zulumann/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2025.04.30-20:50

Browse Source
This commit is contained in:
zulumann
2025-04-30 20:47:57 +02:00
commit 8065685ccb
153 changed files with 6149 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
nixos_24.11_wlin001/system/default.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, pkgs, ... }:
{
imports = [
./tweaks
./gpu-amd.nix
./kvm.nix
./printer.nix
./samba.nix
./smb-mount-fsrv.nix
./smb-mount-nas.nix
#./wacom.nix
];
}

39
nixos_24.11_wlin001/system/gpu-amd.nix Normal file
View File

@ -0,0 +1,39 @@
{ config, pkgs, ... }:
{
boot.initrd.kernelModules = [ "amdgpu" ];
# Enable amdgpu
services.xserver = {
videoDrivers = [ "amdgpu" ];
deviceSection = ''Option "TearFree" "true"'';
};
hardware.graphics = {
enable = true;
enable32Bit = true;
};
# Enable AMDVLK and OpenCL
hardware.graphics.extraPackages = with pkgs; [
amdvlk
rocmPackages.clr.icd
];
hardware.graphics.extraPackages32 = with pkgs; [
driversi686Linux.amdvlk
];
environment.systemPackages = with pkgs; [
#lact # Linux AMDGPU Controller
libdrm
vulkan-loader
vulkan-tools
vkbasalt
radeontop
xorg.xf86videoamdgpu
];
#systemd.packages = with pkgs; [ lact ];
#systemd.services.lactd.wantedBy = ["multi-user.target"];
}

59
nixos_24.11_wlin001/system/kvm.nix Normal file
View File

@ -0,0 +1,59 @@
{ config, pkgs, ... }:
{
boot.kernelParams = [ "amd_iommu=on" "pcie_aspm=off" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModprobeConfig = "options kvm_amd nested=1";
# Enable dconf (System Management Tool)
# programs.dconf.enable = true;
# Add user to libvirtd group
users.users.zulumann.extraGroups = [ "libvirtd" "kvm" ];
# Install necessary packages
environment.systemPackages = with pkgs; [
libvirt
qemu
qemu_kvm
OVMFFull
virt-manager
virt-viewer
spice spice-gtk
spice-protocol
adwaita-icon-theme
python3
iproute2
bridge-utils
];
# Manage the virtualisation services
virtualisation = {
libvirtd = {
enable = true;
qemu = {
swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [ pkgs.OVMFFull.fd ];
};
};
spiceUSBRedirection.enable = true;
};
# Enable VirtioFS
virtualisation.libvirtd.qemu.vhostUserPackages = [ pkgs.virtiofsd ];
environment.sessionVariables.LIBVIRT_DEFAULT_URI = [ "qemu:///system" ];
services.spice-vdagentd.enable = true;
# Enable Bridge-Network
networking.firewall.checkReversePath = false;
networking.interfaces.eth0.useDHCP = true;
networking.interfaces.br-lan.useDHCP = true;
networking.bridges = {
"br-lan" = {
interfaces = [ "eth0" ];
};
};
}

40
nixos_24.11_wlin001/system/printer.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, pkgs, ... }:
{
# Enable CUPS
services.printing = {
enable = true;
#openFirewall = true;
drivers = [
pkgs.brlaser
pkgs.hplipWithPlugin
];
};
services.printing.cups-pdf = {
enable = true;
instances = {
pdf = {
settings = {
Out = "\${HOME}/Cups-pdf";
UserUMask = "0033";
};
};
};
};
# Enable Sane
hardware.sane = {
enable = true;
extraBackends = [ pkgs.hplipWithPlugin ];
};
users.users.zulumann.extraGroups = ["scanner" "lp"];
networking.firewall = {
allowedTCPPorts = [ 80 427 443 515 631 8080 9100 6566 ];
allowedUDPPorts = [ 427 3702 5353 ];
};
}

