auto-update-daily-20260202
1{
2 config,
3 desktop,
4 hostname,
5 inputs,
6 lib,
7 outputs,
8 stateVersion,
9 ...
10}:
11{
12
13 imports = [
14 (./. + "/${hostname}/boot.nix")
15 (./. + "/${hostname}/hardware.nix")
16
17 ./common/base
18 ./common/users
19 ]
20 ++ lib.optional (builtins.pathExists (./. + "/${hostname}/extra.nix")) ./${hostname}/extra.nix
21 ++ lib.optional (builtins.isString desktop) ./common/desktop;
22
23 nixpkgs = {
24 overlays = [
25 # Our own flake exports (from overlays and pkgs dir)
26 outputs.overlays.additions
27 outputs.overlays.modifications
28 outputs.overlays.unstable-packages
29
30 # And from other flakes
31 inputs.emacs-overlay.overlay
32 inputs.chapeau-rouge.overlays.openshift
33 inputs.chick-group.overlays.default
34 inputs.go-org-readwise.overlays.default
35 inputs.agenix.overlays.default
36
37 # Migrate to "modifications"
38 (_: prev: {
39 inherit (inputs.buildkit-tekton.packages.${prev.stdenv.hostPlatform.system}) tkn-local;
40 inherit (inputs.dagger.packages.${prev.stdenv.hostPlatform.system}) dagger;
41 })
42 ];
43 config = {
44 allowUnfree = true;
45 # Workaround for https://github.com/nix-community/home-manager/issues/2942
46 allowUnfreePredicate = _: true;
47 };
48 };
49
50 nix = {
51 # This will add each flake input as a registry
52 # To make nix3 commands consistent with your flake
53 registry = lib.mkForce (lib.mapAttrs (_: value: { flake = value; }) inputs);
54
55 # This will additionally add your inputs to the system's legacy channels
56 # Making legacy nix commands consistent as well, awesome!
57 nixPath = lib.mkForce (
58 lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry
59 );
60
61 optimise = {
62 automatic = true;
63 dates = [
64 "01:10"
65 "12:10"
66 ];
67 };
68
69 settings = {
70 auto-optimise-store = true;
71 experimental-features = [
72 "nix-command"
73 "flakes"
74 ];
75 sandbox = true;
76 allowed-users = [
77 "@wheel"
78 ];
79 trusted-users = [
80 "root"
81 "@wheel"
82 ];
83 # See https://nixos.org/manual/nix/stable/command-ref/conf-file#conf-use-xdg-base-directories
84 use-xdg-base-directories = true;
85
86 # Add some "caches" (substituters)
87 substituters = [
88 "https://cache.nixos.org/"
89 "https://r-ryantm.cachix.org"
90 "https://shortbrain.cachix.org"
91 "https://vdemeester.cachix.org"
92 "https://chapeau-rouge.cachix.org"
93 "https://nixos-raspberrypi.cachix.org"
94 # Local Harmonia binary caches
95 "http://aomi.sbr.pm:5000" # x86_64-linux
96 "http://aion.sbr.pm:5000" # aarch64-linux
97 ];
98 trusted-public-keys = [
99 "r-ryantm.cachix.org-1:gkUbLkouDAyvBdpBX0JOdIiD2/DP1ldF3Z3Y6Gqcc4c="
100 "shortbrain.cachix.org-1:dqXcXzM0yXs3eo9ChmMfmob93eemwNyhTx7wCR4IjeQ="
101 "chapeau-rouge.cachix.org-1:r34IG766Ez4Eeanr7Zx+egzXLE2Zgvc+XRspYZPDAn8="
102 "vdemeester.cachix.org-1:eZWNOrLR9A9szeMahn9ENaoT9DB3WgOos8va+d2CU44="
103 "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
104 # Local Harmonia cache public keys
105 "cache.aomi.home-1:QjLpxXo2XgJoZRGd/u6tSoJoKmrndesKcwd5gR6sBuY="
106 "cache.aion.home-1:VIbchtAJWf8+T46viAsLaQYDhG9KUGVo+vWxH1Tlz94="
107 ];
108 };
109
110 extraOptions = ''
111 connect-timeout = 20
112 build-cores = 0
113 keep-outputs = true
114 keep-derivations = true
115 builders-use-substitutes = true
116 '';
117
118 # On laptops at least, make the daemon and builders low priority
119 # to have a responding system while building
120 daemonIOSchedClass = "idle";
121 daemonCPUSchedPolicy = "idle";
122 };
123
124 # `nix-daemon` will hit the stack limit when using `nixFlakes`.
125 systemd.services.nix-daemon.serviceConfig."LimitSTACK" = "infinity";
126
127 system = {
128 inherit stateVersion;
129 };
130
131}