peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: peperunas:12b02bbaa30425a9d3a4231f7f5e0dd991e1b3f6
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit
...
compare: peperunas:229d6b9e1a0fec3f992c0de468f1e477dc4e5608
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit

3 Commits
12b02bbaa3 ... 229d6b9e1a

Author SHA1 Message Date
Giulio De Pasquale
229d6b9e1a Lock update 2021-12-19 13:25:01 +01:00
Giulio De Pasquale
34d463ffe0 Use defaults 2021-12-19 13:24:33 +01:00
Giulio De Pasquale
c01239c99d Removed password auth from sshd 2021-12-19 13:24:19 +01:00
3 changed files with 15 additions and 27 deletions
Show Stats Expand all files Collapse all files

18
flake.lock generated
View File

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1638553958, "lastModified": 1639871969,
"narHash": "sha256-leETjYMtD9y37CvfRSQhIGibcIl4dNVlFkY/8QgqmAM=", "narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "6ce1d64073f48b9bc9425218803b1b607454c1e7", "rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,11 +23,11 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1638806821, "lastModified": 1639699734,
"narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=", "narHash": "sha256-tlX6WebGmiHb2Hmniff+ltYp+7dRfdsBxw9YczLsP60=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff", "rev": "03ec468b14067729a285c2c7cfa7b9434a04816c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1638887115, "lastModified": 1639794673,
"narHash": "sha256-emjtIeqyJ84Eb3X7APJruTrwcfnHQKs55XGljj62prs=", "narHash": "sha256-bjauV0+Z4WmxeiHXecyiEOEwo+XysO6kx36beeatbl0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1bd4bbd49bef217a3d1adea43498270d6e779d65", "rev": "2627c4b795107ba94562626925f5a9a2bc62ebc6",
"type": "github" "type": "github"
}, },
"original": { "original": {

6
hosts/architect/default.nix
View File

@ -132,7 +132,11 @@ in {
services = { services = {
zfs.autoScrub.enable = true; zfs.autoScrub.enable = true;
xserver.videoDrivers = [ "nvidia" ]; xserver.videoDrivers = [ "nvidia" ];
openssh.enable = true; openssh = {
enable = true;
passwordAuthentication = false;
challengeResponseAuthentication = false;
};
smartd.enable = true; smartd.enable = true;
}; };

18
hosts/architect/fail2ban.nix
View File

@ -3,23 +3,7 @@
enable = true; enable = true;
package = pkgs.fail2ban; package = pkgs.fail2ban;
packageFirewall = pkgs.nftables; packageFirewall = pkgs.nftables;
banaction = "nftables-multiport";
banaction-allports = "nftables-allport";
bantime-increment.enable = true; bantime-increment.enable = true;
# ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ]; ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ];
daemonConfig = ''
[Definition]
loglevel = INFO
logtarget = SYSLOG
socket = /run/fail2ban/fail2ban.sock
pidfile = /run/fail2ban/fail2ban.pid
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
'';
jails = {
sshd = ''
maxretry = 3
mode = aggressive
'';
};
}; };
} }