116
nixos_24.11_wlin001/system/samba.nix Normal file
View File

@ -0,0 +1,116 @@
{ config, pkgs, ... }:
{
services.samba = {
enable = true;
# securityType = "user";
openFirewall = true;
settings = {
global = {
"workgroup" = "WORKGROUP";
"server role" = "standalone server";
"server string" = "wlin001-nixos";
"netbios name" = "wlin001-nixos";
"global.security" = "user";
"min protocol" = "smb3_11";
"max protocol" = "smb3_11";
"wide links" = "no";
"follow symlinks" = "no";
#### Networking ####
"bind interfaces only" = "yes";
"interfaces" = "lo br-lan eth0";
# note: localhost is the ipv6 localhost ::1
"hosts allow" = "192.168.10.0/24 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
### Browsing election options ###
"wins support" = "no";
"name resolve order" = "host bcast lmhosts";
"multicast dns register" = "yes";
"dns proxy" = "yes";
####### Authentication #######
"guest account" = "zulumann";
"map to guest" = "bad user";
### Tuning ###
"socket options" = "TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_RCVBUF=131072 SO_SNDBUF=131072";
"use sendfile" = "yes";
"getwd cache" = "yes";
"stat cache" = "yes";
"min receivefile size" = "16384";
"write raw" = "yes";
"read raw" = "yes";
"max xmit" = "32768";
"deadtime" = "15";
"keepalive" = "150";
"sync always" = "no";
"large readwrite" = "yes";
"strict sync" = "no";
"strict allocate" = "yes";
"strict locking" = "auto";
"server multi channel support" = "yes";
"aio write size" = "1";
"aio read size" = "1";
"idmap cache time" = "604";
#### Debugging ####
"log level" = "1";
"log file" = "/var/log/samba/log.%m";
"max log size" = "1000";
"logging" = "file";
"panic action" = "/usr/share/samba/panic-action %d";
};
"Share" = {
"path" = "/home/zulumann/Share-SMB";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "yes";
"public" = "yes";
"writable" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
"Private" = {
"path" = "/home/zulumann/Share-Priv";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
#"force user" = "zulumann";
#"force group" = "zulumann";
};
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.avahi.extraServiceFiles = {
smb = ''
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h - SMB/CIFS</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
</service-group>
'';
};
}
# User Authentication
# For a user called my_userto be authenticated on the samba server, you must add their password using
# sudo smbpasswd -a my_user

78
nixos_24.11_wlin001/system/smb-mount-fsrv.nix Normal file
View File

@ -0,0 +1,78 @@
{ config, pkgs, ... }:
{
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/mnt/fileserver01/Appz" = {
device = "//192.168.10.52/appz/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Backup" = {
device = "//192.168.10.52/backup/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Dateien" = {
device = "//192.168.10.52/dateien/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Downloads" = {
device = "//192.168.10.52/downloads/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/ISOs" = {
device = "//192.168.10.52/isos/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Multimedia" = {
device = "//192.168.10.52/multimedia/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Public" = {
device = "//192.168.10.52/public/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/fileserver01/Share" = {
device = "//192.168.10.52/share/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
}

132
nixos_24.11_wlin001/system/smb-mount-nas.nix Normal file
View File

@ -0,0 +1,132 @@
{ config, pkgs, ... }:
{
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/mnt/nas/Audio" = {
device = "//192.168.10.90/audio/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Appz" = {
device = "//192.168.10.90/appz/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Backup" = {
device = "//192.168.10.90/backup/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Files" = {
device = "//192.168.10.90/files/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Downloads" = {
device = "//192.168.10.90/downloads/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Emulator" = {
device = "//192.168.10.90/emulator/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Games" = {
device = "//192.168.10.90/games/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/ISO" = {
device = "//192.168.10.90/iso/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Multimedia" = {
device = "//192.168.10.90/multimedia/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Public" = {
device = "//192.168.10.90/public/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Share" = {
device = "//192.168.10.90/share/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/Work" = {
device = "//192.168.10.90/work/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/XXX" = {
device = "//192.168.10.90/xxx/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
fileSystems."/mnt/nas/homes" = {
device = "//192.168.10.90/homes/";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/secrets/samba-secrets,uid=1000,gid=100"];
};
}

