1766193006

2025-12-19 18:10:06 -07:00
parent b4d6e94434
commit 20fefd7813
2 changed files with 2 additions and 11 deletions
--- a/modules/security.nix
+++ b/modules/security.nix
@@ -2,14 +2,11 @@

 {
  security.sudo.execWheelOnly = true;
-  
+
  nix.settings.allowed-users = [ "@wheel" ];

  security.apparmor.enable = true;

-  security.audit.enable = true;
-  security.auditd.enable = true;
-
  services.fail2ban.enable = true;

  boot.kernel.sysctl = {
--- a/modules/services.nix
+++ b/modules/services.nix
@@ -28,13 +28,7 @@
      enable = true;
      autoStart = true;
      openFirewall = true;
-  };
-
-  security.wrappers.sunshine = {
-    owner = "root";
-    group = "root";
-    capabilities = "cap_sys_admin+p";
-    source = "${pkgs.sunshine}/bin/sunshine";
+      capSysAdmin = true;
  };

  services.avahi.publish.enable = true;