tasiaiso/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

nya

Browse source
This commit is contained in:
Tasia Iso 2024-10-05 11:38:36 +02:00
parent 05de7968de
commit 27e4b260b6
Signed by: tasiaiso
SSH key fingerprint: SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw
3 changed files with 26 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
common/components/networking.nix
View file

@ -4,14 +4,14 @@
enable = true; enable = true;
# Randomize MAC for every ethernet connetion # Randomize MAC for every ethernet connetion
ethernet.macAddress = "random"; # ethernet.macAddress = "random";
connectionConfig = { # connectionConfig = {
# IPv6 Privacy Extensions # # IPv6 Privacy Extensions
"ipv6.ip6-privacy" = 2; # "ipv6.ip6-privacy" = 2;
# unique DUID per connection # # unique DUID per connection
"ipv6.dhcp-duid" = "stable-uuid"; # "ipv6.dhcp-duid" = "stable-uuid";
}; # };
}; };
firewall = { firewall = {

13
common/services/sshd.nix
View file

@ -78,12 +78,13 @@
]; ];
# Check whether this is actually doing anything # Check whether this is actually doing anything
services.fail2ban = { # It is, it even bans legit connections.
enable = true; # services.fail2ban = {
ignoreIP = [ # enable = true;
# # ignoreIP = [
]; # #
}; # ];
# };
} }
# ssh R6: StrictHostKeyChecking ask # ssh R6: StrictHostKeyChecking ask

15
hosts/vulpecula/configuration.nix
View file

@ -42,7 +42,7 @@ in {
users.users.tasia = { users.users.tasia = {
isNormalUser = true; isNormalUser = true;
description = "Tasia"; description = "Tasia";
extraGroups = ["networkmanager" "wheel" "dialout"]; extraGroups = ["networkmanager" "wheel"];
initialPassword = "correcthorsebatterystaple"; initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
sshKeys.tasia.yaseen sshKeys.tasia.yaseen
@ -53,8 +53,8 @@ in {
users.users.vulpecula = { users.users.vulpecula = {
isNormalUser = true; isNormalUser = true;
description = "vulpecula"; description = "test acc";
extraGroups = ["networkmanager" "wheel" "dialout"]; extraGroups = ["networkmanager" "wheel"];
initialPassword = "correcthorsebatterystaple"; initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
sshKeys.tasia.yubi-primary sshKeys.tasia.yubi-primary
@ -62,6 +62,15 @@ in {
]; ];
}; };
users.users.dedsec = {
isNormalUser = true;
description = "dedsec";
extraGroups = ["networkmanager" "wheel"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
];
};
services.nginx = { services.nginx = {
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;