41 lines
718 B
Nix
41 lines
718 B
Nix
{ lux, ... }:
|
|
let
|
|
lingerForUsers = {
|
|
user.linger = true;
|
|
};
|
|
in
|
|
{
|
|
den.aspects.orion = {
|
|
provides.to-users = lingerForUsers;
|
|
|
|
includes = with lux.services._; [
|
|
caddy
|
|
openssh
|
|
vaultwarden
|
|
radicale
|
|
actual
|
|
gitea
|
|
];
|
|
|
|
nixos =
|
|
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = [
|
|
pkgs.kitty
|
|
];
|
|
|
|
networking = {
|
|
firewall.enable = true;
|
|
firewall.allowPing = false;
|
|
nftables.enable = true;
|
|
};
|
|
|
|
# Use ssh authorization for sudo instead of password
|
|
security.pam = {
|
|
sshAgentAuth.enable = true;
|
|
services.sudo.sshAgentAuth = true;
|
|
};
|
|
};
|
|
};
|
|
}
|