-{ pkgs, lib, inputs, ... }:
+{ config, pkgs, lib, inputs, ... }:
with lib;
{
- boot.cleanTmpDir = mkDefault true;
- boot.tmpOnTmpfs = mkDefault true;
+ boot.tmp.cleanOnBoot = mkDefault true;
+ boot.tmp.useTmpfs = mkDefault true;
+
services.logrotate.enable = true;
# NOTE: mostly useless on a server, and CPU intensive.
documentation = {
man.enable = mkDefault true;
nixos.enable = mkDefault false;
};
+ programs.vim.defaultEditor = mkDefault true;
+ programs.vim.enable = mkDefault true;
environment.variables = {
EDITOR = "vim";
+ NIXPKGS_CONFIG = mkForce "";
PAGER = "less -R";
SYSTEMD_LESS = "FKMRX";
- NIXPKGS_CONFIG = mkForce "";
+ # Setting TZ= avoids a lot of useless syscalls reading /etc/localtime
+ # but requires to restart the session to change the time zone for all programs.
+ TZ = lib.mkDefault (if config.time.timeZone != null then config.time.timeZone else "Europe/Paris");
};
home-manager.users.root = {
imports = [
../../home-manager/options.nix
../../home-manager/profiles/essential.nix
];
+ services.gpg-agent.pinentryPackage = pkgs.pinentry-curses;
};
- systemd.services.home-manager-root.postStart = ''
- ${pkgs.nix}/bin/nix-env --delete-generations +1 --profile /nix/var/nix/profiles/per-user/root/home-manager
- '';
nix = {
settings.auto-optimise-store = mkDefault true;
gc.automatic = mkDefault true;
gc.dates = mkDefault "weekly";
gc.options = mkDefault "--delete-older-than 7d";
nixPath = mkForce [ ];
- registry.nixpkgs = mkDefault { flake = inputs.nixpkgs; };
- package = pkgs.nixFlakes;
- extraOptions = "experimental-features = nix-command flakes";
+ # Pin the rev to the revision of the public Nixpkgs that the system was built from.
+ # This is the version which will be locked by flakes using flake:nixpkgs
+ #registry.nixpkgs = mkDefault { flake = inputs.nixpkgs; };
+ registry.nixpkgs = {
+ from = { id = "nixpkgs"; type = "indirect"; };
+ to = {
+ owner = "NixOS";
+ repo = "nixpkgs";
+ inherit (inputs.nixpkgs) rev;
+ # May be overriden by nixos/modules/installer/cd-dvd/channel.nix
+ type = mkDefault "github";
+ };
+ };
+ package = pkgs.nixVersions.stable;
+ settings.experimental-features = [ "nix-command" "flakes" ];
};
security.lockKernelModules = false;
services.journald = {
SystemMaxUse=100M
'';
};
+ # none is the recommended elevator for SSD, whereas HDD could use mq-deadline.
+ services.udev.extraRules = ''
+ ACTION=="add|change", KERNEL=="sd[a-z][0-9]*", ATTR{../queue/rotational}=="0", ATTR{../queue/scheduler}="none"
+ ACTION=="add|change", KERNEL=="nvme[0-9]*n[0-9]*p[0-9]*", ATTR{../queue/rotational}=="0", ATTR{../queue/scheduler}="none"
+ '';
+ systemd.oomd = {
+ enable = mkDefault true;
+ enableRootSlice = mkDefault true;
+ enableSystemSlice = mkDefault true;
+ enableUserSlices = mkDefault true;
+ };
+ systemd.services.sshd = {
+ serviceConfig = {
+ ManagedOOMPreference = "omit";
+ };
+ };
/*
system.nixos.versionSuffix = ".${
substring 0 8 (inputs.self.lastModifiedDate or inputs.self.lastModified)}.${
sourcephile / git / julm / julm-nix.git / blobdiff