summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ymir.nix52
1 files changed, 33 insertions, 19 deletions
diff --git a/ymir.nix b/ymir.nix
index 29d8d99d..c57e4407 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -25,6 +25,39 @@
25 zsh 25 zsh
26 ]; 26 ];
27 27
28 networking = {
29 firewall = {
30 enable = true;
31 allowPing = true;
32 allowedTCPPorts = [ 22
33 ];
34 allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
35 ];
36 };
37 enableIPv6 = true;
38 defaultGateway6 = "fe80::1";
39 interfaces = {
40 enp0s3 = {
41 name = "enp0s3";
42 ip6 = {
43 address = "2a03:4000:6:d004::";
44 prefixLength = "64";
45 };
46 };
47 };
48 };
49
50 users.extraUsers.root = let
51 template = (import users/gkleen.nix);
52 in {
53 inherit (template) shell;
54 openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
55 };
56
57 services.ntp = {
58 enable = false;
59 };
60
28 # List services that you want to enable: 61 # List services that you want to enable:
29 62
30 services.openssh = { 63 services.openssh = {
@@ -38,27 +71,8 @@
38 ''; 71 '';
39 }; 72 };
40 73
41 networking.firewall = {
42 enable = true;
43 allowPing = true;
44 allowedTCPPorts = [ 22
45 ];
46 allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
47 ];
48 };
49
50 services.ntp = {
51 enable = false;
52 };
53
54 services.chrony = { 74 services.chrony = {
55 enable = true; 75 enable = true;
56 }; 76 };
57 77
58 users.extraUsers.root = let
59 template = (import users/gkleen.nix);
60 in {
61 inherit (template) shell;
62 openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
63 };
64} 78}