summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/nixpkgs.nix43
2 files changed, 44 insertions, 0 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 62db9a5a0..3d51076cf 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -21,6 +21,7 @@ let
./go.nix
./iptables.nix
./nginx.nix
+ ./nixpkgs.nix
./per-user.nix
./Reaktor.nix
./retiolum-bootstrap.nix
diff --git a/krebs/3modules/nixpkgs.nix b/krebs/3modules/nixpkgs.nix
new file mode 100644
index 000000000..4129f9483
--- /dev/null
+++ b/krebs/3modules/nixpkgs.nix
@@ -0,0 +1,43 @@
+{ config, pkgs, lib, ... }:
+with lib;
+let
+ cfg = config.krebs.nixpkgs;
+
+ out = {
+ options.krebs.nixpkgs = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "krebs.nixpkgs" // { default = true; };
+
+ allowUnfreePredicate = mkOption {
+ description = ''
+ This option is similar to `nixpkgs.config.allowUnfreePredicate'
+ but can be defined in several modules. An unfree package will be
+ allowed if any of the defined predicates returns true.
+ '';
+ type = types.nullOr (mkOptionType {
+ name = "Predicate";
+ check = isFunction;
+ merge = _locs: defs: pkg: let
+ evalPredicateDef = def: let
+ allow = def.value pkg;
+ in if cfg.verbose && allow
+ then trace "unfree ‘${pkg.name}’ allowed in ${def.file}" allow
+ else allow;
+ in any evalPredicateDef defs;
+ });
+ default = null;
+ };
+
+ verbose = mkOption {
+ type = types.bool;
+ default = false;
+ };
+ };
+
+ imp = mkIf (cfg.allowUnfreePredicate != null) {
+ nixpkgs.config.allowUnfreePredicate = cfg.allowUnfreePredicate;
+ };
+in out