nixos-config/modules/nix.nix
Simon Bruder 2c8a291ae9
Make flake inputs available as module argument
This moves a bunch of stuff out of flake.nix into the modules they
belong to. This removes complexity from flake.nix and gives the project
a more organised structure.

Sadly, it is not possible to import modules from a flake outside of
flake.nix, since that leads to an infinite recursion (`config` has to be
evaluated before `config._modules.args.inputs` is available but `config`
depends on an import from `config._modules.args.inputs`). Therefore, the
`extraModules` argument in `machines/default.nix` has to be used for
that (it now has access to all flake inputs).
2021-05-15 10:04:44 +02:00

86 lines
2.2 KiB
Nix

{ config, inputs, lib, pkgs, ... }:
let
# Adapted from https://nixos.wiki/wiki/Overlays
overlaysCompat = pkgs.writeTextFile {
name = "overlays-compat";
destination = "/overlays.nix";
text = ''
self: super:
with super.lib;
let
# Load the system config and get the `nixpkgs.overlays` option
# This fails gracefully if getFlake is not available
overlays = if builtins.hasAttr "getFlake" builtins
then (builtins.getFlake "/var/src/config").nixosConfigurations.${config.networking.hostName}.config.nixpkgs.overlays
else [ ];
in
# Apply all overlays to the input of the current "main" overlay
foldl' (flip extends) (_: super) overlays self
'';
};
in
{
sops.secrets.binary-cache-secret-key = { };
sops.secrets.nix-netrc = {
group = "wheel";
mode = "0440";
};
nix = {
# nix with flake support
package = pkgs.nixUnstable;
registry = with inputs; {
nixpkgs.flake = nixpkgs;
nixpkgs-unstable.flake = nixpkgs-unstable;
};
nixPath = [
"nixpkgs=${inputs.nixpkgs}"
"nixpkgs-overlays=${overlaysCompat}"
];
# Make sudoers trusted nix users
trustedUsers = [ "@wheel" ];
binaryCaches = [
"https://nix-cache.sbruder.de/"
];
binaryCachePublicKeys = [
"nix-cache.sbruder.de-1:bU13eF6IMMW2hgO7StgB6JCAoZPeAQ27NAzV0kru1XM="
];
# On-the-fly optimisation of nix store
autoOptimiseStore = true;
extraOptions = ''
# Binary cache upload
secret-key-files = ${config.sops.secrets.binary-cache-secret-key.path}
netrc-file = ${config.sops.secrets.nix-netrc.path}
experimental-features = nix-command flakes
'' + lib.optionalString config.sbruder.full ''
# Keep output of derivations with gc root
keep-outputs = true
keep-derivations = true
'';
# Make nix build in background less noticeable
daemonNiceLevel = 10;
daemonIONiceLevel = 5; # 0-7
};
nixpkgs.overlays = with inputs; [
self.overlay
nixpkgs-overlay.overlay
(final: prev: {
unstable = import nixpkgs-unstable {
inherit (config.nixpkgs)
config
overlays
system;
};
})
AriaNg.overlay
];
}