Minimize pkgs use, add stable channel for unstable systems, more separation and such

2025-03-27 08:53:35 -04:00 · 2025-03-27 08:53:35 -04:00 · 9190e09c93
commit 9190e09c93
parent e2c86171a5
23 changed files with 112 additions and 93 deletions
--- a/modules/system/devices/networking/default.nix
+++ b/modules/system/devices/networking/default.nix
@ -8,16 +8,17 @@
    nftables.enable = true;
    firewall.allowPing = false;
    nameservers = [
-      "1.1.1.1#one.one.one.one"
-      "1.0.0.1#one.one.one.one"
+      "9.9.9.11#dns11.quad9.net"
+      "149.112.112.11#dns11.quad9.net"
+      "2620:fe::11#dns11.quad9.net"
+      "2620:fe::fe:11#dns11.quad9.net"
    ];
  };

  services.resolved = {
    enable = true;
    dnssec = "true";
-    domains = [ "~." ];
-    fallbackDns = config.networking.nameservers;
    dnsovertls = "true";
+    fallbackDns = config.networking.nameservers;
  };
 }
--- a/modules/system/devices/video/nvidia/default.nix
+++ b/modules/system/devices/video/nvidia/default.nix
@ -4,21 +4,17 @@

  config = lib.mkIf config.system.nvidia.enable {
    hardware.nvidia = {
-      package = config.boot.kernelPackages.nvidiaPackages.beta;
      modesetting.enable = true;
      nvidiaSettings = false;
-      open = false;
+      open = true;
    };

    services.xserver.videoDrivers = [ "nvidia" ];

-    boot.kernelParams = [ "nvidia_drm.fbdev=1" ];
-
    nixpkgs.allowUnfreePackages = [ "nvidia-x11" ];

-    specialisation.nouveau.configuration.config = {
-      system.nvidia.enable = lib.mkForce false;
-      environment.sessionVariables.NIXOS_OZONE_WL = lib.mkForce "";
-    };
+    boot.kernelParams = [ "nvidia_drm.fbdev=1" ];
+
+    specialisation.nouveau.configuration.config.system.nvidia.enable = lib.mkForce false;
  };
 }