wolfgirls/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hardening

Browse source
This commit is contained in:
Ezri Zhu 2024-09-27 12:38:45 -04:00
parent e8faabc2bd
commit 78d5989212
Signed by: ezri
SSH key fingerprint: SHA256:PjS2hKMfl3gJ5Furjjq+kXa4ZvS1c0gb4/djAxxAf6c
2 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
common/default.nix
View file

@ -21,12 +21,26 @@
]; ];
programs.mtr.enable = true; programs.mtr.enable = true;
programs.zsh.enable = true; programs.zsh.enable = true;
security.sudo-rs = { security.sudo = {
enable = true; enable = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
execWheelOnly = true;
}; };
networking.firewall.enable = false; networking.firewall.enable = false;
services.openssh.enable = true; services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
extraConfig = ''
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowStreamLocalForwarding yes
AuthenticationMethods publickey
'';
};
virtualisation.containers.enable = true; virtualisation.containers.enable = true;
virtualisation = { virtualisation = {
podman = { podman = {

1
common/motd.nix
View file

@ -6,5 +6,6 @@ Latest news
* Stella: Flakes now enabled * Stella: Flakes now enabled
* Stella: Web hosting now available, contact an admin to enable * Stella: Web hosting now available, contact an admin to enable
* Stella: ipv6 enabled * Stella: ipv6 enabled
* Now supports fetching your ssh key from a url, contact an admin to configure
''; '';
} }