ci: minor nix-in-docker improvements

This patch makes some minor improvements re nix-in-docker logic in the ci configuration:

• Update nixos/nix to the latest version
• Apply $CPUS to cores/max-jobs to avoid oversubscribing while allowing a reasonable degree of parallelism
• Remove redundant --extra-experimental-features nix-command in later nix shell invocations, it's already configured in /etc/nix/nix.conf