51 lines
1.2 KiB
Nix
51 lines
1.2 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
{
|
|
|
|
#networking.firewall = {
|
|
# enable = true;
|
|
# allowedTCPPorts = [ 22 ];
|
|
#};
|
|
|
|
#services.fail2ban = {
|
|
# enable = true;
|
|
# maxretry = 3; # Ban IP after 3 failures
|
|
# bantime = "24h"; # Ban IPs for one day on the first ban
|
|
# bantime-increment = {
|
|
# enable = true; # increment of bantime after each violation
|
|
# formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
|
|
# multipliers = "1 2 4 8 16 32 64";
|
|
# maxtime = "168h"; # Do not ban for more than 1 week
|
|
# overalljails = true; # bantime based on all violations
|
|
# };
|
|
#};
|
|
|
|
programs.gpg = {
|
|
enable = true;
|
|
mutableKeys = true; # allow changes in keys or trust
|
|
mutableTrust = true;
|
|
#publicKeys = [
|
|
# {
|
|
# source = ""; #./path/to/key.a;
|
|
# trust = "ultimate";
|
|
# }
|
|
#];
|
|
};
|
|
|
|
programs.ssh = {
|
|
enable = true;
|
|
addKeysToAgent = "yes"; # let home manager manage ssh keys
|
|
};
|
|
|
|
#services.openssh = {
|
|
# enable = true;
|
|
# ##Ports = [ 5432 ];
|
|
# settings = {
|
|
# PasswordAuthentication = false;
|
|
# KbdInteractiveAuthentication = false;
|
|
# PermitRootLogin = "no";
|
|
# #AllowUsers = [ "wieerwill" ]
|
|
# };
|
|
#};
|
|
|
|
}
|