system-manager-wakasu
1{
2 config,
3 desktop,
4 hostname,
5 inputs,
6 lib,
7 outputs,
8 stateVersion,
9 ...
10}:
11{
12
13 imports = [
14 (./. + "/${hostname}/boot.nix")
15 (./. + "/${hostname}/hardware.nix")
16
17 ./common/base
18 ./common/users
19 ]
20 ++ lib.optional (builtins.pathExists (./. + "/${hostname}/extra.nix")) ./${hostname}/extra.nix
21 ++ lib.optional (builtins.isString desktop) ./common/desktop;
22
23 nixpkgs = {
24 overlays = [
25 # Our own flake exports (from overlays and pkgs dir)
26 outputs.overlays.additions
27 outputs.overlays.modifications
28 outputs.overlays.unstable-packages
29
30 # And from other flakes
31 inputs.emacs-overlay.overlay
32 inputs.niri.overlays.niri
33 inputs.chapeau-rouge.overlays.openshift
34 inputs.chick-group.overlays.default
35 inputs.go-org-readwise.overlays.default
36 inputs.agenix.overlays.default
37
38 # Migrate to "modifications"
39 (_: prev: {
40 inherit (inputs.buildkit-tekton.packages.${prev.system}) tkn-local;
41 inherit (inputs.dagger.packages.${prev.system}) dagger;
42 })
43 ];
44 config = {
45 allowUnfree = true;
46 # Workaround for https://github.com/nix-community/home-manager/issues/2942
47 allowUnfreePredicate = _: true;
48 };
49 };
50
51 nix = {
52 # This will add each flake input as a registry
53 # To make nix3 commands consistent with your flake
54 registry = lib.mkForce (lib.mapAttrs (_: value: { flake = value; }) inputs);
55
56 # This will additionally add your inputs to the system's legacy channels
57 # Making legacy nix commands consistent as well, awesome!
58 nixPath = lib.mkForce (
59 lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry
60 );
61
62 optimise = {
63 automatic = true;
64 dates = [
65 "01:10"
66 "12:10"
67 ];
68 };
69
70 settings = {
71 auto-optimise-store = true;
72 experimental-features = [
73 "nix-command"
74 "flakes"
75 ];
76 sandbox = true;
77 allowed-users = [
78 "@wheel"
79 ];
80 trusted-users = [
81 "root"
82 "@wheel"
83 ];
84 # See https://nixos.org/manual/nix/stable/command-ref/conf-file#conf-use-xdg-base-directories
85 use-xdg-base-directories = true;
86
87 # Add some "caches" (substituters)
88 substituters = [
89 "https://cache.nixos.org/"
90 "https://r-ryantm.cachix.org"
91 "https://shortbrain.cachix.org"
92 "https://vdemeester.cachix.org"
93 "https://chapeau-rouge.cachix.org"
94 "https://nixos-raspberrypi.cachix.org"
95 ];
96 trusted-public-keys = [
97 "r-ryantm.cachix.org-1:gkUbLkouDAyvBdpBX0JOdIiD2/DP1ldF3Z3Y6Gqcc4c="
98 "shortbrain.cachix.org-1:dqXcXzM0yXs3eo9ChmMfmob93eemwNyhTx7wCR4IjeQ="
99 "chapeau-rouge.cachix.org-1:r34IG766Ez4Eeanr7Zx+egzXLE2Zgvc+XRspYZPDAn8="
100 "vdemeester.cachix.org-1:eZWNOrLR9A9szeMahn9ENaoT9DB3WgOos8va+d2CU44="
101 "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
102 ];
103 };
104
105 extraOptions = ''
106 connect-timeout = 20
107 build-cores = 0
108 keep-outputs = true
109 keep-derivations = true
110 builders-use-substitutes = true
111 '';
112
113 # On laptops at least, make the daemon and builders low priority
114 # to have a responding system while building
115 daemonIOSchedClass = "idle";
116 daemonCPUSchedPolicy = "idle";
117 };
118
119 # `nix-daemon` will hit the stack limit when using `nixFlakes`.
120 systemd.services.nix-daemon.serviceConfig."LimitSTACK" = "infinity";
121
122 system = {
123 inherit stateVersion;
124 };
125
126}