = [ "root" "@wheel" ]; 34 allowed-users = [ "root" "@wheel" "${user}" ]; 35 extra-trusted-users = [ "${user}" ]; 36 # on Apple Silicon, Rosetta 2 allows for this 37 extra-platforms = mkIf (helpers.system == "aarch64-darwin") [ helpers.system "x86_64-darwin" ]; 38 }; 39 40 optimise.automatic = true; 41 42 # auto collect old stores 43 gc = { 44 automatic = true; 45 options = "--delete-older-than 14d"; 46 } // helpers.linuxAttrs { 47 dates = "weekly"; 48 } // helpers.darwinAttrs { 49 interval = { Weekday = 0; Hour = 0; Minute = 0; }; 50 }; 51 52 extraOptions = '' 53 !include ${config.age.secrets."nix-access-tokens.conf".path} 54 ''; 55 }; 56 } 57 (helpers.darwinAttrs { 58 system.stateVersion = 6; 59 }) 60]