nixos-config/config/nix.nix

121 lines
3.4 KiB
Nix
Raw Normal View History

2022-06-12 16:39:15 +01:00
{
pkgs,
lib,
config,
system,
2023-01-17 10:42:06 +01:00
attic,
2022-06-12 16:39:15 +01:00
...
2022-11-10 12:08:59 +01:00
}: let
post-build-hook = pkgs.writeScript "post-build-hook" ''
2023-01-17 11:02:41 +01:00
#!${pkgs.bash}/bin/bash
2022-11-10 12:08:59 +01:00
set -euf
export IFS=' '
2023-01-20 20:20:55 +01:00
until ${attic.packages.${system}.attic-client}/bin/attic push chir-rs $OUT_PATHS; do
2023-01-17 11:02:41 +01:00
sleep 5
echo "Retrying..."
done
2022-11-10 12:08:59 +01:00
'';
in {
2022-01-27 17:16:42 +01:00
imports = [
./workarounds
];
2023-01-17 10:42:06 +01:00
sops.secrets."attic/config.toml" = {
sopsFile = ../secrets/shared.yaml;
owner = "root";
key = "attic/config.toml";
path = "/root/.config/attic/config.toml";
};
2022-01-14 14:03:14 +01:00
nixpkgs.config.allowUnfree = true;
nix = {
settings = {
sandbox = true;
2023-01-14 20:58:07 +01:00
trusted-users = ["@wheel" "remote-build"];
2022-04-12 10:37:53 +01:00
require-sigs = true;
2022-02-08 10:48:37 +01:00
builders-use-substitutes = true;
2022-03-03 08:50:45 +01:00
substituters = [
2023-01-17 11:02:41 +01:00
"https://attic.chir.rs/chir-rs/"
2022-04-12 10:33:58 +01:00
];
trusted-public-keys = [
"nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg="
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
2023-01-17 11:02:41 +01:00
"chir-rs:AnwyFacopHSkprD6aXY4/R3J9JYzTbV2rosJCBPaB28="
2022-03-03 08:50:45 +01:00
];
2022-11-10 12:08:59 +01:00
post-build-hook = "${post-build-hook}";
2023-01-17 11:02:41 +01:00
auto-optimise-store = true;
};
2022-09-13 18:27:49 +01:00
package = pkgs.nix;
2022-01-14 14:03:14 +01:00
extraOptions = ''
experimental-features = nix-command flakes ca-derivations
2022-01-14 14:03:14 +01:00
'';
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
2023-05-21 18:32:58 +01:00
buildMachines = with lib;
mkMerge [
(mkIf (config.networking.hostName != "nas") [
{
hostName = "build-nas";
systems = [
"armv7l-linux"
"powerpc-linux"
"powerpc64-linux"
"powerpc64le-linux"
"riscv32-linux"
"riscv64-linux"
"wasm32-wasi"
"x86_64-linux"
"i686-linux"
];
maxJobs = 12;
speedFactor = 1;
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark" "gccarch-znver1" "gccarch-skylake" "ca-derivations"];
}
])
(mkIf (config.networking.hostName != "nutty-noon") [
{
hostName = "build-pc";
systems = [
"armv7l-linux"
"powerpc-linux"
"powerpc64-linux"
"powerpc64le-linux"
"riscv32-linux"
"riscv64-linux"
"wasm32-wasi"
"x86_64-linux"
"i686-linux"
];
maxJobs = 16;
speedFactor = 2;
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark" "gccarch-znver2" "gccarch-znver1" "gccarch-skylake" "ca-derivations"];
}
])
(mkIf (config.networking.hostName != "instance-20221213-1915") [
{
hostName = "build-aarch64";
systems = [
"aarch64-linux"
];
maxJobs = 4;
speedFactor = 1;
supportedFeatures = ["nixos-test" "benchmark" "ca-derivations" "gccarch-armv8-a" "gccarch-armv8.1-a" "gccarch-armv8.2-a" "big-parallel"];
}
])
];
2022-02-08 10:48:37 +01:00
distributedBuilds = true;
2022-01-14 14:03:14 +01:00
};
2022-01-14 14:07:01 +01:00
system.autoUpgrade = {
2023-01-17 10:42:06 +01:00
enable = true;
2023-04-09 13:14:26 +01:00
flake = "git+https://git.chir.rs/darkkirb/nixos-config?ref=main";
2022-01-14 14:07:01 +01:00
flags = [
"--no-write-lock-file"
"-L" # print build logs
];
2022-02-18 20:43:14 +01:00
dates = "hourly";
2023-01-17 10:42:06 +01:00
randomizedDelaySec = "1h";
2022-01-14 14:07:01 +01:00
};
2022-01-27 17:16:42 +01:00
systemd.services.nix-daemon.environment.TMPDIR = "/build";
2022-01-14 14:03:14 +01:00
}