60 lines
1.2 KiB
Nix
60 lines
1.2 KiB
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ 22 ];
|
|
settings = {
|
|
# Authentication
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
PermitEmptyPasswords = false;
|
|
|
|
# Security hardening
|
|
X11Forwarding = false;
|
|
AllowTcpForwarding = false;
|
|
AllowAgentForwarding = false;
|
|
AllowStreamLocalForwarding = false;
|
|
|
|
# Session settings
|
|
ClientAliveInterval = 300;
|
|
ClientAliveCountMax = 2;
|
|
MaxAuthTries = 3;
|
|
MaxSessions = 2;
|
|
LoginGraceTime = 30;
|
|
};
|
|
};
|
|
|
|
# Tailscale
|
|
services.tailscale.enable = true;
|
|
|
|
# Fwupd
|
|
services.fwupd.enable = true;
|
|
|
|
# Sunshine
|
|
services.sunshine = {
|
|
enable = true;
|
|
autoStart = true;
|
|
capSysAdmin = true;
|
|
openFirewall = true;
|
|
applications = {
|
|
apps = [
|
|
{
|
|
name = "Steam Big Picture";
|
|
cmd = "${pkgs.steam}/bin/steam -gamepadui";
|
|
}
|
|
{
|
|
name = "Desktop";
|
|
cmd = "${pkgs.coreutils}/bin/true";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
services.avahi.publish.enable = true;
|
|
services.avahi.publish.userServices = true;
|
|
|
|
services.system76-scheduler.enable = true;
|
|
}
|