blob: de944876ed4dd2cdd937450bd659a87089543443 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
{ pkgs, lib, ... }:
{
imports = [ ./overlay.nix ];
system.stateVersion = 5;
users.users.emile = {
name = "emile";
home = "/Users/emile";
};
users.users.hydra = {
name = "hydra";
home = "/Users/hydra";
};
# macos sonoma claimed 300, 301, 302, 303 and 304
# users.groups."nixbld".name = "nixbld";
# users.users."_nixbld1" = {
# name = "_nixbld1";
# };
# users.users."_nixbld1".uid = 305;
# users.users."_nixbld2".uid = 306;
# users.users."_nixbld3".uid = 307;
# users.users."_nixbld4".uid = 308;
# users.users."_nixbld5".uid = 309;
nix = {
useDaemon = true;
package = pkgs.nixFlakes;
extraOptions =
''
builders-use-substitutes = true
auto-optimise-store = true
''
+ lib.optionalString (pkgs.system == "aarch64-darwin") ''
extra-platforms = x86_64-darwin aarch64-darwin
'';
settings = {
trusted-users = [
"root"
"hydra"
"emile"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
# "nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A="
];
substituters = [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
"https://cache.garnix.io"
# "https://nix-cache.emile.space"
];
experimental-features = [
"nix-command"
"flakes"
];
# don't use the globally defined flakes, as pulling from github for each shell invocation
# is slow
flake-registry = "";
};
distributedBuilds = true;
buildMachines = [
# {
# hostName = "corrino.emile.space";
# system = "x86_64-linux";
# maxJobs = 16;
# speedFactor = 2;
# # Feature | Derivations requiring it
# # ----------------|-----------------------------------------------------
# # kvm | Everything which builds inside a vm, like NixOS tests
# # nixos-test | Machine can run NixOS tests
# # big-parallel | kernel config, libreoffice, evolution, llvm and chromium.
# # benchmark | Machine can generate metrics (Means the builds usually
# # | takes the same amount of time)
# # cat /etc/nix/machines
# # root@corrino x86_64-linux /home/nix/.ssh/id_ed25519 8 1 kvm,benchmark
# supportedFeatures = [
# "nixos-test"
# "benchmark"
# "big-parallel"
# "kvm"
# ];
# mandatoryFeatures = [ ];
# }
];
};
nixpkgs = {
config.allowUnfree = true;
};
services.nix-daemon.enable = true;
# <3
security.pam.enableSudoTouchIdAuth = true;
environment = {
systemPackages = [ ]; # set via home-manager
shells = with pkgs; [
bashInteractive
zsh
];
};
}
|