40
nixos_24.11_wlin001/system/tweaks/16GB-SYSTEM.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, ... }:
# Control how and when data is written from memory to disk, which can have an impact on system performance and responsiveness.
# useful for optimizing memory usage, disk writeback behavior, network settings, and other low-level kernel behaviors.
{
boot.kernelModules = ["tcp_bbr"];
boot.kernel.sysctl = {
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_fastopen" = "3";
#---------------------------------------------------------------------
# Network and memory-related optimizationss for desktop 16GB
#---------------------------------------------------------------------
"kernel.sysrq" = 1; # Enable SysRQ for rebooting the machine properly if it freezes. [Source](https://oglo.dev/tutorials/sysrq/index.html)
"net.core.netdev_max_backlog" = 30000; # Help prevent packet loss during high traffic periods.
"net.core.rmem_default" = 262144; # Default socket receive buffer size, improve network performance & applications that use sockets. Adjusted for 16GB RAM.
"net.core.rmem_max" = 33554432; # Maximum socket receive buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 16GB RAM.
"net.core.wmem_default" = 262144; # Default socket send buffer size, improve network performance & applications that use sockets. Adjusted for 16GB RAM.
"net.core.wmem_max" = 33554432; # Maximum socket send buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 16GB RAM.
"net.ipv4.ipfrag_high_threshold" = 5242880; # Reduce the chances of fragmentation. Adjusted for SSD.
"net.ipv4.tcp_keepalive_intvl" = 30; # TCP keepalive interval between probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_probes" = 5; # TCP keepalive probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_time" = 300; # TCP keepalive interval in seconds to detect if a connection is still alive.
"vm.dirty_background_bytes" = 134217728; # 128 MB
"vm.dirty_bytes" = 402653184; # 384 MB
"vm.min_free_kbytes" = 65536; # Minimum free memory for safety (in KB), helping prevent memory exhaustion situations. Adjusted for 16GB RAM.
"vm.swappiness" = 10; # Adjust how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM. Adjusted for 16GB RAM.
"vm.vfs_cache_pressure" = 90; # Adjust vfs_cache_pressure (0-1000) to manage memory used for caching filesystem objects. Adjusted for 16GB RAM.
# Nobara Tweaks
"fs.aio-max-nr" = 1000000; # defines the maximum number of asynchronous I/O requests that can be in progress at a given time. 1048576
"fs.inotify.max_user_watches" = 65536; # sets the maximum number of file system watches, enhancing file system monitoring capabilities. Default: 8192 TWEAKED: 524288
"kernel.panic" = 5; # Reboot after 5 seconds on kernel panic Default: 0
"kernel.pid_max" = 131072; # allows a large number of processes and threads to be managed Default: 32768 TWEAKED: 4194304
};
}

40
nixos_24.11_wlin001/system/tweaks/32GB-SYSTEM.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, ... }:
# Control how and when data is written from memory to disk, which can have an impact on system performance and responsiveness.
# useful for optimizing memory usage, disk writeback behavior, network settings, and other low-level kernel behaviors.
{
boot.kernelModules = ["tcp_bbr"];
boot.kernel.sysctl = {
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_fastopen" = "3";
#---------------------------------------------------------------------
# Network and memory-related optimizationss for 32GB
#---------------------------------------------------------------------
"kernel.sysrq" = 1; # Enable SysRQ for rebooting the machine properly if it freezes. [Source](https://oglo.dev/tutorials/sysrq/index.html)
"net.core.netdev_max_backlog" = 30000; # Help prevent packet loss during high traffic periods.
"net.core.rmem_default" = 262144; # Default socket receive buffer size, improve network performance & applications that use sockets. Adjusted for 32GB RAM.
"net.core.rmem_max" = 67108864; # Maximum socket receive buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 32GB RAM.
"net.core.wmem_default" = 262144; # Default socket send buffer size, improve network performance & applications that use sockets. Adjusted for 32GB RAM.
"net.core.wmem_max" = 67108864; # Maximum socket send buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 32GB RAM.
"net.ipv4.ipfrag_high_threshold" = 5242880; # Reduce the chances of fragmentation. Adjusted for SSD.
"net.ipv4.tcp_keepalive_intvl" = 10; # TCP keepalive interval between probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_probes" = 5; # TCP keepalive probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_time" = 60; # TCP keepalive interval in seconds to detect if a connection is still alive.
"vm.dirty_background_bytes" = 134217728; # 128 MB
"vm.dirty_bytes" = 402653184; # 384 MB
"vm.min_free_kbytes" = 65536; # Minimum free memory for safety (in KB), helping prevent memory exhaustion situations. Adjusted for 32GB RAM.
"vm.swappiness" = 5; # Adjust how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM. Adjusted for 32GB RAM.
"vm.vfs_cache_pressure" = 90; # Adjust vfs_cache_pressure (0-1000) to manage memory used for caching filesystem objects. Adjusted for 32GB RAM.
# Nobara Tweaks
"fs.aio-max-nr" = 1000000; # defines the maximum number of asynchronous I/O requests that can be in progress at a given time. 1048576
"fs.inotify.max_user_watches" = 65536; # sets the maximum number of file system watches, enhancing file system monitoring capabilities. Default: 8192 TWEAKED: 524288
"kernel.panic" = 5; # Reboot after 5 seconds on kernel panic Default: 0
"kernel.pid_max" = 131072; # allows a large number of processes and threads to be managed Default: 32768 TWEAKED: 4194304
};
}

