about summary refs log tree commit diff stats
path: root/sys/svcs/nix/default.nix
blob: 5766fcdd6261b835c7dfa1a30219bde713963e47 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
  pkgs,
  # flakes
  nixpkgs_as_input,
  templates,
  self,
  ...
}: {
  nix = {
    package = pkgs.nixVersions.latest;

    # Disable nix channels  (this is a remnant of old days)
    channel.enable = false;

    registry = {
      nixpkgs.flake = nixpkgs_as_input;
      n.flake = self; # Otherwise the nixpkgs config is not available

      t.flake = templates;

      my_flake.flake = self;
      m.flake = self;
    };

    gc = {
      automatic = true;
      dates = "weekly";
      options = "--delete-older-than 7d";
    };

    settings = {
      auto-optimise-store = true;
      experimental-features = [
        "nix-command"
        "flakes"
        #"ca-derivations"
      ];

      use-xdg-base-directories = true;

      #substituters = ["https://cache.ngi0.nixos.org/"];
      #trusted-public-keys = ["cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="];

      fallback = true; # Build from source, if binary can't be substituted

      keep-failed = true; # keep failed tmp build dirs
      pure-eval = true; # restrict file system and network access to hash

      sandbox-fallback = false; # Don't disable the sandbox, if the kernel doesn't support it
    };
  };
}