network/nix/nixos-module/defaults.nix

{ hostName, inputs, pkgs, options, lib, ... }:

{
  boot.kernelParams = [
    # No server/router runs any untrusted user code
    "mitigations=off"
    # Prevents automatic creation of interface bond0 by the kernel
    "bonding.max_bonds=0"
  ];
  # Includes wireguard
  boot.kernelPackages = pkgs.linuxPackages_latest;

  nix = {
    package = pkgs.nixFlakes;
    extraOptions = "experimental-features = nix-command flakes";
    registry = {
      nixpkgs.flake = inputs.nixpkgs;
    };
  };

  documentation = {
    enable = false;
    nixos.enable = false;
  };

  environment.systemPackages = with pkgs; [
    vim screen git wget psmisc
    tcpdump iputils mtr traceroute bmon iptables conntrack-tools
    bridge-utils dhcpcd ethtool
  ];

  networking.hostName = hostName;

  users.users.root.initialHashedPassword = "";

  # for vm-packages
  virtualisation = lib.optionalAttrs (builtins.hasAttr "qemu" options.virtualisation) {
    # larger than the defaults
    memorySize = 8192;
    cores = 2;
    diskSize = 8192;
    # 9P performance optimization that quelches a qemu warning
    msize = 65536;
    # allow building packages
    writableStore = true;
    # keep the store paths built inside the VM across reboots
    writableStoreUseTmpfs = false;
    qemu.options = [ "-enable-kvm" ];
  };

  system.stateVersion = "20.09";
}
nix/pkgs: build *-vm packages 2021-03-31 01:23:58 +02:00			`{ hostName, inputs, pkgs, options, lib, ... }:`
flake, nixos-modules: init 2021-03-05 20:05:50 +01:00
			`{`
nixos-module/defaults: prevent bond0 autocreation 2021-04-06 22:34:05 +02:00			`boot.kernelParams = [`
			`# No server/router runs any untrusted user code`
			`"mitigations=off"`
			`# Prevents automatic creation of interface bond0 by the kernel`
			`"bonding.max_bonds=0"`
			`];`
nixos-module/defaults: set kernel paremeters/version 2021-04-06 18:38:59 +02:00			`# Includes wireguard`
			`boot.kernelPackages = pkgs.linuxPackages_latest;`

flake, nixos-modules: init 2021-03-05 20:05:50 +01:00			`nix = {`
			`package = pkgs.nixFlakes;`
			`extraOptions = "experimental-features = nix-command flakes";`
nixos-module/defaults: setup nix.registry 2021-03-26 21:10:21 +01:00			`registry = {`
			`nixpkgs.flake = inputs.nixpkgs;`
			`};`
flake, nixos-modules: init 2021-03-05 20:05:50 +01:00			`};`

nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`documentation = {`
			`enable = false;`
			`nixos.enable = false;`
			`};`

flake, nixos-modules: init 2021-03-05 20:05:50 +01:00			`environment.systemPackages = with pkgs; [`
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`vim screen git wget psmisc`
nixos-module/defaults: install iptables, conntrack-tools 2021-04-08 02:31:53 +02:00			`tcpdump iputils mtr traceroute bmon iptables conntrack-tools`
nixos-module/defaults: install bmon 2021-04-06 22:09:50 +02:00			`bridge-utils dhcpcd ethtool`
flake, nixos-modules: init 2021-03-05 20:05:50 +01:00			`];`
nix: fix infinite recursion by passing hostName as module arg 2021-03-22 22:38:15 +01:00
			`networking.hostName = hostName;`
nixos-powered lxc container 2021-03-22 23:37:25 +01:00
			`users.users.root.initialHashedPassword = "";`
nixos-module/defaults: set system.stateVersion 2021-03-25 04:07:18 +01:00
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`# for vm-packages`
nix/pkgs: build *-vm packages 2021-03-31 01:23:58 +02:00			`virtualisation = lib.optionalAttrs (builtins.hasAttr "qemu" options.virtualisation) {`
doc 2021-04-10 14:52:13 +02:00			`# larger than the defaults`
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`memorySize = 8192;`
doc 2021-04-10 14:52:13 +02:00			`cores = 2;`
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`diskSize = 8192;`
doc 2021-04-10 14:52:13 +02:00			`# 9P performance optimization that quelches a qemu warning`
			`msize = 65536;`
			`# allow building packages`
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`writableStore = true;`
doc 2021-04-10 14:52:13 +02:00			`# keep the store paths built inside the VM across reboots`
nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-02 03:10:16 +02:00			`writableStoreUseTmpfs = false;`
nix/pkgs: build *-vm packages 2021-03-31 01:23:58 +02:00			`qemu.options = [ "-enable-kvm" ];`
			`};`

nixos-module/defaults: set system.stateVersion 2021-03-25 04:07:18 +01:00			`system.stateVersion = "20.09";`
flake, nixos-modules: init 2021-03-05 20:05:50 +01:00			`}`