92 lines
1.9 KiB
Nix
92 lines
1.9 KiB
Nix
{ hostName, inputs, lib, pkgs, ... }:
|
|
|
|
{
|
|
boot.kernelParams = [
|
|
# No server/router runs any untrusted user code
|
|
"mitigations=off"
|
|
# Prevents automatic creation of interface bond0 by the kernel
|
|
"bonding.max_bonds=0"
|
|
];
|
|
boot.tmp.useTmpfs = true;
|
|
# Includes wireguard
|
|
boot.kernelPackages = pkgs.zfsUnstable.latestCompatibleLinuxPackages;
|
|
# Keep building
|
|
boot.zfs.enableUnstable = true;
|
|
|
|
# no persistent logs
|
|
services.journald.extraConfig = ''
|
|
RuntimeMaxUse=32M
|
|
Storage=volatile
|
|
'';
|
|
|
|
nix = {
|
|
package = pkgs.nixFlakes;
|
|
extraOptions = "experimental-features = nix-command flakes";
|
|
registry = {
|
|
nixpkgs.flake = inputs.nixpkgs;
|
|
};
|
|
|
|
settings = {
|
|
substituters = lib.mkBefore [ "https://hydra.hq.c3d2.de" ];
|
|
trusted-public-keys = [
|
|
"nix-serve.hq.c3d2.de:KZRGGnwOYzys6pxgM8jlur36RmkJQ/y8y62e52fj1ps=%"
|
|
];
|
|
};
|
|
};
|
|
|
|
documentation = {
|
|
enable = lib.mkForce false;
|
|
nixos.enable = lib.mkForce false;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
bmon
|
|
bridge-utils
|
|
conntrack-tools
|
|
dhcpcd
|
|
dhcpdump
|
|
dig
|
|
ethtool
|
|
git
|
|
iftop
|
|
iperf
|
|
iptables
|
|
iptraf-ng
|
|
iputils
|
|
mtr
|
|
psmisc
|
|
screen
|
|
speedtest-cli
|
|
tcpdump
|
|
tmux
|
|
traceroute
|
|
vim
|
|
wget
|
|
];
|
|
|
|
networking.hostName = hostName;
|
|
|
|
programs = {
|
|
fzf.keybindings = true;
|
|
git = {
|
|
enable = true;
|
|
config = {
|
|
alias = {
|
|
co = "checkout";
|
|
lg = "log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold y
|
|
ow)%d%C(reset)'";
|
|
remote = "remote -v";
|
|
st = "status";
|
|
undo = "reset --soft HEAD^";
|
|
};
|
|
pull.rebase = true;
|
|
rebase.autoStash = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
users.users.root.initialHashedPassword = "";
|
|
|
|
system.stateVersion = "20.09";
|
|
}
|