From 6c428f5c0febd70f04593b2ef8bf25509e8a45c2 Mon Sep 17 00:00:00 2001 From: Rory& Date: Sun, 21 Apr 2024 02:32:06 +0200 Subject: Add vanilla conduit container --- modules/base-server.nix | 11 ++++------- modules/base.nix | 15 ++++++++++++++- 2 files changed, 18 insertions(+), 8 deletions(-) (limited to 'modules') diff --git a/modules/base-server.nix b/modules/base-server.nix index 8986ee3..2508b24 100755 --- a/modules/base-server.nix +++ b/modules/base-server.nix @@ -46,24 +46,21 @@ systemd.services.NetworkManager-wait-online.enable = false; systemd.network.wait-online.enable = false; - systemd.services.systemd-networkd.stopIfChanged = false; - systemd.services.systemd-resolved.stopIfChanged = false; + # systemd.services.systemd-networkd.stopIfChanged = false; + # systemd.services.systemd-resolved.stopIfChanged = false; nix.settings.max-free = lib.mkDefault (1000 * 1000 * 1000); nix.settings.min-free = lib.mkDefault (128 * 1000 * 1000); - # TODO: cargo culted. nix.daemonCPUSchedPolicy = lib.mkDefault "batch"; nix.daemonIOSchedClass = lib.mkDefault "idle"; nix.daemonIOSchedPriority = lib.mkDefault 7; - # My servers always use /dev/sda as boot disk... + # My servers always use /dev/vda as boot disk... boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { grub = { - enable = true; - version = 2; - devices = [ "/dev/sda" ]; # nodev for EFI only + devices = [ "/dev/vda" ]; # nodev for EFI only # EFI efiSupport = false; efiInstallAsRemovable = false; diff --git a/modules/base.nix b/modules/base.nix index 116d496..98556dd 100755 --- a/modules/base.nix +++ b/modules/base.nix @@ -44,6 +44,14 @@ "net.ipv4.tcp_keepalive_probes=4" "net.ipv4.tcp_timestamps=0" ]; + kernelPackages = pkgs.linuxPackages_latest; + loader = { + grub = { + enable = true; + version = 2; + }; + timeout = 1; + }; }; networking = { @@ -65,7 +73,12 @@ extraConfig = '' MaxAuthTries 32 ''; - }; + }; + resolved = { + enable = true; + dnssec = lib.mkForce false; + dnsovertls = lib.mkForce false; + } }; systemd = { -- cgit 1.4.1