2024-09-19 12:40:19 +00:00
|
|
|
{ pkgs, inputs, ... }:
|
|
|
|
{
|
2024-09-20 15:10:06 +00:00
|
|
|
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
|
2024-09-19 12:40:19 +00:00
|
|
|
time.timeZone = "UTC";
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
|
|
|
|
networking.firewall = {
|
|
|
|
enable = true;
|
2024-09-20 15:10:06 +00:00
|
|
|
allowedTCPPorts = [ 22 80 443 ];
|
2024-09-19 12:40:19 +00:00
|
|
|
allowedUDPPorts = [ ];
|
|
|
|
allowPing = false;
|
|
|
|
logRefusedConnections = false;
|
|
|
|
};
|
|
|
|
services.fail2ban.enable = true;
|
|
|
|
|
|
|
|
documentation = {
|
|
|
|
enable = false;
|
|
|
|
info.enable = false;
|
|
|
|
man.enable = false;
|
|
|
|
nixos.enable = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
sound.enable = false;
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
git
|
|
|
|
curl
|
|
|
|
wget
|
|
|
|
];
|
|
|
|
|
|
|
|
programs.neovim.enable = true;
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
|
|
|
allowSFTP = true;
|
|
|
|
settings = {
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
KbdInteractiveAuthentication = false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|