{ depot, lib, pkgs, rebuilder, ... }: config: let inherit (depot.ops) secrets; in lib.fix (self: { boot.initrd.availableKernelModules = [ "ata_piix" "vmw_pvscsi" "sd_mod" "sr_mod" ]; boot.kernelModules = [ "tcp_bbr" ]; boot.kernel.sysctl = { "net.ipv6.conf.default.accept_ra" = 0; "net.ipv6.conf.all.accept_ra" = 0; "net.ipv6.conf.default.autoconf" = 0; "net.ipv6.conf.all.autoconf" = 0; }; fileSystems = { "/" = { device = "/dev/disk/by-uuid/fafafa2b-ec19-40ae-bd04-cc286beb2946"; fsType = "ext4"; }; }; swapDevices = [ { device = "/dev/disk/by-uuid/9920239c-492f-4f79-8a06-8f412d047605"; } ]; nix.maxJobs = lib.mkDefault 2; hardware.enableRedistributableFirmware = true; nixpkgs.config = { allowUnfree = true; }; nix.nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ]; # Use GRUB2. boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; # Networking! networking = { hostName = "ixvm-fra01"; # Define your hostname. domain = "as205479.net"; nameservers = ["8.8.8.8" "8.8.4.4"]; useDHCP = false; defaultGateway = { address = "141.98.136.97"; interface = "ens-inet"; }; defaultGateway6 = { address = "2a09:11c0:f1:bc0b::1"; interface = "ens-inet"; }; interfaces = { ens-inet = { ipv4.addresses = [ { address = "141.98.136.124"; prefixLength = 27; } ]; ipv6.addresses = [ { address = "2a09:11c0:f1:bc0b::2"; prefixLength = 64; } ]; }; ens-kleyrex = { ipv4.addresses = [ { address = "193.189.83.41"; prefixLength = 23; } ]; ipv6.addresses = [ { address = "2001:7f8:33::a120:5479:1"; prefixLength = 48; } ]; }; ens-locix = { ipv4.addresses = [ { address = "185.1.166.219"; prefixLength = 23; } ]; ipv6.addresses = [ { address = "2001:7f8:f2:e1::a20:5479:1"; prefixLength = 48; } ]; }; ens-nlix = { ipv4.addresses = [ { address = "193.239.118.225"; prefixLength = 22; } ]; ipv6.addresses = [ { address = "2001:7f8:13::a520:5479:1"; prefixLength = 64; } ]; }; }; }; services.udev.extraRules = '' ATTR{address}=="00:50:56:a3:b0:5e", NAME="ens-inet" ATTR{address}=="00:50:56:a3:27:bd", NAME="ens-kleyrex" ATTR{address}=="00:50:56:a3:95:72", NAME="ens-locix" ATTR{address}=="00:50:56:a3:6e:0f", NAME="ens-nlix" ''; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; console.keyMap = "us"; # Set your time zone. time.timeZone = "Etc/UTC"; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ vim mercurial rxvt_unicode.terminfo ]; programs.mtr.enable = true; services.openssh.enable = true; networking.firewall = { # allowedTCPPorts = []; # allowedUDPPorts = []; allowPing = true; }; # Define a user account. users.mutableUsers = false; users.users = { root.hashedPassword = secrets.passwordHashes.root; lukegb = { isNormalUser = true; uid = 1000; extraGroups = [ "wheel" "networkmanager" ]; hashedPassword = secrets.passwordHashes.root; }; }; boot.kernel.sysctl."net.ipv4.tcp_congestion_control" = "bbr"; boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel"; system.stateVersion = "20.03"; })