karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1d3a3cc80552eeec37bd5fcc443211248381c158
nix/hosts/common/configs/system/nix/default.nix
Nikolaos Karaolidis 4f3bf154c0 Fix substituter settings 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-05 12:31:41 +01:00

63 lines
1.5 KiB
Nix
Raw Blame History

{
config,
inputs,
lib,
...
}:
{
sops = {
secrets = {
"git/credentials/github.com/tokens/public".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
};
templates = {
nix-access-tokens = {
content = ''
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/tokens/public"}
'';
group = "users";
mode = "0440";
};
nix-netrc = {
content = ''
machine nix.karaolidis.com
password ${config.sops.placeholder."nix/cache/nix.karaolidis.com"}
'';
group = "users";
mode = "0440";
};
};
};
nix = {
settings = {
trusted-users = lib.mkAfter [ "@wheel" ];
use-xdg-base-directories = true;
experimental-features = [
"nix-command"
"flakes"
];
download-buffer-size = 524288000;
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
trusted-substituters = config.nix.settings.substituters;
trusted-public-keys = lib.mkBefore [ "main:nJVRBnv73MDkwuV5sgm52m4E2ImOhWHvY12qzjPegAk=" ];
netrc-file = config.sops.templates.nix-netrc.path;
};
channel.enable = false;
gc.automatic = true;
optimise.automatic = true;
registry.self.flake = inputs.self;
extraOptions = ''
!include ${config.sops.templates.nix-access-tokens.path}
'';
};
}
Reference in New Issue View Git Blame Copy Permalink