faukah/nichts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

wpaperd initial config

Browse source
This commit is contained in:
Charlie Root 2024-07-24 17:47:16 +02:00
commit b9824d3aa7
14 changed files with 205 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

40
modules/system/nix/documentation.nix
View file

@ -4,25 +4,25 @@
# whether to enable the `doc` output of packages
# generally in ${pkg}/share/ as plaintext or html
# # can shave off a few megabytes
# doc.enable = false;
#
# # whether to install the `info` command and the `info`
# # output of packages
# info.enable = false;
#
# man = {
# # Whether to install manual pages
# # this means packages that provide a `man` output will have said output
# # included in the final closure
# enable = true;
#
# # Whether to generate the manual page index caches
# # if true, it becomes possible to search for a page or keyword
# # using utilities like apropos(1) and the -k option of man(1).
# generateCaches = true;
#
# # Whether to enable mandoc as the default man page viewer.
# mandoc.enable = false; # my default manpage viewer is Neovim, so this isn't necessary
# };
doc.enable = false;
# whether to install the `info` command and the `info`
# output of packages
info.enable = false;
man = {
# Whether to install manual pages
# this means packages that provide a `man` output will have said output
# included in the final closure
enable = true;
# Whether to generate the manual page index caches
# if true, it becomes possible to search for a page or keyword
# using utilities like apropos(1) and the -k option of man(1).
generateCaches = true;
# Whether to enable mandoc as the default man page viewer.
mandoc.enable = false; # my default manpage viewer is Neovim, so this isn't necessary
};
};
}

