diff options
-rw-r--r-- | ymir.nix | 52 |
1 files changed, 33 insertions, 19 deletions
@@ -25,6 +25,39 @@ | |||
25 | zsh | 25 | zsh |
26 | ]; | 26 | ]; |
27 | 27 | ||
28 | networking = { | ||
29 | firewall = { | ||
30 | enable = true; | ||
31 | allowPing = true; | ||
32 | allowedTCPPorts = [ 22 | ||
33 | ]; | ||
34 | allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh | ||
35 | ]; | ||
36 | }; | ||
37 | enableIPv6 = true; | ||
38 | defaultGateway6 = "fe80::1"; | ||
39 | interfaces = { | ||
40 | enp0s3 = { | ||
41 | name = "enp0s3"; | ||
42 | ip6 = { | ||
43 | address = "2a03:4000:6:d004::"; | ||
44 | prefixLength = "64"; | ||
45 | }; | ||
46 | }; | ||
47 | }; | ||
48 | }; | ||
49 | |||
50 | users.extraUsers.root = let | ||
51 | template = (import users/gkleen.nix); | ||
52 | in { | ||
53 | inherit (template) shell; | ||
54 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; | ||
55 | }; | ||
56 | |||
57 | services.ntp = { | ||
58 | enable = false; | ||
59 | }; | ||
60 | |||
28 | # List services that you want to enable: | 61 | # List services that you want to enable: |
29 | 62 | ||
30 | services.openssh = { | 63 | services.openssh = { |
@@ -38,27 +71,8 @@ | |||
38 | ''; | 71 | ''; |
39 | }; | 72 | }; |
40 | 73 | ||
41 | networking.firewall = { | ||
42 | enable = true; | ||
43 | allowPing = true; | ||
44 | allowedTCPPorts = [ 22 | ||
45 | ]; | ||
46 | allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh | ||
47 | ]; | ||
48 | }; | ||
49 | |||
50 | services.ntp = { | ||
51 | enable = false; | ||
52 | }; | ||
53 | |||
54 | services.chrony = { | 74 | services.chrony = { |
55 | enable = true; | 75 | enable = true; |
56 | }; | 76 | }; |
57 | 77 | ||
58 | users.extraUsers.root = let | ||
59 | template = (import users/gkleen.nix); | ||
60 | in { | ||
61 | inherit (template) shell; | ||
62 | openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; | ||
63 | }; | ||
64 | } | 78 | } |