add ssh to wg for intranet
This commit is contained in:
parent
00d0aff6f8
commit
d0caeb0b57
@ -99,12 +99,6 @@
|
|||||||
|
|
||||||
services = {
|
services = {
|
||||||
dovecot2.sieve.extensions = [ "fileinto" ];
|
dovecot2.sieve.extensions = [ "fileinto" ];
|
||||||
openssh = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
PermitRootLogin = "prohibit-password";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
roundcube = {
|
roundcube = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
|
package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
|
||||||
|
@ -3,7 +3,7 @@ let
|
|||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
mods = toplevel.config.flake.nixosModules;
|
mods = toplevel.config.flake.nixosModules;
|
||||||
hardwareConfigurations = toplevel.config.flake.hardwareConfigurations;
|
hardwareConfigurations = toplevel.config.flake.hardwareConfigurations;
|
||||||
essential = with mods; [ grub base shell security wireless wireguard ];
|
essential = with mods; [ grub base shell security wireless intranet ];
|
||||||
desktop = with mods; [ sound wayland ];
|
desktop = with mods; [ sound wayland ];
|
||||||
configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem {
|
configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem {
|
||||||
specialArgs = {
|
specialArgs = {
|
||||||
@ -23,6 +23,6 @@ in
|
|||||||
nova-ai = novaConfig (with mods; [ ivand ai ]);
|
nova-ai = novaConfig (with mods; [ ivand ai ]);
|
||||||
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
|
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
|
||||||
vps = configWithModules { modules = (with mods; [ base shell security vps ]); };
|
vps = configWithModules { modules = (with mods; [ base shell security vps ]); };
|
||||||
stara-miner = configWithModules { modules = (with mods; [ grub base shell wireless security monero-miner ]); };
|
stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); };
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -103,7 +103,7 @@ top@{ inputs, moduleWithSystem, ... }: {
|
|||||||
rtkit.enable = true;
|
rtkit.enable = true;
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
wireguard = {
|
intranet = {
|
||||||
networking.wg-quick.interfaces = {
|
networking.wg-quick.interfaces = {
|
||||||
wg0 = {
|
wg0 = {
|
||||||
address = [ "10.0.0.2/32" ];
|
address = [ "10.0.0.2/32" ];
|
||||||
@ -118,6 +118,12 @@ top@{ inputs, moduleWithSystem, ... }: {
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
PermitRootLogin = "prohibit-password";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
wireless = {
|
wireless = {
|
||||||
networking = {
|
networking = {
|
||||||
|
Loading…
Reference in New Issue
Block a user