summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorseth <[email protected]>2023-07-15 02:58:47 -0400
committerseth <[email protected]>2023-07-15 04:15:21 -0400
commit2e3dcc16a85fb3579fbe71bd11a62ea89e653650 (patch)
tree05db62e19aac3eb12619ea2ca3824a6686690612
parent47d0a88baa750070271b4682adb70d324ef1fdb2 (diff)
modules/server: disable ssh + cleanup a little
Diffstat
-rw-r--r--modules/nixos/server/default.nix24
1 files changed, 4 insertions, 20 deletions
diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix
index feae6e0..44a08c4 100644
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@@ -1,7 +1,7 @@
{
config,
lib,
- pkgs,
+ nixpkgs,
...
}: let
cfg = config.getchoo.server;
@@ -22,16 +22,13 @@ in {
networking.enable = false;
};
- environment.systemPackages = [pkgs.cachix];
-
nix = {
gc = {
dates = "*-*-1,5,9,13,17,21,25,29 00:00:00";
- options = "-d --delete-older-than 2d --max-freed 50G";
+ options = "-d --delete-older-than 2d";
};
settings = {
- trusted-users = ["${config.networking.hostName}"];
trusted-substituters = [
"https://getchoo.cachix.org"
"https://cache.garnix.io"
@@ -48,6 +45,8 @@ in {
};
};
+ nixpkgs.overlays = [(_: prev: {unstable = import nixpkgs {inherit (prev) system;};})];
+
programs = {
git.enable = mkDefault true;
vim.defaultEditor = mkDefault true;
@@ -56,20 +55,5 @@ in {
security = {
pam.enableSSHAgentAuth = mkDefault true;
};
-
- services = {
- fail2ban = {
- enable = true;
- bantime-increment = {
- enable = true;
- };
- maxretry = 5;
- };
-
- openssh = {
- enable = true;
- settings.PasswordAuthentication = mkDefault false;
- };
- };
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 17:19:21 +0000