{ config, pkgs, ... }:

{
  boot.loader.systemd-boot = {
    enable = true;
    editor = false;
    configurationLimit = 10;
  };
  boot.loader.efi.canTouchEfiVariables = true;

  boot.consoleLogLevel = 3;
  boot.kernelPackages = pkgs.linuxPackages_latest;
  boot.kernelModules = [ "tcp_bbr" ];
  boot.initrd.kernelModules = [ "amdgpu" ];
  boot.kernelParams = [ "preempt=full" "quiet" "udev.log_priority=3" ];

  boot.tmp.useTmpfs = true;
  boot.tmp.tmpfsSize = "4G";

  boot.kernel.sysctl = {
    "net.ipv4.conf.all.log_martians" = 1;
    "net.ipv4.conf.all.rp_filter" = 1;
    "net.ipv4.conf.default.log_martians" = 1;
    "net.ipv4.conf.default.rp_filter" = 1;
    "net.ipv4.icmp_echo_ignore_broadcasts" = 1;
  };
}