46 lines
1.1 KiB
Nix
46 lines
1.1 KiB
Nix
{
|
|
lib,
|
|
pkgs,
|
|
nixpkgs,
|
|
...
|
|
}: {
|
|
# restrict nix command to sudoers
|
|
nix.settings.allowed-users = ["root" "@wheel"];
|
|
nix.settings.trusted-users = ["root" "@wheel"];
|
|
|
|
# experimental features
|
|
nix.settings.experimental-features = ["nix-command" "flakes"];
|
|
|
|
# limit number of cores when building
|
|
nix.settings.max-jobs = 6;
|
|
|
|
# optimizations
|
|
nix.settings.auto-optimise-store = true;
|
|
|
|
# garbage collection
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
# pin nixpkgs registry
|
|
nix.registry.nixpkgs.flake = nixpkgs;
|
|
|
|
# list of allowed unfree packages
|
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
|
builtins.elem (lib.getName pkg) [
|
|
"obsidian"
|
|
"vscode"
|
|
"vscode-extension-github-copilot"
|
|
"vscode-extension-github-copilot-chat"
|
|
"vscode-extension-ms-vsliveshare-vsliveshare"
|
|
];
|
|
|
|
# print diff between two generations
|
|
system.activationScripts.nvd-report-changes = ''
|
|
PATH=$PATH:${lib.makeBinPath [pkgs.nvd pkgs.nix]}
|
|
nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
|
|
'';
|
|
}
|