71 lines
1.7 KiB
Nix
71 lines
1.7 KiB
Nix
{ lib, config, pkgs, ... }:
|
|
let
|
|
inherit (lib) mkDefault mkForce;
|
|
in {
|
|
documentation.info.enable = mkForce false;
|
|
environment.memoryAllocator.provider = mkForce "mimalloc";
|
|
|
|
networking = {
|
|
nftables.enable = mkDefault true;
|
|
useNetworkd = mkDefault true;
|
|
};
|
|
|
|
nix = {
|
|
channel.enable = mkDefault false;
|
|
|
|
daemonCPUSchedPolicy = mkDefault "batch";
|
|
daemonIOSchedClass = mkDefault "best-effort";
|
|
daemonIOSchedPriority = mkDefault 7;
|
|
|
|
settings = {
|
|
experimental-features = [
|
|
"cgroups"
|
|
"dynamic-derivations"
|
|
"flakes"
|
|
"nix-command"
|
|
"pipe-operator"
|
|
"repl-flake"
|
|
];
|
|
|
|
allowed-users = config.users.users
|
|
|> lib.filterAttrs (_: user: user.isNormalUser)
|
|
|> lib.mapAttrsToList (_: user: user.name)
|
|
|> mkDefault;
|
|
trusted-users = mkDefault [ "@wheel" ];
|
|
|
|
builders-use-substitutes = mkDefault true;
|
|
http-connections = mkDefault 128;
|
|
max-substitution-jobs = mkDefault 32;
|
|
|
|
preallocate-contents = mkDefault true;
|
|
use-cgroups = mkDefault true;
|
|
use-sqlite-wal = mkForce true;
|
|
use-xdg-base-directories = mkDefault true;
|
|
};
|
|
|
|
/*
|
|
registry = {
|
|
nixpkgs.to = mkDefault {
|
|
type = "path";
|
|
path = pkgs.path;
|
|
narHash = lib.trim (builtins.readFile
|
|
(pkgs.runCommand "nixpkgs-hash" {
|
|
preferLocal = true;
|
|
} "${lib.getExe config.nix.package} hash path --sri --type sha256 ${pkgs.path} >$out"));
|
|
};
|
|
};
|
|
*/
|
|
};
|
|
|
|
security = {
|
|
sudo.enable = mkDefault false;
|
|
sudo-rs.enable = mkDefault true;
|
|
};
|
|
|
|
services = {
|
|
dbus.implementation = mkDefault "broker";
|
|
xserver.enable = mkForce false;
|
|
};
|
|
|
|
users.mutableUsers = mkDefault false;
|
|
}
|