refactor: cleanup nix cli configs [WIP]

common/profiles/nix/default.nix

@@ -1,75 +1,38 @@
-{
-  lib,
-  pkgs,
-  user,
-  ...
-}: {
+{ lib, pkgs, user, ... }: {
   # TODO: Move NixOS-specific config to `../../nixos/nix/`
   imports = [
-    ./cache
-    ./features
     ./access-tokens.nix
+    ./binary-caches.nix
+    ./ccache.nix
     ./diff.nix
     ./documentation.nix
+    ./features.nix
     ./gc.nix
     ./nixpkgs.nix
     ./optimize.nix
     ./overlays.nix
     ./registry.nix
     ./sandbox.nix
     ./shell.nix
-
     #./aliases.nix
-
-    #./build/content-addressed.nix
-    #./build/cross-compile.nix
-    #./build/extra-outputs.nix
-    #./build/logging.nix
-    #./build/remote-builders.nix
-    #./build/sandbox.nix
-
-    #./cache/binary/personal.nix
-    #./cache/binary/ssh-serve-store.nix
-    #./cache/binary/upstream.nix
-    #./cache/cachix/personal.nix
-    #./cache/cachix/local-server.nix
-    #./cache/compile/ccache.nix
-    #./cache/compile/sccache.nix
-    #./cache/compile/distccache.nix
-
-    #./features/channel-disable.nix
-    #./features/command.nix
-    #./features/flakes.nix
-    #./features/plugins.nix
-    #./features/registry.nix
-    #./features/repl.nix
-    #./features/recursive.nix
-
-    #./nixpkgs/allow-broken.nix
-    #./nixpkgs/allow-unfree.nix
-    #./nixpkgs/overlays
-
-    #./optimize/dedup.nix
-    #./optimize/garbage-collection.nix
-
-    #./shell/alias.nix
-    #./shell/completion.nix
-    #./shell/nix-path.nix
-    #./shell/linters.nix
-    #./shell/updaters.nix
+    #./build/{content-addressed,cross-compile,extra-outputs,logging,remote-builders,sandbox}.nix
+    #./cache/binary/{personal,upstream,ssh-serve-store}.nix
+    #./cache/cachix/{personal,local-server}.nix
+    #./cache/compile/{ccache,sccache,distccache}.nix
+    #./features/{channel-disable,command,flakes,plugin,registry,repl,recursive}.nix
+    #./nixpkgs/{allow-broken,allow-unfree,overlays}.nix
+    #./optimize/{dedup,gc}.nix
+    #./shell/{alias,completion,nix-path,linters,updaters}.nix
   ];
-
   nix = {
     channel.enable = false;
     package = pkgs.nixVersions.latest;
     settings = {
       allow-import-from-derivation = true;
       use-xdg-base-directories = true;
-
       allowed-users = ["*"];
       trusted-users = ["root" "@wheel" "@builders" user];
       build-users-group = lib.mkDefault "nixbld";
-
       keep-build-log = lib.mkDefault true;
       log-lines = lib.mkDefault 25;
       connect-timeout = lib.mkDefault 10;

