diff options
Diffstat (limited to 'modules/nixos/networking')
| -rw-r--r-- | modules/nixos/networking/domains/galaxious.de.nix | 3 | ||||
| -rw-r--r-- | modules/nixos/networking/hard-ssh.nix | 19 | ||||
| -rw-r--r-- | modules/nixos/networking/networks/109-199-104-83.nix | 27 | ||||
| -rw-r--r-- | modules/nixos/networking/ssh-as-root.nix | 3 |
4 files changed, 52 insertions, 0 deletions
diff --git a/modules/nixos/networking/domains/galaxious.de.nix b/modules/nixos/networking/domains/galaxious.de.nix new file mode 100644 index 0000000..eab573e --- /dev/null +++ b/modules/nixos/networking/domains/galaxious.de.nix @@ -0,0 +1,3 @@ +{ + networking.domain = "galaxious.de"; +} diff --git a/modules/nixos/networking/hard-ssh.nix b/modules/nixos/networking/hard-ssh.nix new file mode 100644 index 0000000..849af9b --- /dev/null +++ b/modules/nixos/networking/hard-ssh.nix @@ -0,0 +1,19 @@ +{ + services.openssh = { + enable = true; + allowSFTP = false; + ports = [5522]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = true; + }; + extraConfig = '' + AllowTcpForwarding no + AllowAgentForwarding no + MaxAuthTries 3 + MaxSessions 4 + TCPKeepAlive no + ''; + }; +} diff --git a/modules/nixos/networking/networks/109-199-104-83.nix b/modules/nixos/networking/networks/109-199-104-83.nix new file mode 100644 index 0000000..2cacb55 --- /dev/null +++ b/modules/nixos/networking/networks/109-199-104-83.nix @@ -0,0 +1,27 @@ +{ + networking = { + useNetworkd = true; + usePredictableInterfaceNames = true; + hostName = "109-199-104-83"; + firewall = { + enable = true; + allowedTCPPorts = [80 443]; + allowedUDPPorts = [80 443]; + }; + }; + systemd.network = { + enable = true; + networks."40-wan" = { + matchConfig.Name = "enx0050565f4fff"; + address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"]; + routes = [ + { + Gateway = "109.199.96.1"; + GatewayOnLink = true; + } + {Gateway = "fe80::1";} + ]; + dns = ["2620:fe::fe" "9.9.9.9"]; + }; + }; +} diff --git a/modules/nixos/networking/ssh-as-root.nix b/modules/nixos/networking/ssh-as-root.nix new file mode 100644 index 0000000..d882a46 --- /dev/null +++ b/modules/nixos/networking/ssh-as-root.nix @@ -0,0 +1,3 @@ +{ + services.openssh.settings.PermitRootLogin = "yes"; +} |