Group shared system settings

system/shared/nix/cachix.nix

@@ -0,0 +1,25 @@
+_: {
+  nix.settings = {
+    # Set up various binary cache providers, compiling everything is too slow and annoying
+    # these will be used on all machines, but there's really no reason not to include all
+    # providers, even if we won't pull some of the packages these cache
+    substituters = [
+      "https://cache.nixos.org"
+      "https://nix-community.cachix.org" # nix-community flake
+      "https://nixpkgs-unfree.cachix.org" # unfree-package cache
+      "https://numtide.cachix.org" # another unfree package cache
+      "https://nixpkgs-wayland.cachix.org" # automated builds of *some* wayland packages
+      "https://hyprland.cachix.org" # hyprland
+      "https://ags.cachix.org" # ags
+    ];
+    trusted-public-keys = [
+      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
+      "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+      "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
+      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+      "ags.cachix.org-1:naAvMrz0CuYqeyGNyLgE010iUiuf/qx6kYrUv3NwAJ8="
+    ];
+  };
+}

system/shared/nix/default.nix

@@ -0,0 +1,43 @@
+{ pkgs, ... }:
+{
+
+  imports = [
+    ./cachix.nix
+    ./gc.nix
+  ];
+
+  system.autoUpgrade.enable = false;
+
+  nix = {
+    settings = {
+      # enable flakes support
+      experimental-features = [ "nix-command" "flakes" ];
+
+      # Keep the built outputs of derivations in Nix store, even if the package is no longer needed
+      # - prevents the need to rebuild/redownload if it becomes a dependency again
+      # - helps with debugging or reverting to previous state
+      keep-outputs = true;
+      # Keep the derivations themselves too. A derivation describes how to build a package.
+      # - allows inspecting the build process of a package for debugging or educational purposes
+      # - allows rebuilding a package from its exact specification without having to fetch again
+      # - ensures we can reproduce a build even if the original online source goes down/changes
+      keep-derivations = true;
+
+      # Give these users/groups additional rights when connecting to the Nix daemon
+      # like specifying extra binary caches
+      trusted-users = [ "root" "@wheel" ];
+
+      # Tell nix to use xdg base directories
+      # If you're just setting this, you will need to move the directories
+      # manually, nix won't do it for you:
+      # - mv "$HOME/.nix-defexpr" "$XDG_STATE_HOME/nix/defexpr"
+      # - mv "$HOME/.nix-profile" "$XDG_STATE_HOME/nix/profile" 
+      use-xdg-base-directories = true;
+    };
+  };
+
+  nixpkgs.config.allowUnfree = true;
+
+  # Git is needed for flakes
+  environment.systemPackages = [ pkgs.git ];
+}

system/shared/nix/gc.nix

@@ -0,0 +1,27 @@
+_: {
+  nix = {
+    settings = {
+      # nix often takes up a lot of space, with /nix/store growing beyond reasonable sizes
+      # this turns on automatic optimisation of the nix store that will run during every build
+      # (alternatively, you can do this manually with `nix-store --optimise`)
+      auto-optimise-store = true;
+    };
+
+    # Enable automatic garbage collection, deleting entries older than 7 days
+    # you can also run this manually with `nix-store --gc --delete-older-than 7d`.
+    # If a result still exists in the file system, all the dependencies used to build
+    # it will be kept.
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d";
+    };
+
+    # Also run garbage colleciton whenever there is not enough space left,
+    # freeing up to 1 GiB whenever there is less than 512MiB left.
+    extraOptions = ''
+      min-free = ${toString (512 * 1024 * 1024)}
+      max-free = ${toString (1024 * 1024 * 1024)}
+    '';
+  };
+}