mirror of
https://github.com/nmasur/dotfiles
synced 2025-11-04 07:03:17 +00:00
32 lines
664 B
Nix
32 lines
664 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.nmasur.profiles.server;
|
|
in
|
|
|
|
{
|
|
|
|
options.nmasur.profiles.server.enable = lib.mkEnableOption "server configuration";
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
networking.firewall.allowPing = lib.mkDefault true;
|
|
|
|
nmasur.presets.services = {
|
|
openssh.enable = lib.mkDefault true;
|
|
restic.enable = lib.mkDefault true;
|
|
};
|
|
|
|
# Implement a simple fail2ban service for sshd
|
|
services.sshguard.enable = lib.mkDefault true;
|
|
|
|
# Servers need a bootloader or they won't start
|
|
boot.loader.systemd-boot.enable = lib.mkDefault true;
|
|
boot.loader.efi.canTouchEfiVariables = lib.mkDefault true;
|
|
};
|
|
}
|