{ config, pkgs, lib, ... }: { imports = [ ./base.nix ./users/chris.nix ]; documentation.nixos.enable = false; documentation.enable = false; documentation.info.enable = false; documentation.man.enable = false; environment.variables.BROWSER = "echo"; time.timeZone = lib.mkDefault "UTC"; systemd = { enableEmergencyMode = false; watchdog = { runtimeTime = "20s"; rebootTime = "30s"; }; sleep.extraConfig = '' AllowSuspend=no AllowHibernation=no ''; }; #systemd.services.NetworkManager-wait-online.enable = false; #systemd.network.wait-online.enable = false; # My servers always use /dev/vda as boot disk... boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { grub = { devices = [ "/dev/vda" ]; # nodev for EFI only # EFI efiSupport = false; efiInstallAsRemovable = false; }; timeout = 1; }; }; networking = { hostName = lib.mkDefault "Rory-nix-base-server"; networkmanager.enable = false; useNetworkd = true; wireless.enable = false; enableIPv6 = false; firewall = { enable = false; # allowedTCPPorts = [ ... ]; # allowedUDPPorts = [ ... ]; }; useDHCP = false; # nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; nameservers = [ "10.10.0.4" "10.10.0.5" "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; defaultGateway = "192.168.1.1"; }; hardware.pulseaudio.enable = false; # This shaves off half a gigabyte of disk space... hardware.enableAllFirmware = false; hardware.enableRedistributableFirmware = false; services = { # prometheus = { # exporters = { # node = { # enable = true; # port = 9100; # enabledCollectors = [ # #"logind" #too slow # "systemd" # "processes" # "interrupts" # # Testing: # "buddyinfo" # "cgroups" # "ksmd" # "lnstat" # "mountstats" # "network_route" # #"perf" # requires sysctl change # "qdisc" # "sysctl" # "softirqs" # "tcpstat" # ]; # disabledCollectors = [ # "textfile" # "xfs" # "zfs" # "selinux" # "cpufreq" # "btrfs" # "powersupplyclass" # "mdadm" # "tapestats" # "fibrechannel" # "cpu_vulnerabilities" # "watchdog" # "thermal_zone" # "logind" # "nfs" # "nfsd" # "infiniband" # ]; # }; # }; # }; promtail = { enable = true; configuration = { server = { http_listen_port = 3031; grpc_listen_port = 0; }; positions = { filename = "/tmp/positions.yaml"; }; clients = [ { url = "https://loki.regional.seian.cloud/loki/api/v1/push"; } ]; scrape_configs = [ { job_name = "journal"; journal = { max_age = "12h"; labels = { job = "systemd-journal"; host = "${toString config.networking.hostName}"; }; }; relabel_configs = [ { source_labels = [ "__journal__systemd_unit" ]; target_label = "unit"; } ]; } ]; }; }; }; }