33
nixos_24.11_wlin001/system/tweaks/4GB-SYSTEM.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, ... }:
# Control how and when data is written from memory to disk, which can have an impact on system performance and responsiveness.
# useful for optimizing memory usage, disk writeback behavior, network settings, and other low-level kernel behaviors.
{
boot.kernelModules = ["tcp_bbr"];
boot.kernel.sysctl = {
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_fastopen" = "3";
#---------------------------------------------------------------------
# Network and memory-related optimizationss for 4GB
#---------------------------------------------------------------------
"kernel.sysrq" = 1; # Enable SysRQ for rebooting the machine properly if it freezes. [Source](https://oglo.dev/tutorials/sysrq/index.html)
"net.core.netdev_max_backlog" = 30000; # Help prevent packet loss during high traffic periods.
"net.core.rmem_default" = 131072; # Default socket receive buffer size, improving network performance and applications that use sockets.
"net.core.rmem_max" = 16777216; # Maximum socket receive buffer size, determining the amount of data that can be buffered in memory for network operations.
"net.core.wmem_default" = 131072; # Default socket send buffer size, improving network performance and applications that use sockets.
"net.core.wmem_max" = 16777216; # Maximum socket send buffer size, determining the amount of data that can be buffered in memory for network operations.
"net.ipv4.ipfrag_high_threshold" = 8388608; # Reduce the chances of fragmentation.
"net.ipv4.tcp_keepalive_intvl" = 30; # TCP keepalive interval between probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_probes" = 5; # TCP keepalive probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_time" = 60; # TCP keepalive interval in seconds to detect if a connection is still alive.
"vm.dirty_background_bytes" = 8388608; # Data (8 MB) modified in memory and needs to be written to disk. (Adjusted for 4GB RAM)
"vm.dirty_bytes" = 25165824; # Data (24 MB) modified in memory and needs to be written to disk. (Adjusted for 4GB RAM)
"vm.min_free_kbytes" = 32768; # Minimum free memory for safety (in KB), helping prevent memory exhaustion situations. (Adjusted for 4GB RAM)
"vm.swappiness" = 20; # Adjust how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM. (Adjusted for 4GB RAM)
"vm.vfs_cache_pressure" = 100; # Adjust vfs_cache_pressure (0-1000) to manage memory used for caching filesystem objects. (Adjusted for 4GB RAM)
};
}