202
modules/system/nix/module.nix
View file

@ -1,79 +1,79 @@
{pkgs, ...}: {
imports = [
./documentation.nix # nixos documentation
./nixpkgs.nix # global nixpkgs configuration.nix
# ./nixpkgs.nix # global nixpkgs configuration.nix
];
nix = {
# Lix, Nix but gay!
# package = pkgs.lix;
#
# # Run the Nix daemon on lowest possible priority so that my system
# # stays responsive during demanding tasks such as GC and builds.
# # This is especially useful while auto-gc and auto-upgrade are enabled
# # as they can be quite demanding on the CPU.
# daemonCPUSchedPolicy = "idle";
# daemonIOSchedClass = "idle";
# daemonIOSchedPriority = 7;
#
# # Collect garbage
# gc = {
# automatic = true;
# dates = "20:00";
# options = "--delete-older-than 7d";
# persistent = false; # don't try to catch up on missed GC runs
# };
#
# # Automatically optimize nix store by removing hard links
# # do it after the gc.
# optimise = {
# automatic = true;
# dates = ["21:00"];
# };
#
package = pkgs.lix;
# Run the Nix daemon on lowest possible priority so that my system
# stays responsive during demanding tasks such as GC and builds.
# This is especially useful while auto-gc and auto-upgrade are enabled
# as they can be quite demanding on the CPU.
daemonCPUSchedPolicy = "idle";
daemonIOSchedClass = "idle";
daemonIOSchedPriority = 7;
# Collect garbage
gc = {
automatic = true;
dates = "20:00";
options = "--delete-older-than 7d";
persistent = false; # don't try to catch up on missed GC runs
};
# Automatically optimize nix store by removing hard links
# do it after the gc.
optimise = {
automatic = true;
dates = ["21:00"];
};
settings = {
# Tell nix to use the xdg spec for base directories
# while transitioning, any state must be carried over
# manually, as Nix won't do it for us.
# use-xdg-base-directories = true;
#
# # Automatically optimise symlinks
# auto-optimise-store = true;
#
# # Allow sudo users to mark the following values as trusted
# allowed-users = ["root" "@wheel" "nix-builder"];
#
# # Only allow sudo users to manage the nix store
# trusted-users = ["root" "@wheel" "nix-builder"];
#
# # Let the system decide the number of max jobs
# # based on available system specs. Usually this is
# # the same as the number of cores your CPU has.
# max-jobs = "auto";
#
# # Always build inside sandboxed environments
# sandbox = true;
# sandbox-fallback = false;
#
# # Continue building derivations even if one fails
# keep-going = true;
#
# # Fallback to local builds after remote builders are unavailable.
# # Setting this too low on a slow network may cause remote builders
# # to be discarded before a connection can be established.
# connect-timeout = 5;
#
# # If we haven't received data for >= 20s, retry the download
# stalled-download-timeout = 20;
#
# # Show more logs when a build fails and decides to display
# # a bunch of lines. `nix log` would normally provide more
# # information, but this may save us some time and keystrokes.
# log-lines = 30;
#
# # Extra features of Nix that are considered unstable
# # and experimental. By default we should always include
# # `flakes` and `nix-command`, while others are usually
use-xdg-base-directories = true;
# Automatically optimise symlinks
auto-optimise-store = true;
# Allow sudo users to mark the following values as trusted
allowed-users = ["root" "@wheel" "nix-builder"];
# Only allow sudo users to manage the nix store
trusted-users = ["root" "@wheel" "nix-builder"];
# Let the system decide the number of max jobs
# based on available system specs. Usually this is
# the same as the number of cores your CPU has.
max-jobs = "auto";
# Always build inside sandboxed environments
sandbox = true;
sandbox-fallback = false;
# Continue building derivations even if one fails
keep-going = true;
# Fallback to local builds after remote builders are unavailable.
# Setting this too low on a slow network may cause remote builders
# to be discarded before a connection can be established.
connect-timeout = 5;
# If we haven't received data for >= 20s, retry the download
stalled-download-timeout = 20;
# Show more logs when a build fails and decides to display
# a bunch of lines. `nix log` would normally provide more
# information, but this may save us some time and keystrokes.
log-lines = 30;
# Extra features of Nix that are considered unstable
# and experimental. By default we should always include
# `flakes` and `nix-command`, while others are usually
# optional.
extra-experimental-features = [
"flakes" # flakes
@ -82,39 +82,39 @@
];
# Ensures that the result of Nix expressions is fully determined by
# # explicitly declared inputs, and not influenced by external state.
# # In other words, fully stateless evaluation by Nix at all times.
# # pure-eval = true;
#
# # Don't warn me that my git tree is dirty, I know.
# warn-dirty = false;
#
# # Maximum number of parallel TCP connections
# # used to fetch imports and binary caches.
# # 0 means no limit, default is 25.
# http-connections = 50; # lower values fare better on slow connections
#
# # Whether to accept nix configuration from a flake
# # without displaying a Y/N prompt. For those obtuse
# # enough to keep this true, I wish the best of luck.
# # tl;dr: this is a security vulnerability.
# accept-flake-config = false;
#
# # Whether to execute builds inside cgroups. cgroups are
# # "a Linux kernel feature that limits, accounts for, and
# # isolates the resource usage (CPU, memory, disk I/O, etc.)
# # of a collection of processes."
# # See:
# # <https://en.wikipedia.org/wiki/Cgroups>
# # use-cgroups = pkgs.stdenv.isLinux; # only supported on Linux
#
# # for direnv GC roots
# keep-derivations = true;
# keep-outputs = true;
#
# # Use binary cache, this is not Gentoo
# # external builders can also pick up those substituters
# builders-use-substitutes = true;
# explicitly declared inputs, and not influenced by external state.
# In other words, fully stateless evaluation by Nix at all times.
pure-eval = true;
# Don't warn me that my git tree is dirty, I know.
warn-dirty = false;
# Maximum number of parallel TCP connections
# used to fetch imports and binary caches.
# 0 means no limit, default is 25.
http-connections = 50; # lower values fare better on slow connections
# Whether to accept nix configuration from a flake
# without displaying a Y/N prompt. For those obtuse
# enough to keep this true, I wish the best of luck.
# tl;dr: this is a security vulnerability.
accept-flake-config = false;
# Whether to execute builds inside cgroups. cgroups are
# "a Linux kernel feature that limits, accounts for, and
# isolates the resource usage (CPU, memory, disk I/O, etc.)
# of a collection of processes."
# See:
# <https://en.wikipedia.org/wiki/Cgroups>
use-cgroups = pkgs.stdenv.isLinux; # only supported on Linux
# for direnv GC roots
keep-derivations = true;
keep-outputs = true;
# Use binary cache, this is not Gentoo
# external builders can also pick up those substituters
builders-use-substitutes = true;
# Substituters to pull from. While sigs are disabled, we must
# make sure the substituters listed here are trusted.
@ -146,7 +146,7 @@
# and contribute heavily to you wanting to get a new desktop.
# For those curious (such as myself) desktops are always seen as "AC powered"
# so the system will not fail to fire if you are on a desktop system.
# systemd.services.nix-gc = {
# unitConfig.ConditionACPower = true;
# };
systemd.services.nix-gc = {
unitConfig.ConditionACPower = true;
};
}

