]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/production/apu2e4.nix
openldap: use PR#79286
[sourcephile-nix.git] / servers / mermet / production / apu2e4.nix
1 { pkgs, lib, config, ... }:
2 {
3 hardware.cpu.amd.updateMicrocode = true;
4 nix = {
5 # Too CPU hungry for the APU2, for too little Mio saved
6 autoOptimiseStore = false;
7 maxJobs = 4;
8 };
9 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
10
11 boot.kernel = {
12 sysctl = {
13 "vm.swappiness" = 10;
14 "vm.vfs_cache_pressure" = 50;
15 };
16 };
17
18 boot.loader = {
19 grub = {
20 enable = true;
21 version = 2;
22 copyKernels = true;
23 # efiSupport = true;
24 devices = [
25 "/dev/disk/by-id/ata-Samsung_SSD_840_EVO_250GB_S1DBNSAF340110R"
26 ];
27 /*
28 mirroredBoots = [
29 { devices = [ "${disk_id}" ];
30 path = "/boot${bootnum}";
31 }
32 ];
33 */
34 };
35 /*
36 efi = {
37 canTouchEfiVariables = true;
38 efiSysMountPoint = "/boot/efi";
39 efiInstallAsRemovable = false;
40 };
41 */
42 };
43
44 boot.initrd = {
45 availableKernelModules = [
46 "ahci"
47 "ehci_pci"
48 "sd_mod"
49 "uas"
50 # Ethernet driver
51 "igb"
52 # Made the AES modules available at initrd,
53 # to speedup the deciphering of the root.
54 "aes_x86_64"
55 "aesni_intel"
56 "cryptd"
57 ];
58 kernelModules = [ ];
59
60 };
61 boot.kernelModules = [ ];
62 boot.extraModulePackages = [ ];
63 boot.kernelParams = [
64 "gfxpayload=text"
65 #"console=tty0"
66 "console=ttyS0,115200n8"
67 "zfs.zfs_arc_max=262144000" # 250Mo
68 ];
69
70 fileSystems."/boot" =
71 { device = "/dev/disk/by-uuid/dc3c5387-17d2-43b3-bfa2-bf73afacca07";
72 fsType = "ext2";
73 };
74
75 fileSystems."/boot/efi" =
76 { device = "/dev/disk/by-uuid/62E6-E65F";
77 fsType = "vfat";
78 };
79
80 swapDevices =
81 [ { device = "/dev/disk/by-partuuid/6b1eaa35-776b-4e60-b21e-7bcee535dd8b";
82 randomEncryption = {
83 enable = true;
84 cipher = "aes-xts-plain64";
85 source = "/dev/urandom";
86 };
87 }
88 ];
89
90 environment = {
91 systemPackages = with pkgs; [
92 pciutils
93 flashrom
94 ];
95 };
96 }