forked from Fediversity/Fediversity
Add changes that hadn't been pushed to the repo as well
This commit is contained in:
parent
aad7a984c2
commit
fe0c69f6d9
|
@ -159,7 +159,8 @@
|
||||||
ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, echo-reply, echo-request, nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert, packet-too-big, parameter-problem, time-exceeded } accept
|
ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, echo-reply, echo-request, nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert, packet-too-big, parameter-problem, time-exceeded } accept
|
||||||
|
|
||||||
# open tcp ports: sshd (22)
|
# open tcp ports: sshd (22)
|
||||||
ip saddr $ssh_allow tcp dport {ssh} accept
|
# ip saddr $ssh_allow tcp dport {ssh} accept
|
||||||
|
tcp dport {ssh} accept
|
||||||
|
|
||||||
# open tcp ports: snmp (161)
|
# open tcp ports: snmp (161)
|
||||||
ip saddr $snmp_allow udp dport {snmp} accept
|
ip saddr $snmp_allow udp dport {snmp} accept
|
||||||
|
@ -214,6 +215,15 @@
|
||||||
packages = with pkgs; [ ];
|
packages = with pkgs; [ ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.users.valentin = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOJzgwAYAoMexc1fBJxU08YmsiU9T4Ua8QFeE4/kZNZ5"
|
||||||
|
];
|
||||||
|
packages = with pkgs; [ ];
|
||||||
|
};
|
||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
# List packages installed in system profile. To search, run:
|
||||||
# $ nix search wget
|
# $ nix search wget
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -238,6 +248,8 @@
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
# Enable the OpenSSH daemon.
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
services.openssh.settings.PasswordAuthentication = false;
|
||||||
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
|
|
Loading…
Reference in a new issue