diff options
Diffstat (limited to 'profiles/server.nix')
| -rw-r--r-- | profiles/server.nix | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/profiles/server.nix b/profiles/server.nix index ae46bce..49a0bc7 100644 --- a/profiles/server.nix +++ b/profiles/server.nix @@ -1,5 +1,4 @@ { - config, lib, pkgs, self, @@ -12,10 +11,9 @@ "${self}/modules/motd.nix" ]; - # Virtualization settings + #Virtualization settings virtualisation.docker.enable = true; - boot.loader.systemd-boot.enable = true; boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernel.sysctl = { @@ -32,11 +30,6 @@ useNetworkd = lib.mkDefault true; }; - networking.useDHCP = lib.mkDefault true; - - # Default to systemd-networkd usage. - systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; - # Use systemd-resolved for DoT support. services.resolved = { enable = true; @@ -51,4 +44,14 @@ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ]; + + services.openssh.enable = true; + services.openssh.settings.PasswordAuthentication = false; + services.openssh.settings.PermitRootLogin = "no"; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" + ]; + + networking.firewall.allowedTCPPorts = [ 22 ]; } |