a
This commit is contained in:
dingfeng.wong
Generated
+8
-8
@@ -7,32 +7,32 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1714043624,
|
||||
"narHash": "sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM=",
|
||||
"lastModified": 1726989464,
|
||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "86853e31dc1b62c6eeed11c667e8cdd0285d4411",
|
||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-23.11",
|
||||
"ref": "release-24.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1713995372,
|
||||
"narHash": "sha256-fFE3M0vCoiSwCX02z8VF58jXFRj9enYUSTqjyHAjrds=",
|
||||
"lastModified": 1752480373,
|
||||
"narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "dd37924974b9202f8226ed5d74a252a9785aedf8",
|
||||
"rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-23.11",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
||||
@@ -3,14 +3,14 @@
|
||||
|
||||
inputs = {
|
||||
# Nixpkgs
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
# You can access packages and modules from different nixpkgs revs
|
||||
# at the same time. Here's an working example:
|
||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
|
||||
|
||||
# Home manager
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.11";
|
||||
home-manager.url = "github:nix-community/home-manager/release-24.05";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
'';
|
||||
|
||||
# Disable sshd
|
||||
services.openssh.enable = false;
|
||||
# services.openssh.enable = false; disable for port 22
|
||||
|
||||
# systemd
|
||||
systemd.services."systemd-oomd".serviceConfig.WatchdogSec = 0;
|
||||
|
||||
+46
-2
@@ -21,7 +21,7 @@
|
||||
outputs.nixosModules.important-defaults
|
||||
outputs.nixosModules.incus
|
||||
outputs.nixosModules.orbstack
|
||||
outputs.nixosModules.power-user-defaults
|
||||
# outputs.nixosModules.power-user-defaults
|
||||
];
|
||||
|
||||
nixpkgs = {
|
||||
@@ -80,6 +80,14 @@
|
||||
home = "/home/wongdingfeng";
|
||||
homeMode = "700";
|
||||
useDefaultShell = true;
|
||||
|
||||
# SSH keys
|
||||
openssh.authorizedKeys.keys = [
|
||||
# Add your SSH public keys here
|
||||
# "ssh-rsa AAAAB3NzaC1yc2EAAAA... your-email@example.com"
|
||||
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA... your-email@example.com"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICA/3qb5Eg8NSFMHXZqFlWI9TxHZHQtFAjvcDfiTUtbv wongdingfeng@Wong-Ding-Fengs-MacBook-Pro.local-2024-01-23"
|
||||
];
|
||||
};
|
||||
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
@@ -89,6 +97,42 @@
|
||||
|
||||
time.timeZone = "Asia/Singapore";
|
||||
|
||||
# SSH Server configuration
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
# Better security defaults
|
||||
PasswordAuthentication = true;
|
||||
PermitRootLogin = "yes";
|
||||
|
||||
# Enable X11 forwarding
|
||||
X11Forwarding = true;
|
||||
X11DisplayOffset = 10;
|
||||
X11UseLocalhost = true;
|
||||
|
||||
# Additional security settings
|
||||
Protocol = 2;
|
||||
MaxAuthTries = 3;
|
||||
ClientAliveInterval = 300;
|
||||
ClientAliveCountMax = 2;
|
||||
|
||||
# Allow only specific users (optional - uncomment if needed)
|
||||
# AllowUsers = [ "wongdingfeng" ];
|
||||
};
|
||||
|
||||
# Optional: Custom port (uncomment if you want to change from default 22)
|
||||
ports = [ 2222 ];
|
||||
};
|
||||
|
||||
# System packages are now handled in power-user-defaults.nix
|
||||
# environment.systemPackages is defined there with a comprehensive list
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim
|
||||
gitAndTools.gitFull
|
||||
tmux
|
||||
htop
|
||||
neofetch
|
||||
ripgrep
|
||||
fd
|
||||
ranger
|
||||
];
|
||||
}
|
||||
|
||||
@@ -1,12 +1,5 @@
|
||||
# This is just an example, you should generate yours with nixos-generate-config and put it in here.
|
||||
{
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/sda1";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
# Set your system kind (needed for flakes)
|
||||
nixpkgs.hostPlatform = "aarch64-linux";
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user