73 lines
1.8 KiB
Nix
73 lines
1.8 KiB
Nix
{ config, lib, pkgs, namespace, host, ... }:
|
|
let
|
|
inherit (lib) types mkIf;
|
|
inherit (lib.${namespace}) mkBoolOpt mkOpt;
|
|
|
|
cfg = config.${namespace}.nix;
|
|
in
|
|
{
|
|
options.${namespace}.nix = {
|
|
enable = mkBoolOpt true "Whether or not to manage nix configuration.";
|
|
package = mkOpt types.package pkgs.nixVersions.latest "Which nix package to use.";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
nix =
|
|
let
|
|
users = [
|
|
"root"
|
|
"@wheel"
|
|
"nix-builder"
|
|
"evanreichard"
|
|
];
|
|
in
|
|
{
|
|
inherit (cfg) package;
|
|
|
|
buildMachines = lib.optional (config.${namespace}.security.sops.enable && host != "nixos-builder") {
|
|
hostName = "10.0.50.130";
|
|
systems = [ "x86_64-linux" ];
|
|
sshUser = "evanreichard";
|
|
protocol = "ssh";
|
|
sshKey = config.sops.secrets.builder_ssh_key.path;
|
|
supportedFeatures = [
|
|
"benchmark"
|
|
"big-parallel"
|
|
"nixos-test"
|
|
"kvm"
|
|
];
|
|
};
|
|
|
|
checkConfig = true;
|
|
distributedBuilds = true;
|
|
|
|
gc = {
|
|
automatic = true;
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
|
|
optimise.automatic = true;
|
|
|
|
settings = {
|
|
allowed-users = users;
|
|
auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux;
|
|
builders-use-substitutes = true;
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes "
|
|
];
|
|
flake-registry = "/etc/nix/registry.json";
|
|
http-connections = 50;
|
|
keep-derivations = true;
|
|
keep-going = true;
|
|
keep-outputs = true;
|
|
log-lines = 50;
|
|
sandbox = true;
|
|
trusted-users = users;
|
|
warn-dirty = false;
|
|
use-xdg-base-directories = true;
|
|
};
|
|
};
|
|
};
|
|
}
|