{ lib , config , pkgs , ... }: let gcc-system-features = arch: lib.optionals (arch != null) ([ "gccarch-${arch}" ] ++ map (x: "gccarch-${x}") lib.systems.architectures.inferiors.${arch}); in { options = { simd.arch = lib.mkOption { type = with lib.types; nullOr str; default = null; description = '' Microarchitecture string for nixpkgs.hostPlatform.gcc.march and to generate system-features. Can be determined with: gcc -march=native -Q --help=target | grep march ''; }; }; imports = [ ./builder.nix ]; config = { warnings = lib.optionals (config.simd.arch == null) [ "Please set simd.arch for ${config.networking.hostName}" ]; # Allow more open files for non-root users to run NixOS VM tests. security.pam.loginLimits = [ { domain = "*"; item = "nofile"; type = "-"; value = "20480"; } ]; nix = { # Garbage-collect often gc.automatic = true; gc.dates = "*:45"; gc.options = ''--max-freed "$((128 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 | ${pkgs.gawk}/bin/awk '{ print $4 }')))"''; # Randomize GC to avoid thundering herd effects. gc.randomizedDelaySec = "1800"; # 2.11, 2.12 suffers from a bug with remote builders… package = pkgs.nixVersions.nix_2_13; # should be enough? nrBuildUsers = 128; # https://github.com/NixOS/nix/issues/719 daemonCPUSchedPolicy = "batch"; daemonIOSchedClass = "best-effort"; daemonIOSchedPriority = 5; settings = { keep-outputs = true; keep-derivations = true; max-jobs = 42; # 64 is too much, it will explode the RAM for now. Let's keep it serious. # in zfs we trust fsync-metadata = lib.boolToString (!config.boot.isContainer or config.fileSystems."/".fsType != "zfs"); substituters = [ "https://nix-community.cachix.org" "https://tum-dse.cachix.org" ]; system-features = [ "benchmark" "big-parallel" "kvm" "nixos-test" ] ++ gcc-system-features config.simd.arch; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "tum-dse.cachix.org-1:v67rK18oLwgO0Z4b69l30SrV1yRtqxKpiHodG4YxhNM=" ]; }; }; nixpkgs.config.allowUnfree = true; }; }