profiles/common-nix: Migrate nix common config zu profile

profiles/common-nix/default.nix

@@ -0,0 +1,88 @@
+{ lib, pkgs, config, ... }:
+
+with lib;
+
+let
+
+  cfg = config.profiles.clerie.common-nix;
+
+in {
+
+  options.profiles.clerie.common-nix = {
+    enable = mkEnableOption "Common nix config";
+    useClerieNixCache = (mkEnableOption "Use nix cache from clerie") // {
+      default = true;
+    };
+  };
+
+  config = mkIf config.profiles.clerie.common-nix.enable {
+
+    clerie.nixfiles.enable = true;
+
+    clerie.system-auto-upgrade.enable = true;
+
+    nix.settings = {
+      trusted-users = [ "@wheel" "@guests" ];
+      auto-optimise-store = true;
+      # Keep buildtime dependencies
+      keep-outputs = true;
+      # Build local, when caches are broken
+      fallback = true;
+    };
+
+    nix.gc = lib.mkDefault {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 30d";
+    };
+
+
+    nix.settings = {
+      experimental-features = [
+        "flakes"
+        "nix-command"
+      ];
+      substituters = if cfg.useClerieNixCache then [
+        "https://nix-cache.clerie.de"
+      ] else [];
+      trusted-public-keys = if cfg.useClerieNixCache then [
+        "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g="
+      ] else [];
+    };
+
+    # Pin current nixpkgs channel and flake registry to the nixpkgs version
+    # the host got build with
+    nix.nixPath = lib.mkForce [ "nixpkgs=${lib.cleanSource pkgs.path}" ];
+    nix.registry = {
+      "nixpkgs" = lib.mkForce {
+         from = {
+           type = "indirect";
+           id = "nixpkgs";
+         };
+         to = {
+           type = "path";
+           path = lib.cleanSource pkgs.path;
+         };
+         exact = true;
+      };
+      "templates" = {
+         from = {
+           type = "indirect";
+           id = "templates";
+         };
+         to = {
+           type = "git";
+           url = "https://git.clerie.de/clerie/flake-templates.git";
+         };
+      };
+    };
+
+    documentation.doc.enable = false;
+
+    environment.systemPackages = with pkgs; [
+      nix-remove-result-links
+    ];
+
+  };
+
+}

profiles/common/default.nix

@@ -13,6 +13,7 @@ with lib;
     profiles.clerie.common-dns.enable = mkDefault true;
 
     profiles.clerie.common-networking.enable = mkDefault true;
+    profiles.clerie.common-nix.enable = mkDefault true;
 
     profiles.clerie.common-webserver.enable = mkDefault true;
 

profiles/default.nix

@@ -6,6 +6,7 @@
     ./common
     ./common-dns
     ./common-networking
+    ./common-nix
     ./common-webserver
     ./cybercluster-vm
     ./dn42-router