92 lines
2.3 KiB
Nix
92 lines
2.3 KiB
Nix
{ config, pkgs, inputs, modulesPath, ... }:
|
|
|
|
{
|
|
imports = [
|
|
(modulesPath + "/virtualisation/digital-ocean-config.nix")
|
|
./agenix.nix
|
|
./modules/minecraft.nix
|
|
./modules/hardening.nix
|
|
./modules/tailscale.nix
|
|
./modules/discord.nix
|
|
./modules/backup.nix
|
|
./modules/monitoring.nix
|
|
./modules/caddy.nix
|
|
];
|
|
|
|
system.stateVersion = "24.11";
|
|
|
|
boot.loader.grub = {
|
|
enable = true;
|
|
efiSupport = true;
|
|
efiInstallAsRemovable = true;
|
|
};
|
|
|
|
boot.kernelParams = [ "net.ifnames=0" ];
|
|
|
|
boot.kernelModules = [ "tcp_bbr" ];
|
|
|
|
boot.kernel.sysctl = {
|
|
# BBR congestion control — reduces latency by basing decisions on
|
|
# bandwidth and RTT rather than packet loss
|
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
|
# fq queue discipline — recommended with BBR for pacing
|
|
"net.core.default_qdisc" = "fq";
|
|
# Low-latency TCP mode
|
|
"net.ipv4.tcp_low_latency" = 1;
|
|
# Socket buffer sizes for better throughput
|
|
"net.core.rmem_max" = 16777216;
|
|
"net.core.wmem_max" = 16777216;
|
|
"net.ipv4.tcp_rmem" = "4096 87380 16777216";
|
|
"net.ipv4.tcp_wmem" = "4096 87380 16777216";
|
|
};
|
|
|
|
networking.hostName = "compsigh-minecraft";
|
|
networking.defaultGateway = "157.230.144.1";
|
|
networking.nameservers = [ "67.207.67.3" "67.207.67.2" ];
|
|
networking.interfaces.eth0.ipv4.addresses = [
|
|
{ address = "157.230.151.230"; prefixLength = 20; }
|
|
{ address = "10.46.0.5"; prefixLength = 16; }
|
|
];
|
|
networking.interfaces.eth1.ipv4.addresses = [{
|
|
address = "10.120.0.2";
|
|
prefixLength = 20;
|
|
}];
|
|
|
|
services.do-agent.enable = false;
|
|
|
|
time.timeZone = "America/Los_Angeles";
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
nix.settings = {
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
auto-optimise-store = true;
|
|
};
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 14d";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
git
|
|
htop
|
|
tmux
|
|
rsync
|
|
];
|
|
|
|
zramSwap = {
|
|
enable = true;
|
|
memoryPercent = 50;
|
|
};
|
|
|
|
services.openssh.hostKeys = [{
|
|
path = "/etc/ssh/ssh_host_ed25519_key";
|
|
type = "ed25519";
|
|
}];
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu jetthomaspham@gmail.com"
|
|
];
|
|
}
|