···
13
+
flakeInputs = lib.filterAttrs (name: value: (value ? outputs) && (name != "self")) inputs;
# We use `nh.clean` instead, so this is disabled
7
-
extra-experimental-features = nix-command flakes
8
-
allowed-uris = http:// https://
20
+
registry = lib.mapAttrs (_: v: { flake = v; }) flakeInputs;
22
+
# Don't auto-accept flake-defined nix settings, they're a CVE waiting to happen.
23
+
accept-flake-config = false;
24
+
# Allow these users to access the daemon
25
+
allowed-users = userList;
26
+
# No pre-defined nixbld users
27
+
auto-allocate-uids = true;
28
+
# Always optimize the store
29
+
auto-optimise-store = true;
30
+
# Compress build logs to save space
31
+
compress-build-log = true;
32
+
# Use all available cores to build
12
-
auto-optimise-store = true;
34
+
experimental-features = [
39
+
# Use auto-generated uids instead of users in the nixbld group
40
+
"auto-allocate-uids"
41
+
# Can allow saving space in the store by content-addressing instead of input-addressing derivations
43
+
# Build inside cgroups
45
+
# Disallow URL Literals as they are deprecated
47
+
# Allow Nix to call itself
49
+
# Allow installables to be passed to `nix repl`
18
-
trusted-substituters = [
19
-
"https://cache.nixos.org"
20
-
"https://crane.cachix.org"
21
-
"https://isabelroses.cachix.org"
22
-
"https://nix-community.cachix.org"
23
-
"https://nixpkgs-wayland.cachix.org"
24
-
"https://viperml.cachix.org"
25
-
"https://cache.lix.systems"
52
+
# Build from source if substitution fails
54
+
# Write an empty flake registry
55
+
flake-registry = pkgs.writers.writeJSON "registry-empty.json" {
59
+
# allow keeping direnv gc roots
60
+
keep-derivations = true;
61
+
# Keep going even if a build fails, so that all possible succeeding builds do
63
+
# More direnv gc root stuff
64
+
keep-outputs = true;
65
+
# Show fewer log lines from failed builds since I get them from nh
67
+
# Extra system features
74
+
# The pubkeys of the below substituters
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk="
···
"viperml.cachix.org-1:qZhKBMTfmcLL+OG6fj/hzsMEedgKvZVFRRAhq7j8Vh8="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
84
+
# Extra substituters
85
+
trusted-substituters = [
86
+
"https://cache.nixos.org"
87
+
"https://crane.cachix.org"
88
+
"https://isabelroses.cachix.org"
89
+
"https://nix-community.cachix.org"
90
+
"https://nixpkgs-wayland.cachix.org"
91
+
"https://viperml.cachix.org"
92
+
"https://cache.lix.systems"
94
+
# These users have additional daemon rights
95
+
trusted-users = userList;
96
+
# Use cgroups for building
98
+
# Allow use of the registry
99
+
use-registries = true;
100
+
# XDG base dirs to avoid cluttering $HOME
101
+
use-xdg-base-directories = true;
102
+
# I almost always work in a dirty tree, I know it's dirty
103
+
warn-dirty = false;
pyrox.dev