about summary refs log tree commit diff
path: root/modules/common/nix.nix
blob: 09d57ed4b2f3517eb38f40aa735f86092400e573 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
{
  config,
  inputs,
  lib,
  pkgs,
  this,
  ...
}:
with lib;
let
  cfg = config.nixfiles.modules.common.nix;
in
{
  imports = with inputs.srvos.nixosModules; [
    mixins-nix-experimental
    mixins-trusted-nix-caches
  ];

  options.nixfiles.modules.common.nix.allowedUnfreePackages = mkOption {
    description = "A list of allowed unfree packages.";
    type = with types; listOf str;
    default = [ ];
  };

  config = {
    _module.args = {
      pkgsLocal = packages.useNixpkgs "${config.my.home}/src/nixpkgs"; # Impure!
    };

    hm = {
      # Used primarily in conjunction with the "nixfiles" script.
      home.file.".nix-defexpr/default.nix".text =
        let
          hostname = strings.escapeNixIdentifier this.hostname;
        in
        optionalString this.isHeadful ''
          let
            self = builtins.getFlake "nixfiles";
            configurations = self.nixosConfigurations;
            local = configurations.${hostname};
          in rec {
            inherit self;
            inherit (self) inputs lib;
            inherit (lib) my;
            this = my.configurations.${hostname};
            inherit (local) config;
            inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
            pretty = expr: lib.trace (lib.generators.toPretty {} expr) {};
          } // configurations // local._module.args
        '';

      programs.bash.shellAliases.nix = "nix --verbose --print-build-logs --no-eval-cache";
    };

    nix =
      let
        notSelfInputs = filterAttrs (n: _: n != "self") inputs;
      in
      {
        package = mkForce pkgs.nix; # Only use stable Nix.

        nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [
          "nixfiles=${config.my.home}/src/nixfiles"
        ];

        registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // {
          nixfiles.flake = inputs.self;
        };

        settings = {
          warn-dirty = false;

          keep-going = true;

          trusted-users = [ my.username ];

          substituters = [
            "https://cache.garnix.io"
            "https://cache.tvl.su"
            "https://nix-community.cachix.org"
            "https://numtide.cachix.org"
          ];
          trusted-public-keys = [
            "cache.tvl.su:kjc6KOMupXc1vHVufJUoDUYeLzbwSr9abcAKdn/U1Jk="
          ];
        };
      };

    nixpkgs = {
      config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages;

      overlays = [ inputs.self.overlays.default ];
    };

    programs.nh.enable = this.isHeadful;

    environment = {
      defaultPackages = [ ];
      systemPackages =
        with pkgs;
        optionals this.isHeadful [
          nix-tree
          nixfiles
        ];
      variables = {
        NIXFILES = optionalString this.isHeadful "${config.my.home}/src/nixfiles";
        NIX_SHELL_PRESERVE_PROMPT = "1";
      };
    };

    system.stateVersion = this.stateVersion or trivial.release;
  };
}

Consider giving Nix/NixOS a try! <3