toufic ar
0fefd6137a
Some checks failed
/ deploy (push) Failing after 8s
- network: add tor relay + snowflake proxy - email: regex alias for admin - search: enable some additional engines
28 lines
695 B
Nix
28 lines
695 B
Nix
{config, ...}: {
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
nix.settings.experimental-features = ["nix-command" "flakes"];
|
|
|
|
customOps.owner = "toufy";
|
|
customOps.domain = "toufy.me";
|
|
|
|
sops.secrets."ssh/authorizedKeys/owner" = {};
|
|
|
|
users.users.root.openssh.authorizedKeys.keyFiles = [
|
|
config.sops.secrets."ssh/authorizedKeys/owner".path
|
|
];
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [22];
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
AllowUsers = null;
|
|
UseDns = true;
|
|
X11Forwarding = false;
|
|
PermitRootLogin = "prohibit-password";
|
|
};
|
|
};
|
|
}
|