diff options
Diffstat (limited to 'modules/nixos/base.nix')
| -rw-r--r-- | modules/nixos/base.nix | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/modules/nixos/base.nix b/modules/nixos/base.nix deleted file mode 100644 index 9ed3abc..0000000 --- a/modules/nixos/base.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ - self, - config, - pkgs, - lib, - ... -}: -{ - boot = { - kernelPackages = pkgs.linuxPackages_latest; - kernel.sysctl = { - "net.ipv4.tcp_congestion_control" = "bbr"; - "net.ipv4.tcp_ecn" = 1; - "net.ipv4.tcp_fastopen" = 3; - "net.ipv4.tcp_tw_reuse" = 1; - }; - }; - - networking = { - useNetworkd = true; - # Used by systemd-resolved, not directly by resolv.conf. - nameservers = [ - "8.8.8.8#dns.google" - "1.0.0.1#cloudflare-dns.com" - ]; - firewall = { - enable = true; - allowPing = true; - logRefusedConnections = false; - }; - }; - - systemd.network = { - enable = true; - }; - - services.resolved = { - enable = true; - dnssec = "false"; - }; - - services.fail2ban = { - enable = true; - ignoreIP = [ - "10.100.0.0/24" # wireguard - ]; - bantime = "1h"; - bantime-increment = { - enable = true; - maxtime = "168h"; - factor = "4"; - }; - }; - - i18n = { - defaultLocale = "en_US.UTF-8"; - supportedLocales = [ - "en_US.UTF-8/UTF-8" - ]; - }; - - time.timeZone = "America/Los_Angeles"; - - users.motdFile = "/etc/motd"; - - environment.etc.motd.text = '' - Machine ${config.networking.hostName} - NixOS ${config.system.nixos.release} - @ ${self.shortRev or self.dirtyShortRev} - ''; - - ## disable that slow "building man-cache" step - documentation.man.generateCaches = lib.mkForce false; - - users = { - mutableUsers = false; - users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" - ]; - }; - - security.sudo.wheelNeedsPassword = false; - - environment.systemPackages = with pkgs; [ - curl - dysk - fd - fish - git - htop - jq - mtr - pciutils - powertop - ripgrep - tcpdump - traceroute - vim - wireguard-tools - ]; -} |