69 lines
1.9 KiB
Nix
69 lines
1.9 KiB
Nix
# Shared system-level configuration for both NixOS and nix-darwin
|
|
# Import this in both nixos/configuration.nix and darwin/configuration.nix
|
|
{
|
|
inputs,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
# Shared Nix configuration
|
|
# Note: On Darwin with Determinate Nix, set nix.enable = false in darwin/configuration.nix
|
|
nix = let
|
|
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
|
|
in {
|
|
settings = {
|
|
# Enable flakes and new 'nix' command
|
|
experimental-features = "nix-command flakes";
|
|
|
|
# Opinionated: disable global registry
|
|
flake-registry = "";
|
|
|
|
# Trusted users (useful for remote builds)
|
|
# trusted-users = [ "root" "@wheel" ];
|
|
|
|
# Workaround for https://github.com/NixOS/nix/issues/9574
|
|
nix-path = config.nix.nixPath;
|
|
};
|
|
|
|
# Opinionated: make flake registry and nix path match flake inputs
|
|
registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs;
|
|
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
|
|
|
|
# Platform-specific: These require nix.enable = true (conflicts with Determinate Nix on Darwin)
|
|
# Only enable on Linux where we manage Nix ourselves
|
|
optimise.automatic = lib.mkIf pkgs.stdenv.isLinux true;
|
|
gc = lib.mkIf pkgs.stdenv.isLinux {
|
|
automatic = true;
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
};
|
|
|
|
# Shared nixpkgs configuration
|
|
nixpkgs = {
|
|
overlays = [
|
|
inputs.self.overlays.additions
|
|
inputs.self.overlays.modifications
|
|
inputs.self.overlays.unstable-packages
|
|
];
|
|
|
|
config = {
|
|
allowUnfree = true;
|
|
permittedInsecurePackages = [
|
|
"hadoop-3.3.1"
|
|
"libressl-3.4.3"
|
|
"python3.12-ecdsa-0.19.1"
|
|
];
|
|
};
|
|
};
|
|
|
|
# Shared environment packages
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
# git is managed by home-manager (programs.git)
|
|
curl
|
|
wget
|
|
];
|
|
}
|
|
|