nixconfigs/common/nix-settings.nix

39 lines
1 KiB
Nix
Raw Normal View History

# needs to be kept compatible to both NixOS and nix-darwin
{
config,
pkgs,
lib,
...
}:
let
inputs = config.inputInjection.flake-inputs;
unstable = inputs.nixos-unstable;
in
{
nix = {
# expose all flake inputs through nix Path and registry
registry = (lib.mapAttrs (_: value: { flake = value; }) inputs) // {
nixpkgs.flake = inputs.nixpkgs;
};
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
};
nix.settings = builtins.mapAttrs (_: lib.mkDefault) {
# keep around all inputs necessary for offline-rebuilding the system
keep-outputs = true;
keep-derivations = true;
trusted-users = [ "spiollinux" ];
experimental-features = [
"nix-command"
"flakes"
];
# use all cores for building
cores = 0;
};
# TODO: manage access token with sops instead of manual deployment
# permissions: needs to be readable by the user invoking nix and root (for nix daemon)
nix.extraOptions = ''
!include /etc/nix/secrets.conf
'';
}