diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2018-04-05 12:50:05 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2018-04-05 12:50:05 +0200 |
commit | 84a37a8ef41712840e1a2462b6edc6eab56346d5 (patch) | |
tree | 25ddc07fe842d53602da1a1d000f8b0db80cc2bf | |
parent | f32b865802509c11b534917a25fbe762ca7c7f08 (diff) | |
download | nixos-84a37a8ef41712840e1a2462b6edc6eab56346d5.tar nixos-84a37a8ef41712840e1a2462b6edc6eab56346d5.tar.gz nixos-84a37a8ef41712840e1a2462b6edc6eab56346d5.tar.bz2 nixos-84a37a8ef41712840e1a2462b6edc6eab56346d5.tar.xz nixos-84a37a8ef41712840e1a2462b6edc6eab56346d5.zip |
More stuff on odin
-rw-r--r-- | odin.nix | 32 | ||||
-rw-r--r-- | ymir.nix | 8 |
2 files changed, 26 insertions, 14 deletions
@@ -39,7 +39,17 @@ | |||
39 | 39 | ||
40 | programs.zsh.enable = true; | 40 | programs.zsh.enable = true; |
41 | 41 | ||
42 | services.openssh.enable = true; | 42 | services.openssh = { |
43 | enable = true; | ||
44 | passwordAuthentication = false; | ||
45 | challengeResponseAuthentication = false; | ||
46 | extraConfig = '' | ||
47 | AllowGroups ssh | ||
48 | ''; | ||
49 | }; | ||
50 | users.groups."ssh" = { | ||
51 | members = ["root"]; | ||
52 | }; | ||
43 | 53 | ||
44 | networking.firewall = { | 54 | networking.firewall = { |
45 | enable = true; | 55 | enable = true; |
@@ -57,9 +67,19 @@ | |||
57 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; | 67 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; |
58 | }; | 68 | }; |
59 | 69 | ||
60 | # This value determines the NixOS release with which your system is to be | 70 | services.journald = { |
61 | # compatible, in order to avoid breaking some software such as database | 71 | rateLimitBurst = 0; |
62 | # servers. You should change this only after NixOS release notes say you | 72 | }; |
63 | # should. | 73 | |
64 | system.stateVersion = "18.09"; # Did you read the comment? | 74 | services.haveged.enable = true; |
75 | |||
76 | system.autoUpgrade.enable = true; | ||
77 | system.stateVersion = "18.09"; | ||
78 | |||
79 | systemd.services."nixos-upgrade" = { | ||
80 | path = with pkgs; [ git ]; | ||
81 | preStart = '' | ||
82 | git -C /etc/nixos pull --recurse-submodules | ||
83 | ''; | ||
84 | }; | ||
65 | } | 85 | } |
@@ -209,10 +209,6 @@ in rec { | |||
209 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; | 209 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; |
210 | }; | 210 | }; |
211 | 211 | ||
212 | services.ntp = { | ||
213 | enable = false; | ||
214 | }; | ||
215 | |||
216 | # List services that you want to enable: | 212 | # List services that you want to enable: |
217 | 213 | ||
218 | services.openssh = { | 214 | services.openssh = { |
@@ -243,10 +239,6 @@ in rec { | |||
243 | ]; | 239 | ]; |
244 | }; | 240 | }; |
245 | 241 | ||
246 | services.timesyncd = { | ||
247 | enable = true; | ||
248 | }; | ||
249 | |||
250 | services.journald = { | 242 | services.journald = { |
251 | rateLimitBurst = 0; | 243 | rateLimitBurst = 0; |
252 | }; | 244 | }; |