cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

also traffic control caddy

Browse source
This commit is contained in:
cy 2025-02-25 12:39:43 -05:00
parent 47d703d9d1
commit d76a9f7f3a
Signed by: cy
SSH key fingerprint: SHA256:o/geVWV4om1QhUSkKvDQeW/eAihwnjyXkqMwrVdbuts
4 changed files with 27 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
home/yt/ytnix.nix
View file

@ -147,6 +147,7 @@
localsend localsend
scrcpy scrcpy
syncthing syncthing
obsidian
]; ];
programs.waybar.enable = true; programs.waybar.enable = true;
@ -189,12 +190,12 @@
# sccache stuff # sccache stuff
RUSTC_WRAPPER = "${lib.getExe pkgs.sccache}"; RUSTC_WRAPPER = "${lib.getExe pkgs.sccache}";
SCCACHE_BUCKET = "sccache"; SCCACHE_BUCKET = "sccache";
SCCACHE_REGION = "earth"; SCCACHE_REGION = "us-east-1";
SCCACHE_ENDPOINT = "https://sccache.s3.cy7.sh"; SCCACHE_ENDPOINT = "https://sccache.s3.cy7.sh";
SCCACHE_ALLOW_CORE_DUMPS = "true"; SCCACHE_ALLOW_CORE_DUMPS = "true";
SCCACHE_S3_USE_SSL = "true"; SCCACHE_S3_USE_SSL = "true";
SCCACHE_CACHE_MULTIARCH = "true"; SCCACHE_CACHE_MULTIARCH = "true";
SCCACHE_LOG_LEVEL = "warn"; SCCACHE_LOG = "warn";
AWS_DEFAULT_REGION = "us-east-1"; AWS_DEFAULT_REGION = "us-east-1";
AWS_ENDPOINT_URL = "https://s3.cy7.sh"; AWS_ENDPOINT_URL = "https://s3.cy7.sh";
AWS_ACCESS_KEY_ID = "$(cat /run/secrets/aws/key_id)"; AWS_ACCESS_KEY_ID = "$(cat /run/secrets/aws/key_id)";

15
hosts/chunk/default.nix
View file

@ -96,7 +96,8 @@
let let
ethtool = lib.getExe pkgs.ethtool; ethtool = lib.getExe pkgs.ethtool;
tc = lib.getExe' pkgs.iproute2 "tc"; tc = lib.getExe' pkgs.iproute2 "tc";
in '' in
''
# disable TCP segmentation offload (https://wiki.archlinux.org/title/Advanced_traffic_control#Prerequisites) # disable TCP segmentation offload (https://wiki.archlinux.org/title/Advanced_traffic_control#Prerequisites)
${ethtool} -K ens18 tso off ${ethtool} -K ens18 tso off
@ -104,16 +105,22 @@
${tc} qdisc del dev ens18 root || true ${tc} qdisc del dev ens18 root || true
# create HTB hierarchy # create HTB hierarchy
${tc} qdisc add dev ens18 root handle 1: htb default 20 ${tc} qdisc add dev ens18 root handle 1: htb default 30
${tc} class add dev ens18 parent 1: classid 1:1 htb rate 100% ceil 100% ${tc} class add dev ens18 parent 1: classid 1:1 htb rate 100% ceil 100%
${tc} class add dev ens18 parent 1:1 classid 1:10 htb rate 40% ceil 100% # tailscale
${tc} class add dev ens18 parent 1:1 classid 1:20 htb rate 60% ceil 100% ${tc} class add dev ens18 parent 1:1 classid 1:10 htb rate 30% ceil 100%
# caddy
${tc} class add dev ens18 parent 1:1 classid 1:20 htb rate 30% ceil 100%
# rest
${tc} class add dev ens18 parent 1:1 classid 1:30 htb rate 40% ceil 100%
# mark traffic # mark traffic
iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/tailscaled.service" -j MARK --set-mark 1 iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/tailscaled.service" -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/caddy.service" -j MARK --set-mark 2
# route marked packets # route marked packets
${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 1 fw flowid 1:10 ${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 1 fw flowid 1:10
${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 2 fw flowid 1:20
''; '';
}; };
networking.interfaces.ens18 = { networking.interfaces.ens18 = {

3
overlay/zipline/default.nix
View file

@ -1,5 +1,4 @@
final: prev: final: prev: {
{
zipline = prev.zipline.overrideAttrs { zipline = prev.zipline.overrideAttrs {
patches = [ patches = [
./no-check-bucket.patch ./no-check-bucket.patch