forked from raito/shared-public-infra
69 lines
2.1 KiB
Nix
69 lines
2.1 KiB
Nix
{ lib
|
|
, config
|
|
, pkgs
|
|
, ...
|
|
}:
|
|
|
|
let
|
|
gcc-system-features = arch: lib.optionals (arch != null) ([ "gccarch-${arch}" ]
|
|
++ map (x: "gccarch-${x}") lib.systems.architectures.inferiors.${arch});
|
|
in
|
|
{
|
|
options = {
|
|
simd.arch = lib.mkOption {
|
|
type = with lib.types; nullOr str;
|
|
default = null;
|
|
description = ''
|
|
Microarchitecture string for nixpkgs.hostPlatform.gcc.march and to generate system-features.
|
|
Can be determined with: gcc -march=native -Q --help=target | grep march
|
|
'';
|
|
};
|
|
};
|
|
|
|
imports = [ ./builder.nix ];
|
|
|
|
config = {
|
|
warnings = lib.optionals (config.simd.arch == null) [ "Please set simd.arch for ${config.networking.hostName}" ];
|
|
# Allow more open files for non-root users to run NixOS VM tests.
|
|
security.pam.loginLimits = [
|
|
{ domain = "*"; item = "nofile"; type = "-"; value = "20480"; }
|
|
];
|
|
|
|
nix = {
|
|
# Garbage-collect often
|
|
gc.automatic = true;
|
|
gc.dates = "*:45";
|
|
gc.options = ''--max-freed "$((128 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 | ${pkgs.gawk}/bin/awk '{ print $4 }')))"'';
|
|
|
|
# Randomize GC to avoid thundering herd effects.
|
|
gc.randomizedDelaySec = "1800";
|
|
|
|
# 2.11, 2.12 suffers from a bug with remote builders…
|
|
package = pkgs.nixVersions.nix_2_13;
|
|
|
|
# should be enough?
|
|
nrBuildUsers = lib.mkDefault 32;
|
|
|
|
# https://github.com/NixOS/nix/issues/719
|
|
|
|
settings = {
|
|
keep-outputs = true;
|
|
keep-derivations = true;
|
|
# in zfs we trust
|
|
fsync-metadata = lib.boolToString (!config.boot.isContainer or config.fileSystems."/".fsType != "zfs");
|
|
substituters = [
|
|
"https://nix-community.cachix.org"
|
|
"https://tum-dse.cachix.org"
|
|
];
|
|
system-features = [ "benchmark" "big-parallel" "kvm" "nixos-test" ] ++ gcc-system-features config.simd.arch;
|
|
trusted-public-keys = [
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
"tum-dse.cachix.org-1:v67rK18oLwgO0Z4b69l30SrV1yRtqxKpiHodG4YxhNM="
|
|
];
|
|
};
|
|
};
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
};
|
|
}
|