{ config, inputs, lib, pkgs, this, ... }: with lib; let cfg = config.nixfiles.modules.common.nix; in { imports = with inputs.srvos.nixosModules; [ mixins-nix-experimental mixins-trusted-nix-caches ]; options.nixfiles.modules.common.nix.allowedUnfreePackages = mkOption { description = "A list of allowed unfree packages."; type = with types; listOf str; default = [ ]; }; config = let useNixpkgs = nixpkgs: import nixpkgs { inherit (config.nixpkgs) config; inherit (this) system; }; pkgsLocal = useNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! pkgsMaster = useNixpkgs inputs.nixpkgs-master; pkgsStable = useNixpkgs inputs.nixpkgs-stable; pkgsRev = rev: hash: useNixpkgs ( pkgs.fetchFromGitHub { owner = "NixOS"; repo = "nixpkgs"; inherit rev hash; } ); pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head"; in { _module.args = { inherit pkgsLocal pkgsMaster pkgsStable pkgsRev pkgsPr ; }; hm = { # Used primarily in conjunction with the "nixfiles" script. home.file.".nix-defexpr/default.nix".text = let hostname = strings.escapeNixIdentifier this.hostname; in optionalString this.isHeadful '' let self = builtins.getFlake "nixfiles"; configurations = self.nixosConfigurations; local = configurations.${hostname}; in rec { inherit self; inherit (self) inputs lib; inherit (lib) my; this = my.configurations.${hostname}; inherit (local) config; inherit (local.config.system.build) toplevel vm vmWithBootLoader manual; pretty = expr: lib.trace (lib.generators.toPretty {} expr) {}; } // configurations // local._module.args ''; programs.bash.shellAliases.nix = "nix --verbose --print-build-logs"; }; nix = let notSelfInputs = filterAttrs (n: _: n != "self") inputs; in { daemonCPUSchedPolicy = "idle"; daemonIOSchedClass = "idle"; daemonIOSchedPriority = 7; settings = { keep-derivations = if this.isHeadful then "true" else "false"; keep-outputs = if this.isHeadful then "true" else "false"; warn-dirty = false; keep-going = true; substituters = [ "https://azahi.cachix.org" "https://nix-community.cachix.org" ]; trusted-substituters = [ "https://azahi.cachix.org" ]; trusted-public-keys = [ "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" ]; trusted-users = [ "root" my.username ]; }; nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [ "nixfiles=${config.my.home}/src/nixfiles" ]; registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // { nixfiles.flake = inputs.self; }; }; nixpkgs = { config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages; overlays = with inputs; [ self.overlays.default (_: prev: { # Global PR package overrides go here. Example: # ``` # inherit (pkgsPr 309018 "sha256-x3ATxjrTVdaX5eo9P6pz+8/W6D2TNYzvjZpOBa3ZRI8=") endlessh-go; # ``` spf-engine = prev.spf-engine.override { # FIXME https://nixpk.gs/pr-tracker.html?pr=321940 inherit (pkgsMaster.python311.pkgs) pymilter; }; }) ]; }; environment = { localBinInPath = true; defaultPackages = [ ]; systemPackages = with pkgs; optionals this.isHeadful [ nix-tree nixfiles ]; variables = { NIXFILES = "${config.my.home}/src/nixfiles"; NIX_SHELL_PRESERVE_PROMPT = "1"; }; }; system.stateVersion = this.stateVersion or trivial.release; }; }