diff options
| author | andromeda <andromeda@lenovo> | 2026-01-06 14:52:34 +0100 |
|---|---|---|
| committer | andromeda <andromeda@lenovo> | 2026-01-06 14:52:34 +0100 |
| commit | c9a5c521dbc7785aa4a6c1f410e547202075c13b (patch) | |
| tree | 4362c945c787bac5d7d1bb63d04d7281bfddf6c8 /modules/nixos/networking | |
| parent | 0a7e0c699e2f4fa07fb6dde0080da4eb3ac8f746 (diff) | |
stash
Diffstat (limited to 'modules/nixos/networking')
| -rw-r--r-- | modules/nixos/networking/domains/galaxious.de.nix | 3 | ||||
| -rw-r--r-- | modules/nixos/networking/hard-ssh.nix | 19 | ||||
| -rw-r--r-- | modules/nixos/networking/networks/109-199-104-83.nix | 27 | ||||
| -rw-r--r-- | modules/nixos/networking/ssh-as-root.nix | 3 |
4 files changed, 52 insertions, 0 deletions
diff --git a/modules/nixos/networking/domains/galaxious.de.nix b/modules/nixos/networking/domains/galaxious.de.nix new file mode 100644 index 0000000..eab573e --- /dev/null +++ b/modules/nixos/networking/domains/galaxious.de.nix @@ -0,0 +1,3 @@ +{ + networking.domain = "galaxious.de"; +} diff --git a/modules/nixos/networking/hard-ssh.nix b/modules/nixos/networking/hard-ssh.nix new file mode 100644 index 0000000..849af9b --- /dev/null +++ b/modules/nixos/networking/hard-ssh.nix @@ -0,0 +1,19 @@ +{ + services.openssh = { + enable = true; + allowSFTP = false; + ports = [5522]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = true; + }; + extraConfig = '' + AllowTcpForwarding no + AllowAgentForwarding no + MaxAuthTries 3 + MaxSessions 4 + TCPKeepAlive no + ''; + }; +} diff --git a/modules/nixos/networking/networks/109-199-104-83.nix b/modules/nixos/networking/networks/109-199-104-83.nix new file mode 100644 index 0000000..2cacb55 --- /dev/null +++ b/modules/nixos/networking/networks/109-199-104-83.nix @@ -0,0 +1,27 @@ +{ + networking = { + useNetworkd = true; + usePredictableInterfaceNames = true; + hostName = "109-199-104-83"; + firewall = { + enable = true; + allowedTCPPorts = [80 443]; + allowedUDPPorts = [80 443]; + }; + }; + systemd.network = { + enable = true; + networks."40-wan" = { + matchConfig.Name = "enx0050565f4fff"; + address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"]; + routes = [ + { + Gateway = "109.199.96.1"; + GatewayOnLink = true; + } + {Gateway = "fe80::1";} + ]; + dns = ["2620:fe::fe" "9.9.9.9"]; + }; + }; +} diff --git a/modules/nixos/networking/ssh-as-root.nix b/modules/nixos/networking/ssh-as-root.nix new file mode 100644 index 0000000..d882a46 --- /dev/null +++ b/modules/nixos/networking/ssh-as-root.nix @@ -0,0 +1,3 @@ +{ + services.openssh.settings.PermitRootLogin = "yes"; +} |