131
nixos_24.11_wlin001/system/tweaks/8GB-SYSTEM.nix Normal file
View File

@ -0,0 +1,131 @@
{ config, ... }:
# Control how and when data is written from memory to disk, which can have an impact on system performance and responsiveness.
# useful for optimizing memory usage, disk writeback behavior, network settings, and other low-level kernel behaviors.
{
boot.kernelModules = ["tcp_bbr"];
boot.kernel.sysctl = {
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_fastopen" = "3";
#---------------------------------------------------------------------
# Network and memory-related optimizationss for 8GB
#---------------------------------------------------------------------
"kernel.sysrq" = 1; # Enable SysRQ for rebooting the machine properly if it freezes. [Source](https://oglo.dev/tutorials/sysrq/index.html)
"net.core.netdev_max_backlog" = 30000; # Help prevent packet loss during high traffic periods.
"net.core.rmem_default" = 262144; # Default socket receive buffer size, improve network performance & applications that use sockets. Adjusted for 8GB RAM.
"net.core.rmem_max" = 33554432; # Maximum socket receive buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 8GB RAM.
"net.core.wmem_default" = 262144; # Default socket send buffer size, improve network performance & applications that use sockets. Adjusted for 8GB RAM.
"net.core.wmem_max" = 33554432; # Maximum socket send buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 8GB RAM.
"net.ipv4.ipfrag_high_threshold" = 5242880; # Reduce the chances of fragmentation. Adjusted for SSD.
"net.ipv4.tcp_keepalive_intvl" = 30; # TCP keepalive interval between probes to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_probes" = 5; # TCP keepalive probes to detect if a connection is still alive.
#"net.ipv4.tcp_keepalive_time" = 300; # TCP keepalive interval in seconds to detect if a connection is still alive.
"net.ipv4.tcp_keepalive_time" = "60"; # TCP keepalive interval in seconds to detect if a connection is still alive.
"vm.dirty_background_bytes" = 134217728; # 128 MB
"vm.dirty_bytes" = 402653184; # 384 MB
"vm.min_free_kbytes" = 131072; # Minimum free memory for safety (in KB), helping prevent memory exhaustion situations. Adjusted for 8GB RAM.
"vm.swappiness" = 10; # Adjust how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM. Adjusted for 8GB RAM.
"vm.vfs_cache_pressure" = 90; # Adjust vfs_cache_pressure (0-1000) to manage memory used for caching filesystem objects. Adjusted for 8GB RAM.
# Nobara Tweaks
"fs.aio-max-nr" = 1000000; # defines the maximum number of asynchronous I/O requests that can be in progress at a given time. 1048576
"fs.inotify.max_user_watches" = 65536; # sets the maximum number of file system watches, enhancing file system monitoring capabilities. Default: 8192 TWEAKED: 524288
"kernel.panic" = 5; # Reboot after 5 seconds on kernel panic Default: 0
"kernel.pid_max" = 131072; # allows a large number of processes and threads to be managed Default: 32768 TWEAKED: 4194304
};
}
# -----------------------------------------------------------------
# Summary of my configuration
# -----------------------------------------------------------------
# Network Performance Settings:
# ----------------------------------------------
# "net.core.rmem_default" = 16 MB
# "net.core.rmem_max" = 16 MB
# "net.core.wmem_default" = 16 MB
# "net.core.wmem_max" = 16 MB
# These settings define the default and maximum socket buffer sizes for receiving and sending data, improving network performance and benefiting applications that use sockets.
# TCP Keepalive Settings:
# ----------------------------------------------
# "net.ipv4.tcp_keepalive_intvl" = 30 seconds
# "net.ipv4.tcp_keepalive_probes" = 5 probes
# "net.ipv4.tcp_keepalive_time" = 300 seconds
# These settings configure TCP keepalive parameters, which are used to detect if a network connection is still alive.
# Disk Write Behavior Settings:
# ----------------------------------------------
# "vm.dirty_background_bytes" = 16 MB
# "vm.dirty_bytes" = 48 MB
# These settings control how much modified data in memory needs to be written to disk. Lower values can lead to more frequent writes.
# Memory Safety Setting:
# ----------------------------------------------
# "vm.min_free_kbytes" = 65,536 KB
# This setting specifies the minimum amount of free memory in kilobytes, helping to prevent memory exhaustion situations.
# Swappiness Setting:
# ----------------------------------------------
# "vm.swappiness" = 1
# This setting determines how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM, suitable for systems with ample memory.
# Cache Pressure Setting:
# ----------------------------------------------
# "vm.vfs_cache_pressure" = 50
# This setting adjusts vfs_cache_pressure (0-1000), influencing how the kernel reclaims memory used for caching filesystem objects.
# Customize these settings based on your system's requirements and performance goals, check below for extra info.
# Values explained:
# "vm.vfs_cache_pressure" = 50; Adjust vfs_cache_pressure (0-1000)
# -----------------------------------------------------------------
# 4GB RAM: 50 - 60 [ Lower values like 50 or 60 can be a good starting point for systems with 4GB of RAM to retain data in cache for improved file system access times ]
# 8GB RAM: 60 - 80 [ Values around 60 to 80 are reasonable for 8GB of RAM, as you can still afford to keep more data in cache for better performance ]
# 16GB RAM: 70 - 80 [ Lower values like 70 or 80 can be used to keep data in cache longer for systems with 16GB of RAM ]
# 32GB RAM: 80 - 90 [ Values around 80 or 90 are suitable for systems with 32GB of RAM, allowing more data to stay in cache ]
# 64GB RAM or More: 90 - 100 [ Lower values like 90 or 100 can minimize cache eviction for systems with very high memory, such as 64GB or more ]
# Low Values (e.g., 10-100):
# Situations where you have a lot of available RAM.
# When you want to optimize filesystem access times by keeping more data in cache.
# Systems with large file datasets that can benefit from a larger cache.
# High Values (e.g., 500-1000):
# Systems with limited RAM resources.
# Servers or virtual machines where memory availability is critical.
# When you want to ensure that cached memory is released more aggressively for other applications.
# vm.swappiness = <Recommended Value>
# ----------------------------------------------
# Adjusts how aggressively the kernel swaps data from RAM to disk.
# - For systems with 4GB RAM, consider a low value (1-10) to prioritize keeping data in RAM.
# - For systems with 8GB RAM, use a moderate value (10-30) for a balance between RAM usage and swapping.
# - For systems with 16GB to 28GB RAM, aim for a moderate value (10-30) to optimize performance.
# - For systems with 32GB or more RAM, a slightly higher value (30-60) may be suitable.
# Monitor system performance and adjust as needed based on your workload and available RAM.
# CALCULATIONS: ( Schooling )
# ----------------------------------------------
# 1 MB (megabyte) = 1048576 bytes
# To convert bytes to megabytes, divide the number of bytes by 1048576.
# Here's how the calculations work for the values provided:
# For "vm.dirty_background_bytes":
# 16777216 bytes ÷ 1048576 bytes/MB = 16 MB
# For "vm.dirty_bytes":
# 50331648 bytes ÷ 1048576 bytes/MB = 48 MB
# These calculations provide the approximate size in megabytes for the specified values.
# The values "vm.dirty_background_bytes" and "vm.dirty_bytes" control how much dirty data (data that has been modified but not yet written to disk)
# can accumulate in the system's cache before it's flushed to disk. Lowering these values, as done here, results in more frequent disk writes,
# which can be useful when you need data to be quickly written to a USB drive.

