mirror of
https://github.com/nmasur/dotfiles
synced 2025-11-04 12:53:15 +00:00
69 lines
1.4 KiB
Nix
69 lines
1.4 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
inherit (config.nmasur.settings) username;
|
|
cfg = config.nmasur.presets.services.nix;
|
|
in
|
|
|
|
{
|
|
|
|
options.nmasur.presets.services.nix.enable = lib.mkEnableOption "Nix settings and presets";
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
nix = {
|
|
|
|
# Set channel to flake packages, used for nix-shell commands
|
|
nixPath = [ "nixpkgs=${pkgs.path}" ];
|
|
|
|
# For security, only allow specific users
|
|
settings.allowed-users = [
|
|
"@wheel" # Anyone in the wheel group
|
|
username # The current user
|
|
];
|
|
|
|
# Enable features in Nix commands
|
|
extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
warn-dirty = false
|
|
'';
|
|
|
|
# Set automatic generation cleanup for home-manager
|
|
gc = {
|
|
automatic = true;
|
|
options = "--delete-older-than 10d";
|
|
};
|
|
|
|
settings = {
|
|
|
|
# Trust users for messing with Nix stuff
|
|
trusted-users = [
|
|
"root"
|
|
"@wheel"
|
|
username
|
|
];
|
|
|
|
# Add community Cachix to binary cache
|
|
# Don't use at work because blocked by corporate firewall
|
|
builders-use-substitutes = true;
|
|
substituters = [
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
|
|
auto-optimise-store = true;
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|