global/programs/nix/config.nix at main · soopy.moe/gensokyo

soopy.moe / gensokyo
nixos config
gensokyo / global / programs / nix / config.nix
at main 1.4 kB view raw
 1{
 2  inputs,
 3  config,
 4  pkgs,
 5  lib,
 6  ...
 7}:
 8# some items are sourced from https://jackson.dev/post/nix-reasonable-defaults/
 9lib.mkMerge [
10  {
11    nix.package = pkgs.nixVersions.latest;
12
13    nix.settings = {
14      experimental-features = [
15        "nix-command"
16        "flakes"
17        "ca-derivations"
18      ];
19
20      allowed-uris = [
21        "github:"
22        "git+https://patchy.soopy.moe/"
23        "git+https://github.com/"
24        "git+ssh://github.com/"
25      ];
26
27      substituters = [
28        "https://cache.soopy.moe"
29      ];
30
31      trusted-substituters = [
32        "https://cache.soopy.moe"
33      ];
34
35      trusted-public-keys = [
36        "cache.soopy.moe-1:0RZVsQeR+GOh0VQI9rvnHz55nVXkFardDqfm4+afjPo="
37      ];
38
39      fallback = true;
40      connect-timeout = 30;
41      max-jobs = "auto";
42      auto-optimise-store = true;
43      download-buffer-size = 268435456; # 256 MiB
44
45      trace-import-from-derivation = true;
46    };
47
48    nix.gc = {
49      automatic = true;
50      dates = "weekly";
51    };
52
53    nix.registry = {
54      n.flake = inputs.nixpkgs;
55    }
56    // (builtins.mapAttrs (_: flake: { inherit flake; }) (
57      lib.filterAttrs (n: _: n != "nixpkgs") inputs
58    ));
59
60    # nix-index[-database]
61    programs.nix-index.enable = true;
62    programs.nix-index-database.comma.enable = true;
63  }
64
65  (lib.mkIf (!config.gensokyo.traits.sensitive) {
66    nix.settings.trusted-users = [
67      "@wheel"
68      "builder"
69    ];
70  })
71]