zaphyra's git: nixfiles

config/nixos/modules/presets/katja/enable: set some sane defaults

diff --git a/config/nixos/modules/presets/katja/enable.nix b/config/nixos/modules/presets/katja/enable.nix
@@ -89,12 +89,33 @@ in
       };
     };
 
-    services.nginx = {
-      enable = true;
-      virtualHosts."${config.networking.fqdn}" = {
-        useACMEHost = "${config.networking.fqdn}";
-        forceSSL = true;
-        kTLS = true;
+
+    services = {
+      timesyncd.enable = lib.mkDefault true;
+      fstrim.enable    = lib.mkDefault true;
+
+      journald.extraConfig = "SystemMaxUse=2.5G";
+
+      logind.killUserProcesses = lib.mkDefault true;
+
+      nginx = {
+        recommendedGzipSettings  = true;
+        recommendedOptimisation  = true;
+        recommendedProxySettings = true;
+        recommendedTlsSettings   = true;
+        commonHttpConfig = ''
+          server_names_hash_bucket_size 64;
+          charset utf-8;
+
+          access_log off;
+        '';
+
+        virtualHosts."${config.networking.fqdn}" = {
+          useACMEHost = "${config.networking.fqdn}";
+          forceSSL = true;
+          kTLS = true;
+          default = true;
+        };
       };
     };