xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(modules): move nix settings to a seperate module

Browse source
This commit is contained in:
xinyangli 2024-07-17 15:52:30 +08:00
parent e5bd395fd8
commit e36875131b
Signed by: xin
SSH key fingerprint: SHA256:qZ/tzd8lYRtUFSrfBDBMcUqV4GHKxqeqRA3huItgvbk
8 changed files with 66 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
flake.lock
View file

@ -174,16 +174,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1720768451, "lastModified": 1721187324,
"narHash": "sha256-EYekUHJE2gxeo2pM/zM9Wlqw1Uw2XTJXOSAO79ksc4Y=", "narHash": "sha256-QA/hwTo9TsEbtTxFjHdyIopyRqVbC3psML9D1CuSGcg=",
"owner": "nixos", "owner": "xinyangli",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7e7c39ea35c5cdd002cd4588b03a3fb9ece6fad9", "rev": "5a00e83edebdcf87790dfa0a304b092f4e3ed694",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "xinyangli",
"ref": "nixos-unstable", "ref": "deploy",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

5
home/xin/common/default.nix
View file

@ -20,9 +20,6 @@
inetutils inetutils
]; ];
# Required for standalone home configuration
nix.package = lib.mkForce pkgs.nixVersions.latest; nix.package = lib.mkForce pkgs.nixVersions.latest;
nix.extraOptions = ''
extra-substituters = https://nix-community.cachix.org
extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
'';
} }

21
machines/calcite/configuration.nix
View file

@ -9,6 +9,10 @@
../sops.nix ../sops.nix
]; ];
commonSettings = {
nix.enableMirrors = true;
};
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -229,23 +233,6 @@
system.stateVersion = "22.05"; system.stateVersion = "22.05";
# Use mirror for binary cache
nix.settings.substituters = [
"https://mirrors.bfsu.edu.cn/nix-channels/store"
"https://mirrors.ustc.edu.cn/nix-channels/store"
];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nix.optimise.automatic = true;
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
trusted-users = [ "xin" "root" ];
};
nix.extraOptions = '' nix.extraOptions = ''
!include "${config.sops.secrets.github_public_token.path}" !include "${config.sops.secrets.github_public_token.path}"
''; '';

4
machines/dolomite/default.nix
View file

@ -79,10 +79,6 @@ in
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
nix.settings = {
trusted-users = [ "root" ];
};
services.sing-box = let services.sing-box = let
singTls = { singTls = {
enabled = true; enabled = true;

15
machines/massicot/default.nix
View file

@ -46,21 +46,6 @@
git git
]; ];
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = "https://cache.garnix.io";
trusted-public-keys = "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=";
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
nix.optimise.automatic = true;
nix.settings.auto-optimise-store = true;
system.stateVersion = "22.11"; system.stateVersion = "22.11";
networking = { networking = {

14
machines/raspite/configuration.nix
View file

@ -4,6 +4,9 @@
imports = [ imports = [
./hass.nix ./hass.nix
]; ];
commonSettings.nix.enableMirrors = true;
nixpkgs.overlays = [ nixpkgs.overlays = [
# Workaround https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243 # Workaround https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243
(final: super: { (final: super: {
@ -18,13 +21,6 @@
raspberrypi-eeprom raspberrypi-eeprom
]; ];
# Use mirror for binary cache
nix.settings.substituters = [
"https://mirrors.bfsu.edu.cn/nix-channels/store"
"https://mirrors.ustc.edu.cn/nix-channels/store"
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
networking = { networking = {
@ -51,10 +47,6 @@
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
nix.settings = {
trusted-users = [ "@wheel" ];
};
# fileSystems."/".fsType = lib.mkForce "btrfs"; # fileSystems."/".fsType = lib.mkForce "btrfs";
boot.supportedFilesystems.zfs = lib.mkForce false; boot.supportedFilesystems.zfs = lib.mkForce false;

51
modules/nixos/common-nix-conf.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, lib, pkgs, ... }:
let
inherit (lib) mkIf mkEnableOption mkOption types;
cfg = config.commonSettings.nix;
in
{
options.commonSettings.nix = {
enable = mkOption {
default = true;
type = types.bool;
};
enableMirrors = mkEnableOption "cache.nixos.org mirrors in Mainland China";
};
config = mkIf cfg.enable {
nix.package = pkgs.nixVersions.latest;
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nix.optimise.automatic = true;
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
trusted-users = [ "root" ];
substituters = [
"https://nix-community.cachix.org"
"https://cache.garnix.io"
];
extra-substituters = mkIf cfg.enableMirrors [
"https://mirrors.bfsu.edu.cn/nix-channels/store"
"https://mirrors.ustc.edu.cn/nix-channels/store"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
];
};
};
}

1
modules/nixos/default.nix
View file

@ -1,6 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [
./common-nix-conf.nix
./restic.nix ./restic.nix
./vaultwarden.nix ./vaultwarden.nix
./prometheus.nix ./prometheus.nix