diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-07-21 13:00:38 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-07-21 13:00:38 -0700 |
| commit | 40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd (patch) | |
| tree | 45a0902743971b1789b1f5d03efde7390cc0e95e /nix/profiles/server.nix | |
| parent | move user configurations to top-level (diff) | |
| download | infra-40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd.tar.gz | |
move all profiles, modules, and flakes to top-level
Diffstat (limited to 'nix/profiles/server.nix')
| -rw-r--r-- | nix/profiles/server.nix | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/nix/profiles/server.nix b/nix/profiles/server.nix deleted file mode 100644 index 1588314..0000000 --- a/nix/profiles/server.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - - imports = [ - ./nix.nix - ]; - - time.timeZone = "America/Los_Angeles"; - - # Don't require password for sudo - security.sudo.wheelNeedsPassword = false; - - # Virtualization settings - virtualisation.docker.enable = true; - - # Select internationalisation properties. - i18n = { - defaultLocale = "en_US.UTF-8"; - }; - - boot.loader.systemd-boot.enable = true; - boot.kernelPackages = pkgs.linuxPackages_latest; - - environment.systemPackages = with pkgs; [ - curl - fd - fish - git - htop - jq - mtr - pciutils - powertop - ripgrep - tcpdump - traceroute - vim - ]; - - boot.kernel.sysctl = { - "net.ipv4.tcp_fastopen" = 3; - "net.ipv4.tcp_tw_reuse" = 1; - }; - - networking = { - firewall = { - enable = false; - allowPing = true; - logRefusedConnections = false; - }; - useNetworkd = lib.mkDefault true; - }; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. - networking.useDHCP = lib.mkDefault true; - - # Default to systemd-networkd usage. - systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; - - # Use systemd-resolved for DoT support. - services.resolved = { - enable = true; - dnssec = "false"; - extraConfig = '' - DNSOverTLS=yes - ''; - }; - - # Used by systemd-resolved, not directly by resolv.conf. - networking.nameservers = [ - "8.8.8.8#dns.google" - "1.0.0.1#cloudflare-dns.com" - ]; - - ## disable that slow "building man-cache" step - documentation.man.generateCaches = lib.mkForce false; -} |