diff --git a/hosts/layne/default.nix b/hosts/layne/default.nix index 2bfa6e5..0f8026f 100644 --- a/hosts/layne/default.nix +++ b/hosts/layne/default.nix @@ -10,6 +10,7 @@ _: { nodeconfig = { minimize = true; nix.auto-gc = true; + is-server = true; }; environment.sessionVariables = { diff --git a/hosts/rico0/default.nix b/hosts/rico0/default.nix index 71a6804..cba8a86 100644 --- a/hosts/rico0/default.nix +++ b/hosts/rico0/default.nix @@ -12,6 +12,7 @@ _: { minimize = true; nix.auto-gc = true; is-pi = true; + is-server = true; }; i18n = { diff --git a/hosts/rico1/default.nix b/hosts/rico1/default.nix index 71a6804..cba8a86 100644 --- a/hosts/rico1/default.nix +++ b/hosts/rico1/default.nix @@ -12,6 +12,7 @@ _: { minimize = true; nix.auto-gc = true; is-pi = true; + is-server = true; }; i18n = { diff --git a/hosts/rico2/default.nix b/hosts/rico2/default.nix index 71a6804..cba8a86 100644 --- a/hosts/rico2/default.nix +++ b/hosts/rico2/default.nix @@ -12,6 +12,7 @@ _: { minimize = true; nix.auto-gc = true; is-pi = true; + is-server = true; }; i18n = { diff --git a/hosts/shared/networkd.nix b/hosts/shared/networkd.nix index 977d402..b14a5a6 100644 --- a/hosts/shared/networkd.nix +++ b/hosts/shared/networkd.nix @@ -2,25 +2,28 @@ _: { networking = { useNetworkd = true; }; - systemd.network = { - enable = true; - networks = { - "41-ether" = { - enable = true; - matchConfig = { - Type = "ether"; - }; - networkConfig = { - DHCP = "yes"; - }; - dhcpV4Config = { - UseDomains = true; - }; - ipv6AcceptRAConfig = { - UseDomains = true; - }; - linkConfig = { - RequiredForOnline = "yes"; + systemd = { + network = { + enable = true; + wait-online.enable = false; + networks = { + "41-ether" = { + enable = true; + matchConfig = { + Type = "ether"; + }; + networkConfig = { + DHCP = "yes"; + }; + dhcpV4Config = { + UseDomains = true; + }; + ipv6AcceptRAConfig = { + UseDomains = true; + }; + linkConfig = { + RequiredForOnline = "yes"; + }; }; }; }; diff --git a/hosts/wynne/default.nix b/hosts/wynne/default.nix index 2bfa6e5..0f8026f 100644 --- a/hosts/wynne/default.nix +++ b/hosts/wynne/default.nix @@ -10,6 +10,7 @@ _: { nodeconfig = { minimize = true; nix.auto-gc = true; + is-server = true; }; environment.sessionVariables = { diff --git a/modules/default.nix b/modules/default.nix index 2891335..185501c 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -3,6 +3,7 @@ _: { ./general.nix ./nix.nix ./pi.nix + ./server.nix ./wireguard.nix ]; } diff --git a/modules/general.nix b/modules/general.nix index b32406c..b9464f3 100644 --- a/modules/general.nix +++ b/modules/general.nix @@ -18,6 +18,7 @@ let cfg = config.nodeconfig; in { nixos.enable = lib.mkDefault false; }; + fonts.fontconfig.enable = lib.mkDefault false; programs.command-not-found.enable = lib.mkDefault false; xdg = { @@ -25,6 +26,7 @@ let cfg = config.nodeconfig; in { icons.enable = lib.mkDefault false; mime.enable = lib.mkDefault false; sounds.enable = lib.mkDefault false; + menus.enable = lib.mkDefault false; }; }; } diff --git a/modules/server.nix b/modules/server.nix new file mode 100644 index 0000000..3cf4579 --- /dev/null +++ b/modules/server.nix @@ -0,0 +1,38 @@ +{ lib, config, ... }: +let cfg = config.nodeconfig; in { + options.nodeconfig = { + is-server = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = "configure node as a server"; + }; + }; + config = lib.mkIf cfg.is-server { + boot.kernel.sysctl = { + "net.core.default_qdisc" = "fq"; + "net.ipv4.tcp_congestion_control" = "bbr"; + }; + networking.firewall = { + allowPing = true; + logRefusedConnections = lib.mkDefault false; + }; + systemd = { + services = { + NetworkManager-wait-online.enable = false; + systemd-networkd.stopIfChanged = false; + systemd-resolved.stopIfChanged = false; + }; + enableEmergencyMode = false; + watchdog = { + runtimeTime = "15s"; + rebootTime = "30s"; + kexecTime = "1m"; + }; + sleep.extraConfig = '' + AllowSuspend=no + AllowHibernation=no + ''; + }; + }; +}