common/profiles/nix/features.nix

@@ -0,0 +1,47 @@
+{ config, lib, pkgs, ... }: {
+  # https://nixos.wiki/wiki/Ca-derivations
+  # https://www.tweag.io/blog/2020-09-10-nix-cas/
+  # https://edolstra.github.io/pubs/phd-thesis.pdf#page=143
+  # https://discourse.nixos.org/t/tweag-nix-dev-update-12/13185/3
+  # nixpkgs.config.contentAddressedByDefault = lib.mkDefault false;
+
+  nix = {
+    package = lib.mkDefault pkgs.nixVersions.latest;
+    settings = {
+      accept-flake-config = true;
+      auto-allocate-uids = lib.mkIf pkgs.stdenv.isLinux true;
+      use-cgroups        = lib.mkIf pkgs.stdenv.isLinux true;
+      experimental-features = ["nix-command" "flakes"];
+      extra-experimental-features = [
+        "ca-derivations"
+        "dynamic-derivations"
+        "fetch-closure" "parse-toml-timestamps" "read-only-local-store"
+        #"git-hashing" # Note: Allow creating (content-addressed) store objects which are hashed via Git's hashing algorithm. These store objects will not be understandable by older versions of Nix.
+        "impure-derivations" "configurable-impure-env"
+        "recursive-nix"
+        "verified-fetches"
+      ] ++ (lib.optionals pkgs.stdenv.isLinux [ "auto-allocate-uids" "cgroups" ]);
+      extra-substituters        = ["https://cache.ngi0.nixos.org/"]; # content-address derivations cache
+      extra-trusted-public-keys = ["cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="];
+    };
+
+    # --- Experimental Features ---
+    # See: https://nixos.org/manual/nix/stable/contributing/experimental-features#xp-feature-auto-allocate-uids
+    # auto-allocate-uids = true; #     # Allow Nix to automatically pick builder UIDs, rather than creating `nixbld*` user accounts
+    # ca-derivations = true; #         # Allow content-addressed derivations. Prevent rebuild if derivation changes dont affect output (https://nixos.org/manual/nix/stable/language/advanced-attributes#adv-attr-__contentAddressed)
+    # cgroups = true; #                # Allow Nix to execute builds inside cgroups. See setting: `use-cgroups` (https://nixos.org/manual/nix/stable/contributing/experimental-features#conf-use-cgroups)
+    # daemon-trust-override = false; # # Allow forcing trusting/not-trusting clients w/ nix-daemon.
+    # dynamic-derivations = true; #    # Allow "text hashing" derivation outputs, to build `.drv` files. Deps in derivations on the outputs of derivations that are themselves derivations outputs
+    # fetch-closure = true; #          # Allow use of the `fetchClosure` builtin function in the Nix language.
+    # flakes = true; #                 # Enable flakes
+    # git-hashing = true; #            # Allow creating (content-addressed) store objects hashed via Git's hashing algo.
+    # impure-derivations = false; #    # Allow derivations to produce non-fixed outputs by setting derivation attr: `__impure=true`
+    # mounted-ssh-store = false; #     # Allow use of the mounted SSH store (https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-help-stores#experimental-ssh-store-with-filesytem-mounted)kj
+    # nix-command = true; #            # Enable new `nix` subcommands.
+    # no-url-literals = false; #       # Disallow unquoted URLs as part of Nix language syntax.
+    # parse-toml-timestamps = true; #  # Allow parsing of timestamps in `builtins.fromTOML`
+    # read-only-local-store = true; #  # Allow the use of the `read-only` parameter in local store URIs.
+    # recursive-nix = true; #          # Allow derivation builders to call Nix, thus building derivations recursively.
+    # verified-fetches = true; #       # Enables verification of git commit signatures through the fetchGit built-in.
+  };
+}

hm/profiles/nix/binary-caches.nix

@@ -1,34 +1,20 @@
-{ inputs
-, config
-, osConfig
-, lib
-, pkgs
-, ...
-}:
+{ config, lib, pkgs, osConfig, ... }:
 let
   defaults = {
-    substituters = [
-      "https://cache.nixos.org/"
-    ];
+    substituters = [ "https://cache.nixos.org/" ];
     extra-substituters = [ ];
-    trusted-substituters = [
-      "https://cache.nixos.org/"
-    ];
+    trusted-substituters = [ "https://cache.nixos.org/" ];
     extra-trusted-substituters = [ ];
-    trusted-public-keys = [
-      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
-    ];
+    trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
     extra-trusted-public-keys = [ ];
   };
 in
 {
-  imports = [
-    # Use same caches as NixOS system. home-manager config will only define extra caches to add on top.
-    ../../../common/profiles/nix/cache/binary-caches.nix
-  ];
-
   # --- Binary Cache -------------------
   # TODO: Find more binary caches for big projects & common software
+  # Use same caches as NixOS system. home-manager config will only define extra caches to add on top.
+  imports = [ ../../../common/profiles/nix/binary-caches.nix ];
+
   nix.settings =
     if (osConfig ? home-manager && osConfig.home-manager.useGlobalPkgs)
     then osConfig.nix.settings
@@ -61,15 +47,12 @@ in
     };
 
   # TODO: Make dir `../cache` ?
-  #
   # TODO: Move this config to: `../cache/binary.nix`  # Use Nix binary caches
   # TODO: Move this config to: `../cache/cachix.nix`  # Use private Cachix binary cache
   # TODO: Move this config to: `../cache/ccache.nix`  # Use compilation cache
   # TODO: Move this config to: `../cache/distcc.nix`  # Use distributed ccache
   # TODO: Move this config to: `../cache/sccache.nix` # Use Rust cache
-  #
   # TODO: Move this config to: `../cache/host.nix`    # Host private Nix binary cache
-  #
   # Use the system's ccache
   home.sessionVariables = lib.mkIf osConfig.programs.ccache.enable {
     CCACHE_DIR = osConfig.programs.ccache.cacheDir;