mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 12:29:19 -08:00
2a5ec2e0b4
Using ./home.nix and ./nixos.nix as entrypoints for hosts. Using hardware profiles. Using new entrypoints (profiles/base/profiles.nix + profiles/base/home.nix). New modules (for DNS handling, for themeing, ...). Split up deploy-tf.nix into several modules. Renamed common profile to base profile.
29 lines
649 B
Nix
29 lines
649 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
kw.fw.public.udp.ranges = [{
|
|
from = 60000;
|
|
to = 61000;
|
|
}];
|
|
kw.fw.private.udp.ranges = [{
|
|
from = 60000;
|
|
to = 61000;
|
|
}];
|
|
|
|
kw.fw.public.tcp.ports = [ 62954 ];
|
|
kw.fw.private.tcp.ports = [ 62954 ];
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = lib.mkDefault [ 62954 ];
|
|
passwordAuthentication = false;
|
|
challengeResponseAuthentication = false;
|
|
permitRootLogin = lib.mkDefault "prohibit-password";
|
|
kexAlgorithms = [ "curve25519-sha256@libssh.org" ];
|
|
extraConfig = ''
|
|
StreamLocalBindUnlink yes
|
|
LogLevel VERBOSE
|
|
'';
|
|
};
|
|
programs.mosh.enable = true;
|
|
}
|