diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-14 15:38:08 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-14 15:38:08 +0100 |
commit | f061523314234b5287385d6eebc50b5d3dd82bb2 (patch) | |
tree | 33155ba0a83a25515c97ba0b9f233b3080617850 /hosts | |
parent | aec0018dfe10e19ceaa975936c6f1e4f69a99b09 (diff) | |
download | nixos-f061523314234b5287385d6eebc50b5d3dd82bb2.tar nixos-f061523314234b5287385d6eebc50b5d3dd82bb2.tar.gz nixos-f061523314234b5287385d6eebc50b5d3dd82bb2.tar.bz2 nixos-f061523314234b5287385d6eebc50b5d3dd82bb2.tar.xz nixos-f061523314234b5287385d6eebc50b5d3dd82bb2.zip |
...
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/surtr/default.nix | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix index f6200cf3..75dd9847 100644 --- a/hosts/surtr/default.nix +++ b/hosts/surtr/default.nix | |||
@@ -1,4 +1,7 @@ | |||
1 | { flake, pkgs, lib, ... }: | 1 | { flake, pkgs, lib, ... }: |
2 | |||
3 | with lib; | ||
4 | |||
2 | { | 5 | { |
3 | imports = with flake.nixosModules.systemProfiles; [ | 6 | imports = with flake.nixosModules.systemProfiles; [ |
4 | tmpfs-root qemu-guest openssh rebuild-machines zfs | 7 | tmpfs-root qemu-guest openssh rebuild-machines zfs |
@@ -68,7 +71,7 @@ | |||
68 | systemd.network = { | 71 | systemd.network = { |
69 | networks = { | 72 | networks = { |
70 | "40-ens3".networkConfig = { | 73 | "40-ens3".networkConfig = { |
71 | Domains = lib.mkForce "~."; | 74 | Domains = mkForce "~."; |
72 | DNS = [ "127.0.0.1:5353" "[::1]:5353" ]; | 75 | DNS = [ "127.0.0.1:5353" "[::1]:5353" ]; |
73 | # DNSSEC = true; | 76 | # DNSSEC = true; |
74 | # DNS = [ "46.38.225.230" "46.38.252.230" "2a03:4000:0:1::e1e6" "2a03:4000:8000::fce6" ]; | 77 | # DNS = [ "46.38.225.230" "46.38.252.230" "2a03:4000:0:1::e1e6" "2a03:4000:8000::fce6" ]; |
@@ -126,6 +129,9 @@ | |||
126 | cmdport 0 | 129 | cmdport 0 |
127 | ''; | 130 | ''; |
128 | }; | 131 | }; |
132 | systemd.services.chronyd.serviceConfig = { | ||
133 | PrivateDevices = mkForce false; | ||
134 | }; | ||
129 | 135 | ||
130 | services.openssh = { | 136 | services.openssh = { |
131 | enable = true; | 137 | enable = true; |