Migrate deprecated settings
This commit is contained in:
parent
076c42f090
commit
00000040af
|
@ -21,7 +21,7 @@
|
|||
];
|
||||
|
||||
boot = {
|
||||
cleanTmpDir = true;
|
||||
tmp.cleanOnBoot = true;
|
||||
kernel.sysctl = {
|
||||
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||
};
|
||||
|
@ -188,8 +188,10 @@
|
|||
openssh = {
|
||||
# Required for deployment and sops
|
||||
enable = true;
|
||||
passwordAuthentication = lib.mkIf (!config.c3d2.k-ot.enable) false;
|
||||
permitRootLogin = lib.mkOverride 900 "prohibit-password";
|
||||
settings = {
|
||||
PasswordAuthentication = lib.mkIf (!config.c3d2.k-ot.enable) false;
|
||||
PermitRootLogin = lib.mkOverride 900 "prohibit-password";
|
||||
};
|
||||
};
|
||||
|
||||
portunus = with zentralwerk.lib.config.site.net.serv; {
|
||||
|
|
|
@ -90,8 +90,10 @@ in
|
|||
"compat_uts_machine=armv6l"
|
||||
];
|
||||
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
# hardware.raspberry-pi."4" = {
|
||||
# fkms-3d.enable = true;
|
||||
|
|
|
@ -55,13 +55,15 @@ in {
|
|||
"${modulesPath}/profiles/minimal.nix"
|
||||
];
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
boot.postBootCommands = ''
|
||||
if [ ! -c /dev/net/tun ]; then
|
||||
mkdir -p /dev/net
|
||||
mknod -m 666 /dev/net/tun c 10 200
|
||||
fi
|
||||
'';
|
||||
boot = {
|
||||
postBootCommands = ''
|
||||
if [ ! -c /dev/net/tun ]; then
|
||||
mkdir -p /dev/net
|
||||
mknod -m 666 /dev/net/tun c 10 200
|
||||
fi
|
||||
'';
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
c3d2 = {
|
||||
hq.statistics.enable = true;
|
||||
deployment = {
|
||||
|
|
|
@ -16,8 +16,10 @@ in
|
|||
};
|
||||
|
||||
boot = {
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
kernelParams = [ "mitigations=off" "preempt=none" ];
|
||||
loader = {
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
loader.grub.enable = false;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
supportedFilesystems = lib.mkForce [ "vfat" "ext4" ];
|
||||
tmpOnTmpfs = true;
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
|
||||
hardware = {
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
];
|
||||
};
|
||||
|
||||
tmpOnTmpfs = true;
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
|
||||
fileSystems."/mnt/sd" = {
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
# no zfs required
|
||||
supportedFilesystems = lib.mkForce [ "vfat" "ext4" ];
|
||||
|
||||
tmpOnTmpfs = true;
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
|
|
|
@ -23,8 +23,10 @@
|
|||
# No server/router runs any untrusted user code
|
||||
"mitigations=off"
|
||||
];
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -21,8 +21,10 @@ _:
|
|||
# No server/router runs any untrusted user code
|
||||
"mitigations=off"
|
||||
];
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
|
||||
disko.disks = [ {
|
||||
|
|
|
@ -22,8 +22,10 @@
|
|||
# No server/router runs any untrusted user code
|
||||
"mitigations=off"
|
||||
];
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -22,8 +22,10 @@
|
|||
# No server/router runs any untrusted user code
|
||||
"mitigations=off"
|
||||
];
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -21,8 +21,10 @@
|
|||
# No server/router runs any untrusted user code
|
||||
"mitigations=off"
|
||||
];
|
||||
tmpOnTmpfs = true;
|
||||
tmpOnTmpfsSize = "80%";
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "80%";
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -36,7 +36,7 @@
|
|||
];
|
||||
};
|
||||
|
||||
tmpOnTmpfs = true;
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
|
||||
hardware.deviceTree.enable = true;
|
||||
|
|
Loading…
Reference in New Issue