Fixes for server kernel

hosts/ori/configuration.nix

@@ -9,7 +9,7 @@
 
       # hardware
       cachy.enable = true;
-      cachy.variant = "server";
+      cachy.variant = "lts";
 
       virtualization = {
         docker.enable = true;
@@ -54,8 +54,8 @@
 
     networking.firewall.extraCommands =
       # ip ban ai crawlers
-    let createDropRulesForIpAddress = address:
+      let
-      ''
+        createDropRulesForIpAddress = address: ''
           iptables -A INPUT -s ${address} -j DROP
           iptables -A OUTPUT -s ${address} -j DROP
           iptables -A FORWARD -s ${address} -j DROP

hosts/ori/hardware-configuration.nix

@@ -1,27 +1,44 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
+{
+  config,
+  lib,
+  modulesPath,
+  ...
+}:
 
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
   ];
 
   services.fstrim.enable = true;
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ehci_pci"
+    "ahci"
+    "ums_realtek"
+    "sd_mod"
+    "sr_mod"
+  ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = [
+    "kvm-intel"
+    "ip_tables"
+    "i6table_nat"
+    "wireguard"
+  ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
+    device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
     fsType = "btrfs";
     options = [ "subvol=@" ];
   };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/4F5E-11FB";
+    device = "/dev/disk/by-uuid/4F5E-11FB";
     fsType = "vfat";
   };