73
modules/system/nix/nixpkgs.nix
View file

@ -5,41 +5,42 @@
nixpkgs = {
# Configuration reference:
# <https://nixos.org/manual/nixpkgs/unstable/#chap-packageconfig>
# config = {
# # Allow broken packages to be built. Setting this to false means packages
# # will refuse to evaluate sometimes, but only if they have been marked as
# # broken for a specific reason. At that point we can either try to solve
# # the breakage, or get rid of the package entirely.
# allowBroken = false;
# allowUnsupportedSystem = true;
#
# # Really a pain in the ass to deal with when disabled. True means
# # we are able to build unfree packages without explicitly allowing
# # each unfree package.
# allowUnfree = true;
#
# # Default to none, add more as necessary. This is usually where
# # electron packages go when they reach EOL.
# permittedInsecurePackages = [];
#
# # Nixpkgs sets internal package aliases to ease migration from other
# # distributions easier, or for convenience's sake. Even though the manual
# # and the description for this option recommends this to be true, I prefer
# # explicit naming conventions, i.e., no aliases.
# allowAliases = true;
#
# # Enable parallel building by default. This, in theory, should speed up building
# # derivations, especially rust ones. However setting this to true causes a mass rebuild
# # of the *entire* system closure, so it must be handled with proper care.
# enableParallelBuildingByDefault = false;
#
# # List of derivation warnings to display while rebuilding.
# # See: <https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/check-meta.nix>
# # NOTE: "maintainerless" can be added to emit warnings
# # about packages without maintainers but it seems to me
# # like there are more packages without maintainers than
# # with maintainers, so it's disabled for the time being.
# showDerivationWarnings = [];
# };
hostPlatform = "x86_64-linux";
config = {
# Allow broken packages to be built. Setting this to false means packages
# will refuse to evaluate sometimes, but only if they have been marked as
# broken for a specific reason. At that point we can either try to solve
# the breakage, or get rid of the package entirely.
allowBroken = false;
allowUnsupportedSystem = true;
# Really a pain in the ass to deal with when disabled. True means
# we are able to build unfree packages without explicitly allowing
# each unfree package.
allowUnfree = true;
# Default to none, add more as necessary. This is usually where
# electron packages go when they reach EOL.
permittedInsecurePackages = [];
# Nixpkgs sets internal package aliases to ease migration from other
# distributions easier, or for convenience's sake. Even though the manual
# and the description for this option recommends this to be true, I prefer
# explicit naming conventions, i.e., no aliases.
allowAliases = true;
# Enable parallel building by default. This, in theory, should speed up building
# derivations, especially rust ones. However setting this to true causes a mass rebuild
# of the *entire* system closure, so it must be handled with proper care.
enableParallelBuildingByDefault = true;
# List of derivation warnings to display while rebuilding.
# See: <https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/check-meta.nix>
# NOTE: "maintainerless" can be added to emit warnings
# about packages without maintainers but it seems to me
# like there are more packages without maintainers than
# with maintainers, so it's disabled for the time being.
showDerivationWarnings = [];
};
};
}