From 2e3dcc16a85fb3579fbe71bd11a62ea89e653650 Mon Sep 17 00:00:00 2001
From: seth <getchoo@tuta.io>
Date: Sat, 15 Jul 2023 02:58:47 -0400
Subject: modules/server: disable ssh + cleanup a little

---
 modules/nixos/server/default.nix | 24 ++++--------------------
 1 file changed, 4 insertions(+), 20 deletions(-)

(limited to 'modules/nixos')

diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix
index feae6e0..44a08c4 100644
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@@ -1,7 +1,7 @@
 {
   config,
   lib,
-  pkgs,
+  nixpkgs,
   ...
 }: let
   cfg = config.getchoo.server;
@@ -22,16 +22,13 @@ in {
       networking.enable = false;
     };
 
-    environment.systemPackages = [pkgs.cachix];
-
     nix = {
       gc = {
         dates = "*-*-1,5,9,13,17,21,25,29 00:00:00";
-        options = "-d --delete-older-than 2d --max-freed 50G";
+        options = "-d --delete-older-than 2d";
       };
 
       settings = {
-        trusted-users = ["${config.networking.hostName}"];
         trusted-substituters = [
           "https://getchoo.cachix.org"
           "https://cache.garnix.io"
@@ -48,6 +45,8 @@ in {
       };
     };
 
+    nixpkgs.overlays = [(_: prev: {unstable = import nixpkgs {inherit (prev) system;};})];
+
     programs = {
       git.enable = mkDefault true;
       vim.defaultEditor = mkDefault true;
@@ -56,20 +55,5 @@ in {
     security = {
       pam.enableSSHAgentAuth = mkDefault true;
     };
-
-    services = {
-      fail2ban = {
-        enable = true;
-        bantime-increment = {
-          enable = true;
-        };
-        maxretry = 5;
-      };
-
-      openssh = {
-        enable = true;
-        settings.PasswordAuthentication = mkDefault false;
-      };
-    };
   };
 }
-- 
cgit v1.2.3