30 lines
831 B
Nix
30 lines
831 B
Nix
{pkgs, ...}:
|
|
let updateScript = pkgs.writeShellScriptBin "rebuild" ''
|
|
#!/bin/sh
|
|
nixos-rebuild switch --flake /etc/nixos#distrust --impure
|
|
'';
|
|
in
|
|
{
|
|
environment.systemPackages = with pkgs; [vim btop git alejandra statix deadnix] ++ [ updateScript ];
|
|
|
|
nix.settings.experimental-features = ["nix-command" "flakes"];
|
|
|
|
boot.tmp.cleanOnBoot = true;
|
|
zramSwap.enable = true;
|
|
networking.hostName = "distrust";
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PermitRootLogin = "yes";
|
|
ports = [292];
|
|
};
|
|
services.fail2ban.enable = true;
|
|
services.endlessh = {
|
|
enable = true;
|
|
port = 22;
|
|
openFirewall = true;
|
|
};
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxah5pnxmk=P7HtwRsryDoAHZsDs5RcGP9IPCNg1KFe cardno;16-179-196"];
|
|
system.stateVersion = "25.05";
|
|
}
|