blob: db221686fe8de78a61a497d191edf43f8aba0054 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
{ pkgs, lib, ... }:
with lib;
let
domain = "cache.nsupdate.info";
in {
# This only works for a single domain for nsupdate.info as multiple usernames
# and passwords are required for multiple domains
services.ddclient = {
enable = true;
server = "ipv4.nsupdate.info";
username = domain;
password = import ((toString <secrets>) + "/nsupdate-cache.nix");
domains = [ domain ];
use= "if, if=et0";
# use = "web, web=http://ipv4.nsupdate.info/myip";
};
krebs.cachecache = {
enable = true;
enableSSL = true; # disable letsencrypt for testing
cacheDir = "/var/cache/nix-cache-cache";
maxSize = "10g";
indexFile = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/krebs/35c3-nixos-cache/master/index.html";
sha256 = "0n9lji4rpi2wpfik3dvl92mmpfrywyp33iwsw7d8qmykk7l0hfp8";
};
# assumes that the domain is reachable from the internet
virtualHost = domain;
};
boot.kernelModules = [ "tcp_bbr" ];
boot.kernel.sysctl."net.ipv4.tcp_congestion_control" = "bbr";
boot.kernel.sysctl."net.core.default_qdisc" = "fq";
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
|