host/Rory-ovh/services/containers/shared.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

{ pkgs, lib, config, ... }:
{
  environment.systemPackages = with pkgs; [
    lnav
    lsd
    htop
    btop
    duf
    kitty.terminfo
    neovim
    jq
    dig
  ];

  networking.resolvconf.enable = false;
  networking.nameservers = [
    "1.1.1.1"
    "1.0.0.1"
    "8.8.8.8"
    "8.4.4.8"
  ];

  environment.etc."resolv.conf" = lib.mkDefault {
    text = lib.concatStringsSep "\n" (
      lib.optionals (config.networking ? nameservers) (map (nameserver: "nameserver ${nameserver}") (config.networking.nameservers))
      #++ lib.optionals (config.networking ? enableIPv6 && !config.networking.enableIPv6) [ "options no-aaaa" ]
      ++ lib.optionals (config.networking ? enableIPv6 && config.networking.enableIPv6) [
        "options single-request"
        "options single-request-reopen"
        "options inet6"
      ]
    );
  };

  services.resolved = {
    enable = lib.mkForce false;
    dnssec = lib.mkForce "false";
    dnsovertls = lib.mkForce "false";
  };
  
  systemd.oomd.enable = false; # Kinda useless in a container, lol
}