diff options
| author | Azat Bahawi <azat@bahawi.net> | 2024-06-29 01:43:37 +0300 |
|---|---|---|
| committer | Azat Bahawi <azat@bahawi.net> | 2024-06-29 01:43:37 +0300 |
| commit | 31ab954db3dbc0a07e7b58c59da003088ee7943d (patch) | |
| tree | 774b3cc777d537c33475255b4bb0eb190fefd2ba /modules | |
| parent | b212b16a14ea12384c4b19ad453076502855a738 (diff) | |
2024-06-29
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/common/networking.nix | 7 | ||||
| -rw-r--r-- | modules/common/systemd.nix | 23 | ||||
| -rw-r--r-- | modules/emacs/doom/init.el | 2 | ||||
| -rw-r--r-- | modules/emacs/doom/packages.el | 6 | ||||
| -rw-r--r-- | modules/syncthing.nix | 12 |
5 files changed, 39 insertions, 11 deletions
diff --git a/modules/common/networking.nix b/modules/common/networking.nix index e891e58..2867825 100644 --- a/modules/common/networking.nix +++ b/modules/common/networking.nix @@ -28,11 +28,14 @@ in # Remove default hostname mappings. This is required at least by the # current implementation of the monitoring module. hosts = { - "127.0.0.1" = mkForce [ ]; + "127.0.0.2" = mkForce [ ]; "::1" = mkForce [ ]; }; - nameservers = mkDefault dns.const.quad9.default; + nameservers = with my.configurations.manwe.wireguard; [ + ipv4.address + ipv6.address + ]; useDHCP = false; diff --git a/modules/common/systemd.nix b/modules/common/systemd.nix index aac1647..81df05c 100644 --- a/modules/common/systemd.nix +++ b/modules/common/systemd.nix @@ -1,4 +1,10 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + lib, + ... +}: +with lib; { ark = { files = [ "/etc/machine-id" ]; @@ -16,9 +22,18 @@ }; }; - services.journald.extraConfig = '' - SystemMaxUse=5G - ''; + services = { + resolved = { + llmnr = "false"; + dnsovertls = "opportunistic"; + domains = mapAttrsToList (_: v: v) my.domain; + fallbackDns = map (v: "${v}#dns.quad9.net") dns.const.quad9.default; + }; + + journald.extraConfig = '' + SystemMaxUse=5G + ''; + }; systemd = let diff --git a/modules/emacs/doom/init.el b/modules/emacs/doom/init.el index ed0e048..ac4a687 100644 --- a/modules/emacs/doom/init.el +++ b/modules/emacs/doom/init.el @@ -45,7 +45,7 @@ grammar :tools - ;; ansible + ansible (debugger +lsp) direnv (docker +lsp) diff --git a/modules/emacs/doom/packages.el b/modules/emacs/doom/packages.el index 549a5e5..2edbf1a 100644 --- a/modules/emacs/doom/packages.el +++ b/modules/emacs/doom/packages.el @@ -12,3 +12,9 @@ :recipe (:type git :host github :repo "djgoku/sops")) + +(unpin! ansible) +(package! ansible + :recipe (:type git + :host gitlab + :repo "emacs-ansible/emacs-ansible")) diff --git a/modules/syncthing.nix b/modules/syncthing.nix index 74d4afe..e261a12 100644 --- a/modules/syncthing.nix +++ b/modules/syncthing.nix @@ -62,17 +62,18 @@ in settings = { options = { + announceLANAddresses = false; autoUpgradeIntervalH = 0; crashReportingEnabled = false; globalAnnounceEnabled = false; relaysEnabled = false; - setLowPriority = this.isHeadless; + setLowPriority = this.isHeadful; stunKeepaliveStartS = 0; urAccepted = -1; }; gui = { - insecureAdminAccess = true; + insecureAdminAccess = this.isHeadless; insecureSkipHostcheck = this.isHeadless; }; @@ -80,9 +81,12 @@ in name: attr: mkIf (attr.syncthing.id != null && hasAttr "wireguard" attr) { inherit (attr.syncthing) id; - compression = "metadata"; + compression = "always"; introducer = false; - address = "tcp://${name}.${config.networking.domain}:22000"; + addresses = [ + "quic://${name}.${config.networking.domain}:22000" + "tcp://${name}.${config.networking.domain}:22000" + ]; autoAcceptFolders = true; untrusted = false; } |