flake-update-20260505
1{
2 config,
3 desktop,
4 globals,
5 hostname,
6 inputs,
7 lib,
8 libx,
9 outputs,
10 stateVersion,
11 ...
12}:
13{
14
15 imports = [
16 (./. + "/${hostname}/boot.nix")
17 (./. + "/${hostname}/hardware.nix")
18
19 ./common/base
20 ./common/users
21 ]
22 ++ lib.optional (builtins.pathExists (./. + "/${hostname}/extra.nix")) ./${hostname}/extra.nix
23 ++ lib.optional (builtins.isString desktop) ./common/desktop
24 ++ lib.optional (
25 builtins.hasAttr "${hostname}" globals.machines
26 && libx.hasSyncthingFolders globals.machines."${hostname}"
27 ) ./common/services/syncthing.nix;
28
29 nixpkgs = {
30 overlays = [
31 # Our own flake exports (from overlays and pkgs dir)
32 outputs.overlays.additions
33 outputs.overlays.modifications
34 outputs.overlays.unstable-packages
35
36 # And from other flakes
37 inputs.emacs-overlay.overlay
38 inputs.chapeau-rouge.overlays.openshift
39 inputs.chick-group.overlays.default
40 inputs.go-org-readwise.overlays.default
41 inputs.radian.overlays.default
42 inputs.agenix.overlays.default
43
44 # Migrate to "modifications"
45 (_: prev: {
46 inherit (inputs.buildkit-tekton.packages.${prev.stdenv.hostPlatform.system}) tkn-local;
47 inherit (inputs.dagger.packages.${prev.stdenv.hostPlatform.system}) dagger;
48 inherit (inputs.pass-run.packages.${prev.stdenv.hostPlatform.system}) pass-run;
49 })
50 ];
51 config = {
52 allowUnfree = true;
53 # Workaround for https://github.com/nix-community/home-manager/issues/2942
54 allowUnfreePredicate = _: true;
55 };
56 };
57
58 nix = {
59 # This will add each flake input as a registry
60 # To make nix3 commands consistent with your flake
61 registry = lib.mkForce (lib.mapAttrs (_: value: { flake = value; }) inputs);
62
63 # This will additionally add your inputs to the system's legacy channels
64 # Making legacy nix commands consistent as well, awesome!
65 nixPath = lib.mkForce (
66 lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry
67 );
68
69 optimise = {
70 automatic = true;
71 dates = [
72 "01:10"
73 "12:10"
74 ];
75 };
76
77 settings = {
78 auto-optimise-store = true;
79 experimental-features = [
80 "nix-command"
81 "flakes"
82 ];
83 sandbox = true;
84 allowed-users = [
85 "@wheel"
86 ];
87 trusted-users = [
88 "root"
89 "@wheel"
90 ];
91 # See https://nixos.org/manual/nix/stable/command-ref/conf-file#conf-use-xdg-base-directories
92 use-xdg-base-directories = true;
93
94 # Add some "caches" (substituters)
95 substituters = [
96 "https://cache.nixos.org/"
97 "https://r-ryantm.cachix.org"
98 "https://shortbrain.cachix.org"
99 "https://vdemeester.cachix.org"
100 "https://chapeau-rouge.cachix.org"
101 "https://nixos-raspberrypi.cachix.org"
102 # Local Harmonia binary caches
103 "http://okinawa.sbr.pm:5000" # x86_64-linux
104 "http://aion.sbr.pm:5000" # aarch64-linux
105 ];
106 trusted-public-keys = [
107 "r-ryantm.cachix.org-1:gkUbLkouDAyvBdpBX0JOdIiD2/DP1ldF3Z3Y6Gqcc4c="
108 "shortbrain.cachix.org-1:dqXcXzM0yXs3eo9ChmMfmob93eemwNyhTx7wCR4IjeQ="
109 "chapeau-rouge.cachix.org-1:r34IG766Ez4Eeanr7Zx+egzXLE2Zgvc+XRspYZPDAn8="
110 "vdemeester.cachix.org-1:eZWNOrLR9A9szeMahn9ENaoT9DB3WgOos8va+d2CU44="
111 "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
112 # Local Harmonia cache public keys
113 "cache.okinawa.home:gp+IG0OaO4L/J0drL8OwmDtMPmdUq4kfLwg3mR8BkCs="
114 "cache.aion.home-1:VIbchtAJWf8+T46viAsLaQYDhG9KUGVo+vWxH1Tlz94="
115 ];
116 };
117
118 extraOptions = ''
119 connect-timeout = 20
120 build-cores = 0
121 keep-outputs = true
122 keep-derivations = true
123 builders-use-substitutes = true
124 '';
125
126 # On laptops at least, make the daemon and builders low priority
127 # to have a responding system while building
128 daemonIOSchedClass = "idle";
129 daemonCPUSchedPolicy = "idle";
130 };
131
132 # `nix-daemon` will hit the stack limit when using `nixFlakes`.
133 systemd.services.nix-daemon.serviceConfig."LimitSTACK" = "infinity";
134
135 system = {
136 inherit stateVersion;
137 };
138
139}