Christopher Mühl
ae2ee1fb77
Replace the S3-based Nix binary cache with Attic, a multi-tenant binary cache server with better deduplication and garbage collection. Changes: - Install attic-client system-wide from nixpkgs - Update substituter URL from s3.toph.so to cache.toph.so/toph - Replace S3 cache keys with Attic cache signing key - Add attic client config for endurance host The Attic cache provides the same functionality as the S3 cache but with improved performance and multi-tenancy support. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
63 lines
1.4 KiB
Nix
63 lines
1.4 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
inputs,
|
|
hostname,
|
|
...
|
|
}: {
|
|
nix = {
|
|
package = pkgs.lixPackageSets.stable.lix;
|
|
|
|
# TODO: Is this even needed with lix?
|
|
# extraOptions = ''
|
|
# experimental-features = nix-command flakes
|
|
# '';
|
|
|
|
# automatic cleanup
|
|
gc = {
|
|
automatic = true;
|
|
# TODO: nix-darwin uses "interval" as a key
|
|
dates = lib.mkIf (hostname != "vasa") "weekly";
|
|
options = "--delete-older-than 21d";
|
|
};
|
|
|
|
settings = {
|
|
# builders-use-substitutes = true;
|
|
experimental-features = ["nix-command" "flakes"];
|
|
flake-registry = "/etc/nix/registry.json";
|
|
|
|
keep-derivations = true;
|
|
keep-outputs = true;
|
|
|
|
trusted-users = ["root" "@wheel"];
|
|
substituters = [
|
|
"https://cache.nixos.org/"
|
|
"https://cache.toph.so/toph"
|
|
];
|
|
trusted-public-keys = [
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"toph:E/oP7KyljH/yprI5LArxNPpSlQCdo29sMOkh3jm53Yg="
|
|
];
|
|
};
|
|
};
|
|
|
|
nixpkgs = {
|
|
config = {
|
|
allowUnfree = true;
|
|
allowUnfreePredicate = pkg:
|
|
builtins.elem (lib.getName pkg) [
|
|
"cider-2"
|
|
];
|
|
|
|
permittedInsecurePackages = [
|
|
"python3.13-ecdsa-0.19.1" # pytr
|
|
# "nixos-config"
|
|
# "electron-36.9.5"
|
|
# "dotnet-sdk-6.0.428"
|
|
"olm-3.2.16"
|
|
];
|
|
};
|
|
|
|
overlays = import ../../overlays {inherit inputs lib;};
|
|
};
|
|
}
|