mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 04:38:44 +08:00
docker enable buildkit
This commit is contained in:
parent
db9ee70565
commit
dde7708616
@ -2,56 +2,11 @@ inputs:
|
||||
{
|
||||
config =
|
||||
{
|
||||
nix =
|
||||
{
|
||||
settings =
|
||||
{
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
keep-outputs = true;
|
||||
system-features = [ "big-parallel" ];
|
||||
keep-failed = true;
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
daemonIOSchedClass = "idle";
|
||||
daemonCPUSchedPolicy = "idle";
|
||||
registry =
|
||||
{
|
||||
nixpkgs.flake = inputs.topInputs.nixpkgs;
|
||||
nixos-config.flake = inputs.topInputs.self;
|
||||
};
|
||||
# nixPath =
|
||||
# [
|
||||
# "nixpkgs=/etc/channels/nixpkgs"
|
||||
# "nixos-config=/etc/nixos/configuration.nix"
|
||||
# "/nix/var/nix/profiles/per-user/root/channels"
|
||||
# ];
|
||||
};
|
||||
time.timeZone = "Asia/Shanghai";
|
||||
system =
|
||||
{
|
||||
stateVersion = "22.11";
|
||||
configurationRevision = inputs.topInputs.self.rev or "dirty";
|
||||
};
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
systemd =
|
||||
{
|
||||
extraConfig =
|
||||
"
|
||||
DefaultTimeoutStopSec=10s
|
||||
DefaultLimitNOFILE=1048576:1048576
|
||||
";
|
||||
user.extraConfig = "DefaultTimeoutStopSec=10s";
|
||||
sleep.extraConfig =
|
||||
systemd.sleep.extraConfig =
|
||||
"
|
||||
SuspendState=freeze
|
||||
HibernateMode=shutdown
|
||||
";
|
||||
services.nix-daemon.serviceConfig = { Slice = "-.slice"; Nice = "19"; };
|
||||
timers.systemd-tmpfiles-clean.enable = false;
|
||||
};
|
||||
programs.nix-ld.enable = true;
|
||||
boot = { supportedFilesystems = [ "ntfs" ]; consoleLogLevel = 7; };
|
||||
hardware.enableAllFirmware = true;
|
||||
security.pam =
|
||||
{
|
||||
u2f = { enable = true; cue = true; authFile = ./u2f_keys; };
|
||||
|
@ -4,7 +4,6 @@
|
||||
{
|
||||
nixpkgs =
|
||||
{
|
||||
config.allowUnfree = true;
|
||||
overlays =
|
||||
[(
|
||||
final: prev:
|
||||
@ -21,8 +20,6 @@
|
||||
}
|
||||
)];
|
||||
};
|
||||
services.dbus.implementation = "broker";
|
||||
programs.dconf.enable = true;
|
||||
hardware.opengl =
|
||||
{
|
||||
extraPackages = with inputs.pkgs; [ intel-media-driver intel-ocl ];
|
||||
@ -59,22 +56,5 @@
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
};
|
||||
boot.kernel.sysctl =
|
||||
{
|
||||
"net.core.rmem_max" = 67108864;
|
||||
"net.core.wmem_max" = 67108864;
|
||||
"net.ipv4.tcp_rmem" = "4096 87380 67108864";
|
||||
"net.ipv4.tcp_wmem" = "4096 65536 67108864";
|
||||
"net.ipv4.tcp_mtu_probing" = true;
|
||||
"net.ipv4.tcp_tw_reuse" = true;
|
||||
"vm.swappiness" = 10;
|
||||
"net.ipv4.tcp_max_syn_backlog" = 8388608;
|
||||
"net.core.netdev_max_backlog" = 8388608;
|
||||
"net.core.somaxconn" = 8388608;
|
||||
"vm.oom_kill_allocating_task" = true;
|
||||
"vm.oom_dump_tasks" = false;
|
||||
"vm.overcommit_memory" = 1;
|
||||
"dev.i915.perf_stream_paranoid" = false;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -9,18 +9,84 @@ inputs:
|
||||
[
|
||||
# generic
|
||||
{
|
||||
systemd.services =
|
||||
nix =
|
||||
{
|
||||
nix-daemon = { environment = { TMPDIR = "/var/cache/nix"; }; serviceConfig = { CacheDirectory = "nix"; }; };
|
||||
