talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix firefox launch time.

Browse Source
This commit is contained in:
Tom Alexander 2024-12-20 21:06:04 -05:00
parent b314982196
commit e7ab762ee4
Signed by: talexander
GPG Key ID: D3A179C9A53C0EDE
3 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nix/configuration/configuration.nix
View File

@ -9,6 +9,7 @@
./boot.nix ./boot.nix
./zfs.nix ./zfs.nix
./network.nix ./network.nix
./roles/firewall
./roles/graphics ./roles/graphics
./roles/sound ./roles/sound
./roles/sway ./roles/sway
@ -88,6 +89,8 @@
vulkan-tools # for vkcube TODO move to better role vulkan-tools # for vkcube TODO move to better role
xorg.xeyes # to test which windows are using x11 TODO move to better role xorg.xeyes # to test which windows are using x11 TODO move to better role
ripgrep ripgrep
strace
tcpdump
]; ];
services.openssh = { services.openssh = {
@ -109,12 +112,6 @@
]; ];
}; };
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 ];
networking.firewall.allowedUDPPorts = [ ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Check what will be lost with `zfs diff zroot/linux/root@blank` # Check what will be lost with `zfs diff zroot/linux/root@blank`
boot.initrd.systemd.enable = lib.mkDefault true; boot.initrd.systemd.enable = lib.mkDefault true;
boot.initrd.systemd.services.zfs-rollback = { boot.initrd.systemd.services.zfs-rollback = {

10
nix/configuration/network.nix
View File

@ -6,7 +6,7 @@
networking.dhcpcd.enable = false; networking.dhcpcd.enable = false;
networking.useDHCP = false; networking.useDHCP = false;
# networking.nameservers = ["8.8.8.8" "8.8.4.4"]; # networking.nameservers = ["8.8.8.8" "8.8.4.4"];
networking.nameservers = [ "194.242.2.2#doh.mullvad.net" "[2a07:e340::2]#doh.mullvad.net" ]; networking.nameservers = [ "194.242.2.2#doh.mullvad.net" "2a07:e340::2#doh.mullvad.net" ];
# networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; # networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
services.resolved = { services.resolved = {
enable = true; enable = true;
@ -15,6 +15,13 @@
fallbackDns = [ ]; fallbackDns = [ ];
dnsovertls = "true"; dnsovertls = "true";
}; };
# Without this, systemd-resolved will send DNS requests for <X>.home.arpa to the per-link DNS server (172.16.0.1) which does not support DNS-over-TLS. This leads to the connection anging and timing out. This causes firefox startup to take an extra 10+ seconds.
#
# Test with: drill @127.0.0.53 odo.home.arpa
networking.extraHosts = "127.0.0.1 odo.home.arpa";
networking.wireless.iwd = { networking.wireless.iwd = {
enable = true; enable = true;
@ -29,5 +36,6 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
iw iw
iwd iwd
ldns # for drill
]; ];
} }

15
nix/configuration/roles/firewall/default.nix Normal file
View File

@ -0,0 +1,15 @@
{ config, lib, pkgs, ... }:
{
imports = [];
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
22 # ssh
];
networking.firewall.allowedUDPPorts = [
5353 # mDNS
];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
}