{ config, pkgs, lib, ... }: { imports = [ ./base.nix ./users/chris.nix ]; documentation.nixos.enable = false; documentation.enable = false; documentation.info.enable = false; documentation.man.enable = false; environment.variables.BROWSER = "echo"; nix.settings.trusted-users = [ "root" "@wheel" ]; time.timeZone = lib.mkDefault "UTC"; systemd = { enableEmergencyMode = false; watchdog = { runtimeTime = "20s"; rebootTime = "30s"; }; sleep.extraConfig = '' AllowSuspend=no AllowHibernation=no ''; }; systemd.services.NetworkManager-wait-online.enable = false; systemd.network.wait-online.enable = false; # systemd.services.systemd-networkd.stopIfChanged = false; # systemd.services.systemd-resolved.stopIfChanged = false; nix.settings.max-free = lib.mkDefault (1000 * 1000 * 1000); nix.settings.min-free = lib.mkDefault (128 * 1000 * 1000); nix.daemonCPUSchedPolicy = lib.mkDefault "batch"; nix.daemonIOSchedClass = lib.mkDefault "idle"; nix.daemonIOSchedPriority = lib.mkDefault 7; # My servers always use /dev/vda as boot disk... boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { grub = { devices = [ "/dev/vda" ]; # nodev for EFI only # EFI efiSupport = false; efiInstallAsRemovable = false; }; timeout = 1; }; }; networking = { hostName = lib.mkDefault "Rory-nix-base-server"; networkmanager.enable = false; useNetworkd = true; wireless.enable = false; enableIPv6 = false; firewall = { enable = false; # allowedTCPPorts = [ ... ]; # allowedUDPPorts = [ ... ]; }; useDHCP = false; # nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; nameservers = [ "10.0.0.1" "10.5.0.1" "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; defaultGateway = "10.0.0.1"; }; services.pulseaudio.enable = false; # This shaves off half a gigabyte of disk space... hardware.enableAllFirmware = false; hardware.enableRedistributableFirmware = false; services.lvm.enable = false; i18n.defaultLocale = "en_US.UTF-8"; }