{ config, pkgs, modulesPath, lib, nixos-hardware, ... } @ args: { networking.hostName = "nas"; networking.hostId = "70af00ed"; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ./systemd-boot.nix ./services/tpm2.nix ./server.nix ./services/hydra.nix ./services/backup.nix nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-pc-ssd ./services/hostapd.nix ./services/synapse.nix ./services/mautrix-discord.nix ./services/mautrix-telegram.nix ./services/mautrix-whatsapp.nix ./services/mautrix-signal.nix ./services/router.nix ./services/syncthing.nix ../modules/tc-cake.nix ./services/cups.nix ./services/iscsi.nix ./services/samba.nix ./services/drone.nix ./services/drone-runner-docker.nix ./services/docker.nix ./users/remote-build.nix ]; hardware.cpu.amd.updateMicrocode = true; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod"]; boot.initrd.kernelModules = ["igb"]; boot.kernelModules = ["kvm-amd"]; boot.extraModulePackages = [ config.boot.kernelPackages.zenpower ]; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_testing_bcachefs; boot.supportedFilesystems = lib.mkForce ["bcachefs" "vfat"]; fileSystems."/" = { device = "/dev/nvme0n1p2:/dev/sda1:/dev/sdb1:/dev/sdc2"; fsType = "bcachefs"; }; fileSystems."/boot" = { device = "/dev/nvme0n1p1"; fsType = "vfat"; }; fileSystems."/boot1" = { device = "/dev/disk/by-partuuid/b50f9cff-552d-4c6e-bda2-104723ee638e"; fsType = "vfat"; }; fileSystems."/boot2" = { device = "/dev/disk/by-partuuid/6f365c6a-63a2-4fb9-976b-ec9e04c9cb13"; fsType = "vfat"; }; fileSystems."/boot3" = { device = "/dev/disk/by-partuuid/324146ea-edb6-4f2e-b260-af8eddfb1eca"; fsType = "vfat"; }; /* swapDevices = [ { device = "/dev/disk/by-partuuid/3b652a7e-a550-4342-a0d7-d2ae47b3e9d1"; randomEncryption = true; } { device = "/dev/disk/by-partuuid/59de36d4-6613-4b50-9643-8824e9a9b1f9"; randomEncryption = true; } { device = "/dev/disk/by-partuuid/f6260d75-2b96-4f55-ba0f-050c58b84b78"; randomEncryption = true; } ]; */ networking.interfaces.br0 = { ipv4 = { addresses = [ { address = "192.168.2.1"; prefixLength = 24; } ]; }; }; networking.bridges = { br0.interfaces = ["enp9s0" "wlp7s0"]; }; networking.wireguard.interfaces."wg0".ips = ["fd0d:a262:1fa6:e621:bc9b:6a33:86e4:873b/64"]; environment.etc."sysconfig/lm_sensors".text = '' # Generated by sensors-detect on Sun Apr 24 08:31:51 2022 # This file is sourced by /etc/init.d/lm_sensors and defines the modules to # be loaded/unloaded. # # The format of this file is a shell script that simply defines variables: # HWMON_MODULES for hardware monitoring driver modules, and optionally # BUS_MODULES for any required bus driver module (for example for I2C or SPI). HWMON_MODULES="it87" ''; nix.settings.cores = 12; boot.binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" "powerpc-linux" "powerpc64-linux" "powerpc64le-linux" "riscv32-linux" "riscv64-linux" "wasm32-wasi" ]; hardware.enableRedistributableFirmware = true; nix.settings.substituters = lib.mkForce [ "https://attic.chir.rs/chir-rs/" "https://cache.nixos.org/" ]; nix.daemonCPUSchedPolicy = "idle"; nix.daemonIOSchedClass = "idle"; networking.wireguard.interfaces.wg0.peers = [ # nutty-noon { publicKey = "YYQmSJwipRkZJUsPV5DxhfyRBMdj/O1XzN+cGYtUi1s="; allowedIPs = [ "fd0d:a262:1fa6:e621:47e6:24d4:2acb:9437/128" ]; } ]; system.stateVersion = "22.05"; home-manager.users.darkkirb = import ./home-manager/darkkirb.nix { desktop = false; inherit args; }; networking.tc_cake = { enp2s0f0u4 = { disableOffload = true; shapeEgress = { bandwidth = "4mbit"; extraArgs = "docsis nat ack-filter"; }; shapeIngress = { bandwidth = "33mbit"; ifb = "ifb4enp2s0f0u4"; }; }; }; services.postgresql.settings = { max_connections = 200; shared_buffers = "4GB"; effective_cache_size = "12GB"; maintenance_work_mem = "1GB"; checkpoint_completion_target = 0.9; wal_buffers = "16MB"; default_statistics_target = 100; random_page_cost = 1.1; effective_io_concurrency = 200; work_mem = "5242kB"; min_wal_size = "1GB"; max_wal_size = "4GB"; max_worker_processes = 12; max_parallel_workers_per_gather = 4; max_parallel_workers = 12; max_parallel_maintenance_workers = 4; }; services.tailscale.useRoutingFeatures = "both"; hardware.sane.brscan4.enable = true; }