Nix (extended)
A wrapper for setting up sane defaults for nix usage depending on machine type or use case.
Features:
- profile types: [
basicdevelopbuilderserver]- sets nix scheduling + nix settings defaults
- useful tools included per profile
- registry: add your own entries to registry with
provision.nix.flakes.registry, automatically sets entries if entry is in flake’sinputs - users: add trusted/allowed users
- cache: add substituters and public keys
- optimise: some defaults + enablement for garbage collection optimisation
Module Options Reference for provision.nix
Basic Profile
provision.nix.basic = true default options:
- auto-generate manpage caches after switching to generation
- change daemon scheduling to batch + class to idle to lower impact of nix on other machine operations
- increase some defaults in nix settings + auto-enabled
nix-commandandflakes - lower
connect-timeoutand increasedownload-buffer-size - add some basic tools
Snippet
(mkIf cfg.basic {
# auto-geneate manpage caches docs when first switching to a new generation
documentation.man.generateCaches = true;
nix.daemonCPUSchedPolicy = mkDefault "batch"; # slightly better than default, change to idle if very resource constrained
nix.daemonIOSchedClass = mkDefault "idle";
nix.daemonIOSchedPriority = mkDefault 7; # lowest priority
nix.settings = {
fallback = true; # if true, fall back to building source if missing in cache
sandbox = true;
# frees garbage until `max-free` when disk space drops below `min-free` during a build
min-free = mkDefault 536870912; # 500MB
max-free = mkDefault 1036870912; # 1GB
experimental-features = [
"nix-command"
"flakes"
];
connect-timeout = mkDefault 5; # timeout for substituters
download-buffer-size = mkDefault 524288000; # increase to 500MB (default: 64MB)
};
environment.systemPackages = with pkgs; [
nix-du # A tool to determine which gc-roots take space in your nix store
nix-output-monitor # nom, pretty build printing
nix-tree # Interactively browse a Nix store paths dependencies
nvd # Nix/NixOS package version diff tool
];
})
(mkIf cfg.develop {
Dev Profile
provision.nix.dev = true default options:
- enables
keep-outputsandkeep-derivations - increases
log-linesreturned from build failure (triples the default of20) - more useful dev tools
Snippet
nix.settings = {
keep-outputs = true;
keep-derivations = true;
log-lines = mkDefault 60; # double loglines shown after build failure
};
environment.systemPackages = with pkgs; [
nix-doc # An interactive Nix documentation tool
nix-diff # Explain why two Nix derivations differ
nix-init # Command line tool to generate Nix packages from URLs
nix-inspect # TUI to inspect nix expresions and configurations
nix-ld # Run unpatched dynamic binaries on NixOS
nix-melt # A ranger-like flake.lock viewer
nix-output-monitor # nom, pretty build printing
nix-search-cli # cli tool that search nixos.org, can search for packages
nix-template # Make creating nix expressions easy
nurl # generate fetchers from url
];
})
Builder Profile
provision.nix.builder = true default options:
- enables
keep-outputsandkeep-derivations - adds extra system features (this may be legacy according to 2.28 ocs
- adds a
max-silent-timeof 10 minutes to stop checks with no output for 10 mins to timeout
Snippet
(mkIf cfg.builder {
nix.settings = {
keep-outputs = true;
keep-derivations = true;
system-features = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
max-silent-time = mkDefault 600; # timeout after 10mins if no stdout in build
};
environment.systemPackages = with pkgs; [
nix-tree # Interactively browse a Nix store paths dependencies
nvd # Nix/NixOS package version diff tool
nix-output-monitor # nom, pretty build printing
];
})