diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index dbb8c07..c6d618b 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -25,6 +25,13 @@ in enable = mkBoolOpt false "Whether or not to manage nix configuration."; package = mkOpt package pkgs.nix "Which nix package to use."; + default-substituter = { + url = mkOpt str "https://cache.nixos.org" "The url for the substituter."; + key = + mkOpt str "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "The trusted public key for the substituter."; + }; + extra-substituters = mkOpt (attrsOf substituters-submodule) { } "Extra substituters to configure."; }; @@ -51,6 +58,7 @@ in nix = let users = [ + "root" config.metacfg.user.name ] ++ optional config.services.hydra.enable "hydra"; @@ -67,11 +75,19 @@ in sandbox = true; auto-optimise-store = true; trusted-users = users; - allowed-users = [ "@users" ]; + allowed-users = [ + "@users" + "root" + ]; - # NixOS already adds cache.nixos.org by default, only add extra substituters - substituters = mapAttrsToList (name: _: name) extra-substituters; - trusted-public-keys = mapAttrsToList (_: value: value.key) extra-substituters; + substituters = [ + cfg.default-substituter.url + ] + ++ (mapAttrsToList (name: value: name) extra-substituters); + trusted-public-keys = [ + cfg.default-substituter.key + ] + ++ (mapAttrsToList (name: value: value.key) extra-substituters); } // (lib.optionalAttrs config.metacfg.tools.direnv.enable { diff --git a/systems/x86_64-linux/amd/default.nix b/systems/x86_64-linux/amd/default.nix index c1caf72..6af1ef4 100644 --- a/systems/x86_64-linux/amd/default.nix +++ b/systems/x86_64-linux/amd/default.nix @@ -1,6 +1,7 @@ { pkgs, lib, + config, ... }: with lib; @@ -18,6 +19,9 @@ with lib.metacfg; 22000 ]; + programs.ccache.enable = true; + nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; + services.tailscale.enable = true; services.cratedocs-mcp.enable = true;