11
nixos_24.11_wlin001/system/tweaks/default.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
imports = [
#./4GB-SYSTEM.nix
#./8GB-SYSTEM.nix
#./16GB-SYSTEM.nix
./32GB-SYSTEM.nix
./ssd-tweaks.nix
];
}

19
nixos_24.11_wlin001/system/tweaks/hdd-tweak.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, ... }:
# Control how and when data is written from memory to disk, which can have an impact on system performance and responsiveness.
# useful for optimizing memory usage, disk writeback behavior, network settings, and other low-level kernel behaviors.
{
boot.kernel.sysctl = {
#---------------------------------------------------------------------
# HDD tweaks: Adjust settings for an HDD to optimize performance.
#---------------------------------------------------------------------
"vm.dirty_background_ratio" = "10"; # Set the ratio of dirty memory at which background writeback starts (10% for HDD).
"vm.dirty_expire_centisecs" = "6000"; # Set the time at which dirty data is old enough to be eligible for writeout (6000 centiseconds for HDD).
"vm.dirty_ratio" = "20"; # Set the ratio of dirty memory at which a process is forced to write out dirty data (20% for HDD).
"vm.dirty_time" = "0"; # Disable dirty time accounting.
"vm.dirty_writeback_centisecs" = "1000"; # Set the interval between two consecutive background writeback passes (1000 centiseconds for HDD).
};
}

18
nixos_24.11_wlin001/system/tweaks/ssd-tweaks.nix Normal file
View File

@ -0,0 +1,18 @@
{ config, ... }:
{
boot.kernel.sysctl = {
#---------------------------------------------------------------------
# SSD tweaks: Adjust settings for an SSD to optimize performance.
#---------------------------------------------------------------------
"vm.dirty_background_ratio" = "40"; # Set the ratio of dirty memory at which background writeback starts (5%). Adjusted for SSD.
"vm.dirty_expire_centisecs" = "3000"; # Set the time at which dirty data is old enough to be eligible for writeout (6000 centiseconds). Adjusted for SSD.
"vm.dirty_ratio" = "80"; # Set the ratio of dirty memory at which a process is forced to write out dirty data (10%). Adjusted for SSD.
"vm.dirty_time" = "0"; # Disable dirty time accounting.
"vm.dirty_writeback_centisecs" = "300"; # Set the interval between two consecutive background writeback passes (500 centiseconds)
};
services.fstrim.enable = true;
}

11
nixos_24.11_wlin001/system/wacom.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
services.xserver.wacom.enable = true;
environment.systemPackages = with pkgs; [
libwacom # Libraries, configuration, and diagnostic tools for Wacom tablets
];
}