Fixes for server kernel

2025-11-30 14:43:59 +05:30 · 2025-11-08 13:57:29 -06:00 · 2025-11-08 13:57:29 -06:00 · 18c43a4259
commit 18c43a4259
parent 74ade00081
2 changed files with 48 additions and 31 deletions
--- a/hosts/ori/configuration.nix
+++ b/hosts/ori/configuration.nix
@ -9,7 +9,7 @@

      # hardware
      cachy.enable = true;
-      cachy.variant = "server";
+      cachy.variant = "lts";

      virtualization = {
        docker.enable = true;
@ -54,8 +54,8 @@

    networking.firewall.extraCommands =
      # ip ban ai crawlers
-    let createDropRulesForIpAddress = address:
-      ''
+      let
+        createDropRulesForIpAddress = address: ''
          iptables -A INPUT -s ${address} -j DROP
          iptables -A OUTPUT -s ${address} -j DROP
          iptables -A FORWARD -s ${address} -j DROP
@ -216,7 +216,7 @@
        ${createDropRulesForIpAddress "98.84.60.17"}
        ${createDropRulesForIpAddress "98.84.70.201"}
      '';
-    virtualisation.docker.extraOptions="--iptables=true";
+    virtualisation.docker.extraOptions = "--iptables=true";
  };

 }
--- a/hosts/ori/hardware-configuration.nix
+++ b/hosts/ori/hardware-configuration.nix
@ -1,27 +1,44 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
+{
+  config,
+  lib,
+  modulesPath,
+  ...
+}:

 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];

  services.fstrim.enable = true;
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ehci_pci"
+    "ahci"
+    "ums_realtek"
+    "sd_mod"
+    "sr_mod"
+  ];
  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = [
+    "kvm-intel"
+    "ip_tables"
+    "i6table_nat"
+    "wireguard"
+  ];
  boot.extraModulePackages = [ ];

-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
    fsType = "btrfs";
    options = [ "subvol=@" ];
  };

-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/4F5E-11FB";
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/4F5E-11FB";
    fsType = "vfat";
  };