Enable defaults.ssh
This commit is contained in:
parent
8ef887a4f0
commit
071cb4774d
|
@ -17,8 +17,6 @@
|
||||||
|
|
||||||
beatific.hostName = "empyrean";
|
beatific.hostName = "empyrean";
|
||||||
beatific.defaults = {
|
beatific.defaults = {
|
||||||
programs = false;
|
|
||||||
ssh = false;
|
|
||||||
nebula = false;
|
nebula = false;
|
||||||
tvb = false;
|
tvb = false;
|
||||||
};
|
};
|
||||||
|
@ -44,13 +42,10 @@
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
networking.interfaces.eth0.useDHCP = true;
|
networking.interfaces.eth0.useDHCP = true;
|
||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
|
||||||
# $ nix search wget
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
vim htop git tinc_pre python3
|
tinc_pre
|
||||||
gitea
|
gitea
|
||||||
];
|
];
|
||||||
environment.variables.EDITOR = "vim";
|
|
||||||
|
|
||||||
services.nginx = let
|
services.nginx = let
|
||||||
static-site = srv-dir: {
|
static-site = srv-dir: {
|
||||||
|
@ -92,7 +87,6 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
|
||||||
settings.PasswordAuthentication = false;
|
settings.PasswordAuthentication = false;
|
||||||
settings.PermitRootLogin = "prohibit-password";
|
settings.PermitRootLogin = "prohibit-password";
|
||||||
};
|
};
|
||||||
|
@ -135,9 +129,7 @@
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowPing = true;
|
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
22 # ssh
|
|
||||||
80 # http
|
80 # http
|
||||||
443 # https
|
443 # https
|
||||||
655 # tinc
|
655 # tinc
|
||||||
|
|
Loading…
Reference in New Issue