forked from zentralwerk/network
48 lines
1.0 KiB
Nix
48 lines
1.0 KiB
Nix
{ hostName, inputs, pkgs, options, lib, ... }:
|
|
|
|
{
|
|
boot.kernelParams = [
|
|
# No server/router runs any untrusted user code
|
|
"mitigations=off"
|
|
# Prevents automatic creation of interface bond0 by the kernel
|
|
"bonding.max_bonds=0"
|
|
];
|
|
boot.tmpOnTmpfs = true;
|
|
# Includes wireguard
|
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
|
|
# no persistent logs
|
|
services.journald.extraConfig = ''
|
|
RuntimeMaxUse=32M
|
|
Storage=volatile
|
|
'';
|
|
|
|
nix = {
|
|
package = pkgs.nixFlakes;
|
|
extraOptions = "experimental-features = nix-command flakes";
|
|
registry = {
|
|
nixpkgs.flake = inputs.nixpkgs;
|
|
};
|
|
};
|
|
|
|
documentation = {
|
|
enable = false;
|
|
nixos.enable = false;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
vim screen git wget psmisc
|
|
ethtool tcpdump iputils
|
|
mtr traceroute
|
|
iptables bridge-utils conntrack-tools
|
|
bmon iftop speedtest-cli
|
|
dhcpcd
|
|
];
|
|
|
|
networking.hostName = hostName;
|
|
|
|
users.users.root.initialHashedPassword = "";
|
|
|
|
system.stateVersion = "20.09";
|
|
}
|