mirror of
https://github.com/ryan4yin/nix-config.git
synced 2026-03-18 15:34:13 +01:00
53 lines
1.3 KiB
Nix
53 lines
1.3 KiB
Nix
{
|
|
lib,
|
|
pkgs,
|
|
vars_networking,
|
|
...
|
|
}: {
|
|
environment.systemPackages = with pkgs; [
|
|
# networking tools
|
|
mtr # A network diagnostic tool
|
|
iperf3
|
|
dnsutils # `dig` + `nslookup`
|
|
ldns # replacement of `dig`, it provide the command `drill`
|
|
wget
|
|
curl
|
|
aria2 # A lightweight multi-protocol & multi-source command-line download utility
|
|
socat # replacement of openbsd-netcat
|
|
nmap # A utility for network discovery and security auditing
|
|
ipcalc # it is a calculator for the IPv4/v6 addresses
|
|
];
|
|
|
|
# networking.firewall.allowedTCPPorts = [ ... ];
|
|
# networking.firewall.allowedUDPPorts = [ ... ];
|
|
# Or disable the firewall altogether.
|
|
networking.firewall.enable = lib.mkDefault false;
|
|
|
|
programs.ssh = vars_networking.ssh;
|
|
|
|
# Enable the OpenSSH daemon.
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
X11Forwarding = true;
|
|
PermitRootLogin = "no"; # disable root login
|
|
PasswordAuthentication = false; # disable password login
|
|
};
|
|
openFirewall = true;
|
|
};
|
|
|
|
# Network discovery, mDNS
|
|
# With this enabled, you can access your machine at <hostname>.local
|
|
# it's more convenient than using the IP address.
|
|
# https://avahi.org/
|
|
services.avahi = {
|
|
enable = true;
|
|
nssmdns4 = true;
|
|
publish = {
|
|
enable = true;
|
|
domain = true;
|
|
userServices = true;
|
|
};
|
|
};
|
|
}
|