mirror of
https://github.com/ryan4yin/nix-config.git
synced 2026-03-18 15:34:13 +01:00
38 lines
877 B
Nix
38 lines
877 B
Nix
{
|
|
lib,
|
|
vars_networking,
|
|
...
|
|
}: {
|
|
# networking.firewall.allowedTCPPorts = [ ... ];
|
|
# networking.firewall.allowedUDPPorts = [ ... ];
|
|
# Or disable the firewall altogether.
|
|
networking.firewall.enable = lib.mkDefault false;
|
|
|
|
programs.ssh = vars_networking.ssh;
|
|
|
|
# Enable the OpenSSH daemon.
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
X11Forwarding = true;
|
|
PermitRootLogin = "no"; # disable root login
|
|
PasswordAuthentication = false; # disable password login
|
|
};
|
|
openFirewall = true;
|
|
};
|
|
|
|
# Network discovery, mDNS
|
|
# With this enabled, you can access your machine at <hostname>.local
|
|
# it's more convenient than using the IP address.
|
|
# https://avahi.org/
|
|
services.avahi = {
|
|
enable = true;
|
|
nssmdns4 = true;
|
|
publish = {
|
|
enable = true;
|
|
domain = true;
|
|
userServices = true;
|
|
};
|
|
};
|
|
}
|