106 lines
3.0 KiB
Nix
106 lines
3.0 KiB
Nix
# Shared system-level configuration for both NixOS and nix-darwin
|
|
# Import this in both nixos/configuration.nix and darwin/configuration.nix
|
|
{
|
|
inputs,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
# Shared Nix configuration
|
|
# Note: On Darwin with Determinate Nix, set nix.enable = false in darwin/configuration.nix
|
|
nix = let
|
|
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
|
|
in {
|
|
settings = {
|
|
# Enable flakes and new 'nix' command
|
|
experimental-features = "nix-command flakes ca-derivations";
|
|
|
|
# Binary caches
|
|
substituters = [
|
|
"https://cache.nixos.org/"
|
|
"https://cache.iog.io"
|
|
"https://haskell-language-server.cachix.org"
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
|
|
"haskell-language-server.cachix.org-1:juFfHrwkOxqIOZShtC4YC1uT1bBcq2RSvC7OMKx0Nz8="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
|
|
# Opinionated: disable global registry
|
|
flake-registry = "";
|
|
|
|
# Trusted users
|
|
trusted-users = ["root" "@admin" "@wheel"];
|
|
|
|
# Workaround for https://github.com/NixOS/nix/issues/9574
|
|
nix-path = config.nix.nixPath;
|
|
|
|
# Keep build dependencies for development
|
|
keep-outputs = true;
|
|
keep-derivations = true;
|
|
|
|
# Performance tuning
|
|
max-jobs = 32;
|
|
cores = 0; # Use all cores
|
|
http-connections = 64;
|
|
download-buffer-size = 134217728; # 128 MB
|
|
};
|
|
|
|
# Opinionated: make flake registry and nix path match flake inputs
|
|
registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs;
|
|
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
|
|
|
|
# Platform-specific: These require nix.enable = true (conflicts with Determinate Nix on Darwin)
|
|
# Only enable on Linux where we manage Nix ourselves
|
|
optimise.automatic = lib.mkIf pkgs.stdenv.isLinux true;
|
|
gc = lib.mkIf pkgs.stdenv.isLinux {
|
|
automatic = true;
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
|
|
# Extra options
|
|
extraOptions =
|
|
''
|
|
accept-flake-config = true
|
|
''
|
|
+ lib.optionalString (pkgs.system == "aarch64-darwin") ''
|
|
extra-platforms = x86_64-darwin aarch64-darwin
|
|
'';
|
|
|
|
# Use latest nix version
|
|
package = pkgs.nixVersions.latest;
|
|
};
|
|
|
|
# Shared nixpkgs configuration
|
|
nixpkgs = {
|
|
overlays = [
|
|
inputs.self.overlays.emacs
|
|
inputs.self.overlays.additions
|
|
inputs.self.overlays.modifications
|
|
inputs.self.overlays.unstable-packages
|
|
];
|
|
|
|
config = {
|
|
allowUnfree = true;
|
|
permittedInsecurePackages = [
|
|
"hadoop-3.3.1"
|
|
"libressl-3.4.3"
|
|
"python3.12-ecdsa-0.19.1"
|
|
];
|
|
};
|
|
};
|
|
|
|
# Shared environment packages
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
# git is managed by home-manager (programs.git)
|
|
curl
|
|
wget
|
|
];
|
|
}
|
|
|