From 364e8a98ad25127f2a51696ec03729e3a783044f Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Sat, 25 May 2024 22:16:47 +0300 Subject: 2024-05-25 --- modules/common/nix.nix | 230 +++++++++++++++++++++++++------------------------ 1 file changed, 118 insertions(+), 112 deletions(-) (limited to 'modules/common/nix.nix') diff --git a/modules/common/nix.nix b/modules/common/nix.nix index c03c1b1..6c5bd18 100644 --- a/modules/common/nix.nix +++ b/modules/common/nix.nix @@ -3,7 +3,6 @@ inputs, lib, pkgs, - pkgsPr, this, ... }: @@ -12,142 +11,149 @@ let cfg = config.nixfiles.modules.common.nix; in { + imports = with inputs.srvos.nixosModules; [ + mixins-nix-experimental + mixins-trusted-nix-caches + ]; + options.nixfiles.modules.common.nix.allowedUnfreePackages = mkOption { description = "A list of allowed unfree packages."; type = with types; listOf str; default = [ ]; }; - config = { - _module.args = - let - importNixpkgs = - nixpkgs: - import nixpkgs { - inherit (config.nixpkgs) config; - inherit (this) system; - }; - in - rec { - pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! - pkgsMaster = importNixpkgs inputs.nixpkgs-master; - pkgsStable = importNixpkgs inputs.nixpkgs-stable; - pkgsRev = - rev: hash: - importNixpkgs ( - pkgs.fetchFromGitHub { - owner = "NixOS"; - repo = "nixpkgs"; - inherit rev hash; - } - ); - pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head"; + config = + let + useNixpkgs = + nixpkgs: + import nixpkgs { + inherit (config.nixpkgs) config; + inherit (this) system; + }; + + pkgsLocal = useNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! + pkgsMaster = useNixpkgs inputs.nixpkgs-master; + pkgsStable = useNixpkgs inputs.nixpkgs-stable; + pkgsRev = + rev: hash: + useNixpkgs ( + pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + inherit rev hash; + } + ); + pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head"; + in + { + _module.args = { + inherit + pkgsLocal + pkgsMaster + pkgsStable + pkgsRev + pkgsPr + ; + }; + + hm = { + # Used primarily in conjunction with the "nixfiles" script. + home.file.".nix-defexpr/default.nix".text = + let + hostname = strings.escapeNixIdentifier this.hostname; + in + optionalString this.isHeadful '' + let + self = builtins.getFlake "nixfiles"; + configurations = self.nixosConfigurations; + local = configurations.${hostname}; + in rec { + inherit self; + inherit (self) inputs lib; + inherit (lib) my; + this = my.configurations.${hostname}; + inherit (local) config; + inherit (local.config.system.build) toplevel vm vmWithBootLoader manual; + pretty = expr: lib.trace (lib.generators.toPretty {} expr) {}; + } // configurations // local._module.args + ''; + + programs.bash.shellAliases.nix = "nix --verbose --print-build-logs"; }; - hm = { - # Used primarily in conjunction with the "nixfiles" script. - home.file.".nix-defexpr/default.nix".text = + nix = let - hostname = strings.escapeNixIdentifier this.hostname; + notSelfInputs = filterAttrs (n: _: n != "self") inputs; in - optionalString this.isHeadful '' - let - self = builtins.getFlake "nixfiles"; - configurations = self.nixosConfigurations; - local = configurations.${hostname}; - in rec { - inherit self; - inherit (self) inputs lib; - inherit (lib) my; - this = my.configurations.${hostname}; - inherit (local) config; - inherit (local.config.system.build) toplevel vm vmWithBootLoader manual; - pretty = expr: lib.trace (lib.generators.toPretty {} expr) {}; - } // configurations // local._module.args - ''; - - programs.bash.shellAliases.nix = "nix --verbose --print-build-logs"; - }; + { + daemonCPUSchedPolicy = "idle"; + daemonIOSchedClass = "idle"; + daemonIOSchedPriority = 7; - nix = - let - notSelfInputs = filterAttrs (n: _: n != "self") inputs; - in - { - daemonCPUSchedPolicy = "idle"; - daemonIOSchedClass = "idle"; - daemonIOSchedPriority = 7; - - settings = { - # https://nixos.org/manual/nix/unstable/contributing/experimental-features.html#currently-available-experimental-features - # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc - experimental-features = concatStringsSep " " [ - "flakes" - "nix-command" - "recursive-nix" - "repl-flake" - ]; + settings = { + keep-derivations = if this.isHeadful then "true" else "false"; + keep-outputs = if this.isHeadful then "true" else "false"; - keep-derivations = if this.isHeadful then "true" else "false"; - keep-outputs = if this.isHeadful then "true" else "false"; + warn-dirty = false; - flake-registry = "${inputs.flake-registry}/flake-registry.json"; + keep-going = true; - warn-dirty = false; + substituters = [ + "https://azahi.cachix.org" + "https://nix-community.cachix.org" + ]; - keep-going = true; + trusted-substituters = [ "https://azahi.cachix.org" ]; + trusted-public-keys = [ "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" ]; - substituters = [ - "https://azahi.cachix.org" - "https://nix-community.cachix.org" - ]; - trusted-public-keys = [ - "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; + trusted-users = [ + "root" + my.username + ]; + }; - trusted-users = [ - "root" - my.username + nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [ + "nixfiles=${config.my.home}/src/nixfiles" ]; + + registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // { + nixfiles.flake = inputs.self; + }; }; - nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [ - "nixfiles=${config.my.home}/src/nixfiles" + nixpkgs = { + config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages; + + overlays = with inputs; [ + self.overlays.default + (_: _: { + # Global PR package overrides go here. Example: + # ``` + # inherit (pkgsPr 309018 "sha256-x3ATxjrTVdaX5eo9P6pz+8/W6D2TNYzvjZpOBa3ZRI8=") endlessh-go; + # ``` + }) ]; + }; - registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // { - nixfiles.flake = inputs.self; + environment = { + localBinInPath = true; + defaultPackages = [ ]; + systemPackages = + with pkgs; + optionals this.isHeadful [ + nix-top + nix-tree + nixfiles + ]; + variables = { + NIXFILES = "${config.my.home}/src/nixfiles"; + NIX_SHELL_PRESERVE_PROMPT = "1"; }; }; - nixpkgs = { - config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages; - - overlays = with inputs; [ - self.overlays.default - (_: _super: { - inherit (pkgsPr 309018 "sha256-x3ATxjrTVdaX5eo9P6pz+8/W6D2TNYzvjZpOBa3ZRI8=") endlessh-go; - }) - ]; - }; - - environment = { - localBinInPath = true; - defaultPackages = mkForce [ ]; - systemPackages = - with pkgs; - optionals this.isHeadful [ - nix-top - nix-tree - nixfiles - ]; - sessionVariables = { - NIXFILES = "${config.my.home}/src/nixfiles"; - NIX_SHELL_PRESERVE_PROMPT = "1"; + system = { + # HACK This lets `nix flake check` to pass. + stateVersion = if hasAttr "stateVersion" this then this.stateVersion else trivial.release; }; }; - - system.stateVersion = with builtins; head (split "\n" (readFile "${inputs.nixpkgs}/.version")); - }; } -- cgit v1.2.3