From 63adb41f1a060c21a68143eb9e86c2790ef66f36 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 8 Aug 2024 10:45:09 +0200 Subject: ... --- system-profiles/core/default.nix | 175 +++++++++++++++++++++------------------ 1 file changed, 96 insertions(+), 79 deletions(-) (limited to 'system-profiles/core') diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix index 6aee221f..c2c821b7 100644 --- a/system-profiles/core/default.nix +++ b/system-profiles/core/default.nix @@ -74,7 +74,7 @@ in { }; in foldr (def: mergeConfig def.value) {}; }; - description = mdDoc '' + description = '' The configuration of the Nix Packages collection. (For details, see the Nixpkgs documentation.) It allows you to set package configuration options. @@ -91,96 +91,113 @@ in { }; }; - config = { - networking.hostName = hostName; - system.configurationRevision = mkIf (flake ? rev) flake.rev; + config = foldr recursiveUpdate {} ([ + { + networking.hostName = hostName; + system.configurationRevision = mkIf (flake ? rev) flake.rev; - nixpkgs.pkgs = import (flakeInputs.${config.nixpkgs.flakeInput}.outPath + "/pkgs/top-level") { - overlays = attrValues flake.overlays; - config = config.nixpkgs.externalConfig; - localSystem = config.nixpkgs.system; - }; + nixpkgs.pkgs = import (flakeInputs.${config.nixpkgs.flakeInput}.outPath + "/pkgs/top-level") { + overlays = attrValues flake.overlays; + config = config.nixpkgs.externalConfig; + localSystem = config.nixpkgs.system; + }; - nix = { - package = if builtins.hasAttr "latest" pkgs.nixVersions then pkgs.nixVersions.latest else pkgs.nixUnstable; - settings = { - sandbox = true; - allowed-users = [ "*" ]; - trusted-users = [ "root" "@wheel" ]; + nix = { + package = if builtins.hasAttr "latest" pkgs.nixVersions then pkgs.nixVersions.latest else pkgs.nixUnstable; + settings = { + sandbox = true; + allowed-users = [ "*" ]; + trusted-users = [ "root" "@wheel" ]; - experimental-features = ["nix-command" "flakes" "auto-allocate-uids" "cgroups"]; - auto-allocate-uids = true; - use-cgroups = true; - use-xdg-base-directories = true; + experimental-features = ["nix-command" "flakes" "auto-allocate-uids" "cgroups"]; + auto-allocate-uids = true; + use-cgroups = true; + use-xdg-base-directories = true; - flake-registry = "${flakeInputs.flake-registry}/flake-registry.json"; + flake-registry = "${flakeInputs.flake-registry}/flake-registry.json"; + }; + nixPath = [ + "nixpkgs=${pkgs.runCommand "nixpkgs" {} '' + mkdir $out + ln -s ${./nixpkgs.nix} $out/default.nix + ln -s /run/nixpkgs/lib $out/lib + ''}" + ]; + registry = + let override = { self = "nixos"; }; + in mapAttrs' (inpName: inpFlake: nameValuePair + (override.${inpName} or inpName) + { flake = inpFlake; } ) flakeInputs; }; - nixPath = [ - "nixpkgs=${pkgs.runCommand "nixpkgs" {} '' - mkdir $out - ln -s ${./nixpkgs.nix} $out/default.nix - ln -s /run/nixpkgs/lib $out/lib + + systemd.tmpfiles.rules = [ + "L+ /run/nixpkgs - - - - ${flakeInputs.nixpkgs.outPath}" + "L+ /run/nixpkgs-overlays.nix - - - - ${pkgs.writeText "overlays.nix" '' + with builtins; + + attrValues (import + ( + let lock = fromJSON (readFile ${flake + "/flake.lock"}); in + fetchTarball { + url = "https://github.com/edolstra/flake-compat/archive/''${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; + } + ) + { src = ${flake}; } + ).defaultNix.overlays ''}" + "L+ /etc/nixos - - - - ${flake}" ]; - registry = - let override = { self = "nixos"; }; - in mapAttrs' (inpName: inpFlake: nameValuePair - (override.${inpName} or inpName) - { flake = inpFlake; } ) flakeInputs; - }; - - systemd.tmpfiles.rules = [ - "L+ /run/nixpkgs - - - - ${flakeInputs.nixpkgs.outPath}" - "L+ /run/nixpkgs-overlays.nix - - - - ${pkgs.writeText "overlays.nix" '' - with builtins; - - attrValues (import - ( - let lock = fromJSON (readFile ${flake + "/flake.lock"}); in - fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/''${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; - } - ) - { src = ${flake}; } - ).defaultNix.overlays - ''}" - ]; - - users.mutableUsers = false; - # documentation.nixos.includeAllModules = true; # incompatible with home-manager (build fails) + users.mutableUsers = false; - home-manager = { - useGlobalPkgs = true; # Otherwise home-manager would only work impurely - useUserPackages = false; - backupFileExtension = "bak"; - }; + documentation.nixos = { + includeAllModules = true; + options.warningsAreErrors = false; + }; - sops = mkIf hasSops { - age = { - keyFile = "/var/lib/sops-nix/key.txt"; - generateKey = false; - sshKeyPaths = []; + home-manager = { + useGlobalPkgs = true; # Otherwise home-manager would only work impurely + useUserPackages = false; + backupFileExtension = "bak"; }; - gnupg = { - home = null; - sshKeyPaths = []; + + sops = mkIf hasSops { + age = { + keyFile = "/var/lib/sops-nix/key.txt"; + generateKey = false; + sshKeyPaths = []; + }; + gnupg = { + home = null; + sshKeyPaths = []; + }; }; - }; - programs.git = { - enable = true; - lfs.enable = true; + programs.git = { + enable = true; + lfs.enable = true; + }; + environment.systemPackages = with pkgs; [ git-annex scutiger ]; + } + ] ++ (optional (options ? system.switch.enableNg) { + system.switch = lib.mkDefault { + enable = false; + enableNg = true; }; - environment.systemPackages = with pkgs; [ git-annex scutiger ]; - - system.activationScripts.symlink-flake = '' - if test -L /etc/nixos; then - ln -nsf ${flake} /etc/nixos - elif test -d /etc/nixos && rmdir --ignore-fail-on-non-empty /etc/nixos; then - ln -s ${flake} /etc/nixos - fi - ''; - }; + }) + ++ (optional (options ? system.etc) { + boot.initrd.systemd.enable = lib.mkDefault true; + system.etc.overlay.enable = lib.mkDefault true; + systemd.sysusers.enable = lib.mkDefault true; + + # Random perl remnants + system.disableInstallerTools = lib.mkDefault true; + programs.less.lessopen = lib.mkDefault null; + programs.command-not-found.enable = lib.mkDefault false; + boot.enableContainers = lib.mkDefault false; + boot.loader.grub.enable = lib.mkDefault false; + environment.defaultPackages = lib.mkDefault [ ]; + documentation.info.enable = lib.mkDefault false; + })); } -- cgit v1.2.3