Make net.netfilter.nf_conntrack_max work on skyflake

modules/microvm-defaults.nix

@@ -9,11 +9,15 @@
 
   boot = {
     loader.grub.enable = false;
-    kernel.sysctl = lib.optionalAttrs (config.microvm.mem <= 1024) {
-      # table overflow causing packets from nginx to the service to drop
-      # nf_conntrack: nf_conntrack: table full, dropping packet
-      "net.netfilter.nf_conntrack_max" = "65536";
-    };
+    kernel.sysctl =
+      let
+        mem = if (config?microvm) then config.microvm.mem else config.deployment.mem;
+      in
+      lib.optionalAttrs (mem <= 1024) {
+        # table overflow causing packets from nginx to the service to drop
+        # nf_conntrack: nf_conntrack: table full, dropping packet
+        "net.netfilter.nf_conntrack_max" = "65536";
+      };
     kernelParams = [
       "preempt=none"
       # No server/router runs any untrusted user code