diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-08-12 10:00:24 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-08-12 10:00:24 -0700 |
| commit | eb62ca846ac122f9aaacb10cdaec67249fbf89a7 (patch) | |
| tree | d447477a3965e49814b68c9d4bf8c525c366f9ca | |
| parent | move disks configuration to the host' directory (diff) | |
| download | infra-eb62ca846ac122f9aaacb10cdaec67249fbf89a7.tar.gz | |
create profiles for networkd and nix's GC
| -rw-r--r-- | machines/nixos/x86_64-linux/do-rproxy/default.nix | 3 | ||||
| -rw-r--r-- | machines/nixos/x86_64-linux/synology-vm/default.nix | 3 | ||||
| -rw-r--r-- | profiles/default.nix | 5 | ||||
| -rw-r--r-- | profiles/network/networkd.nix | 16 | ||||
| -rw-r--r-- | profiles/nix/gc.nix | 8 | ||||
| -rw-r--r-- | profiles/server.nix | 11 |
6 files changed, 28 insertions, 18 deletions
diff --git a/machines/nixos/x86_64-linux/do-rproxy/default.nix b/machines/nixos/x86_64-linux/do-rproxy/default.nix index 9f0f15e..dd5e137 100644 --- a/machines/nixos/x86_64-linux/do-rproxy/default.nix +++ b/machines/nixos/x86_64-linux/do-rproxy/default.nix @@ -22,11 +22,12 @@ "${self}/profiles/home-manager.nix" "${self}/profiles/admin-user/user.nix" "${self}/profiles/admin-user/home-manager.nix" - "${self}/profiles/disk/vm.nix" "${self}/profiles/server.nix" "${self}/profiles/core/locale.nix" "${self}/profiles/core/ssh.nix" "${self}/profiles/core/tools.nix" + "${self}/profiles/nix/gc.nix" + "${self}/profiles/network/networkd.nix" ]; # do not use DHCP, as DigitalOcean provisions IPs using cloud-init diff --git a/machines/nixos/x86_64-linux/synology-vm/default.nix b/machines/nixos/x86_64-linux/synology-vm/default.nix index 58f14c6..47e54bc 100644 --- a/machines/nixos/x86_64-linux/synology-vm/default.nix +++ b/machines/nixos/x86_64-linux/synology-vm/default.nix @@ -35,12 +35,13 @@ "${self}/profiles/admin-user/user.nix" "${self}/profiles/admin-user/home-manager.nix" "${self}/profiles/hardware/synology.nix" - "${self}/profiles/disk/vm.nix" "${self}/profiles/server.nix" "${self}/profiles/git-server.nix" "${self}/profiles/core/locale.nix" "${self}/profiles/core/ssh.nix" "${self}/profiles/core/tools.nix" + "${self}/profiles/nix/gc.nix" + "${self}/profiles/network/networkd.nix" ]; # Use the systemd-boot EFI boot loader. diff --git a/profiles/default.nix b/profiles/default.nix index 87079fa..48da7b4 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -4,11 +4,6 @@ extraOptions = '' tarball-ttl = 900 ''; - gc = { - automatic = true; - options = "--delete-older-than 7d"; - dates = "weekly"; - }; package = pkgs.nixVersions.stable; settings = { trusted-substituters = [ diff --git a/profiles/network/networkd.nix b/profiles/network/networkd.nix new file mode 100644 index 0000000..9081f59 --- /dev/null +++ b/profiles/network/networkd.nix @@ -0,0 +1,16 @@ +{ ... }: +{ + networking.useNetworkd = true; + + systemd.network = { + enable = true; + }; + + services.resolved = { + enable = true; + dnssec = "false"; + extraConfig = '' + DNSOverTLS=yes + ''; + }; +} diff --git a/profiles/nix/gc.nix b/profiles/nix/gc.nix new file mode 100644 index 0000000..c39476c --- /dev/null +++ b/profiles/nix/gc.nix @@ -0,0 +1,8 @@ +{ ... }: +{ + nix.gc = { + automatic = true; + options = "--delete-older-than 14d"; + }; + nix.optimise.automatic = true; +} diff --git a/profiles/server.nix b/profiles/server.nix index c91546d..78eaf7d 100644 --- a/profiles/server.nix +++ b/profiles/server.nix @@ -1,5 +1,4 @@ { - lib, pkgs, self, ... @@ -27,16 +26,6 @@ allowPing = true; logRefusedConnections = false; }; - useNetworkd = lib.mkDefault true; - }; - - # Use systemd-resolved for DoT support. - services.resolved = { - enable = true; - dnssec = "false"; - extraConfig = '' - DNSOverTLS=yes - ''; }; # Used by systemd-resolved, not directly by resolv.conf. |