systemd-tmpfiles-setup = { environment = { SYSTEMD_TMPFILES_FORCE_SUBVOL = "0"; }; };
|
||||
settings =
|
||||
{
|
||||
system-features = [ "big-parallel" "nixos-test" "benchmark" ];
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
keep-outputs = true;
|
||||
keep-failed = true;
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
nix.settings.system-features = [ "nixos-test" "benchmark" ];
|
||||
services.udev.extraRules = stripeTabs
|
||||
daemonIOSchedClass = "idle";
|
||||
daemonCPUSchedPolicy = "idle";
|
||||
registry =
|
||||
{
|
||||
nixpkgs.flake = inputs.topInputs.nixpkgs;
|
||||
nixos-config.flake = inputs.topInputs.self;
|
||||
};
|
||||
};
|
||||
services =
|
||||
{
|
||||
udev.extraRules = stripeTabs
|
||||
''
|
||||
ACTION=="add|change", KERNEL=="[sv]d[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
|
||||
ACTION=="add|change", KERNEL=="nvme[0-9]n[0-9]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
|
||||
'';
|
||||
dbus.implementation = "broker";
|
||||
};
|
||||
networking.networkmanager.enable = true;
|
||||
programs = { dconf.enable = true; nix-ld.enable = true; };
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
time.timeZone = "Asia/Shanghai";
|
||||
system =
|
||||
{
|
||||
stateVersion = "22.11";
|
||||
configurationRevision = inputs.topInputs.self.rev or "dirty";
|
||||
};
|
||||
boot =
|
||||
{
|
||||
kernel.sysctl =
|
||||
{
|
||||
"net.core.rmem_max" = 67108864;
|
||||
"net.core.wmem_max" = 67108864;
|
||||
"net.ipv4.tcp_rmem" = "4096 87380 67108864";
|
||||
"net.ipv4.tcp_wmem" = "4096 65536 67108864";
|
||||
"net.ipv4.tcp_mtu_probing" = true;
|
||||
"net.ipv4.tcp_tw_reuse" = true;
|
||||
"vm.swappiness" = 10;
|
||||
"net.ipv4.tcp_max_syn_backlog" = 8388608;
|
||||
"net.core.netdev_max_backlog" = 8388608;
|
||||
"net.core.somaxconn" = 8388608;
|
||||
"vm.oom_kill_allocating_task" = true;
|
||||
"vm.oom_dump_tasks" = false;
|
||||
"vm.overcommit_memory" = 1;
|
||||
"dev.i915.perf_stream_paranoid" = false;
|
||||
};
|
||||
supportedFilesystems = [ "ntfs" ];
|
||||
consoleLogLevel = 7;
|
||||
};
|
||||
hardware.enableAllFirmware = true;
|
||||
systemd =
|
||||
{
|
||||
extraConfig = stripeTabs
|
||||
"
|
||||
DefaultTimeoutStopSec=10s
|
||||
DefaultLimitNOFILE=1048576:1048576
|
||||
";
|
||||
user.extraConfig = "DefaultTimeoutStopSec=10s";
|
||||
services =
|
||||
{
|
||||
nix-daemon =
|
||||
{
|
||||
serviceConfig = { CacheDirectory = "nix"; Slice = "-.slice"; Nice = "19"; };
|
||||
environment = { TMPDIR = "/var/cache/nix"; };
|
||||
};
|
||||
systemd-tmpfiles-setup = { environment = { SYSTEMD_TMPFILES_FORCE_SUBVOL = "0"; }; };
|
||||
};
|
||||
timers.systemd-tmpfiles-clean.enable = false;
|
||||
};
|
||||
}
|
||||
# hostname
|
||||
{ networking.hostName = inputs.config.nixos.system.hostname; }
|
||||
|
@ -21,7 +21,7 @@ inputs:
|
||||
mkIf inputs.config.nixos.virtualization.docker.enable { virtualisation.docker =
|
||||
{
|
||||
enable = true;
|
||||
rootless = { enable = true; setSocketVariable = true; };
|
||||
rootless = { enable = true; setSocketVariable = true; daemon.settings.features.buildkit = true; };
|
||||
enableNvidia = true;
|
||||
storageDriver = "overlay2";
|
||||
};}
|
||||
|
Loading…
Reference in New Issue
Block a user