ivandimitrov8080/configuration.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add ssh to wg for intranet

Browse Source
This commit is contained in:
Ivan Kirilov Dimitrov 2024-08-04 20:07:52 +02:00
parent 00d0aff6f8
commit d0caeb0b57
No known key found for this signature in database
GPG Key ID: 0BDAD4B211C49294
3 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hosts/vps/mailserver/default.nix
View File

@ -99,12 +99,6 @@
services = { services = {
dovecot2.sieve.extensions = [ "fileinto" ]; dovecot2.sieve.extensions = [ "fileinto" ];
openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
};
};
roundcube = { roundcube = {
enable = true; enable = true;
package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);

4
nixos/configs/default.nix
View File

@ -3,7 +3,7 @@ let
system = "x86_64-linux"; system = "x86_64-linux";
mods = toplevel.config.flake.nixosModules; mods = toplevel.config.flake.nixosModules;
hardwareConfigurations = toplevel.config.flake.hardwareConfigurations; hardwareConfigurations = toplevel.config.flake.hardwareConfigurations;
essential = with mods; [ grub base shell security wireless wireguard ]; essential = with mods; [ grub base shell security wireless intranet ];
desktop = with mods; [ sound wayland ]; desktop = with mods; [ sound wayland ];
configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem { configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
@ -23,6 +23,6 @@ in
nova-ai = novaConfig (with mods; [ ivand ai ]); nova-ai = novaConfig (with mods; [ ivand ai ]);
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); }; install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
vps = configWithModules { modules = (with mods; [ base shell security vps ]); }; vps = configWithModules { modules = (with mods; [ base shell security vps ]); };
stara-miner = configWithModules { modules = (with mods; [ grub base shell wireless security monero-miner ]); }; stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); };
}; };
} }

8
nixos/modules/default.nix
View File

@ -103,7 +103,7 @@ top@{ inputs, moduleWithSystem, ... }: {
rtkit.enable = true; rtkit.enable = true;
}; };
}); });
wireguard = { intranet = {
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
wg0 = { wg0 = {
address = [ "10.0.0.2/32" ]; address = [ "10.0.0.2/32" ];
@ -118,6 +118,12 @@ top@{ inputs, moduleWithSystem, ... }: {
]; ];
}; };
}; };
openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
};
};
}; };
wireless = { wireless = {
networking = { networking = {