palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: palo:3ce732fee270fa991adb616f92e2ea6e77bf804a
Branches Tags
palo:main
palo:feature/bugwarrior3
palo:update
palo:refactor/component/ssh
palo:orbi-ssh-unlock-works
..
compare: palo:03b6ee17c2f123d2986a7ab32b62192e5367490f
Branches Tags
palo:main
palo:feature/bugwarrior3
palo:update
palo:refactor/component/ssh
palo:orbi-ssh-unlock-works

No commits in common. "3ce732fee270fa991adb616f92e2ea6e77bf804a" and "03b6ee17c2f123d2986a7ab32b62192e5367490f" have entirely different histories.
3ce732fee2 ... 03b6ee17c2

4 changed files with 2 additions and 60 deletions
Show stats Expand all files Collapse all files

1
components/network/default.nix
View file

@ -11,7 +11,6 @@ with types;
imports = [ imports = [
#./avahi.nix #./avahi.nix
./fail2ban.nix
./hosts.nix ./hosts.nix
./nginx.nix ./nginx.nix
./sshd ./sshd

31
components/network/fail2ban.nix
View file

@ -1,31 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.components.network.fail2ban.enable = mkOption {
type = lib.types.bool;
default = false;
};
config = mkIf (config.components.network.fail2ban.enable) {
environment.systemPackages = [ pkgs.fail2ban ];
services.fail2ban = {
enable = true;
# https://github.com/fail2ban/fail2ban/blob/master/config/jail.conf
jails = {
# fixme: can't use, because I changed the nginx log format
#nginx-bad-request.settings = {
# port = "http,https";
# logpath = "%(nginx_error_log)s";
#};
# fixme: can't use, because I changed the nginx log format
#nginx-botsearch.settings = {
# port = "http,https";
# logpath = "%(nginx_error_log)s";
#};
};
};
};
}

27
homes/palo/i3.nix
View file

@ -120,27 +120,6 @@ in
programs.kitty = { programs.kitty = {
enable = true; enable = true;
settings = {
enable_audio_bell = "no";
focus_follows_mouse = "yes";
#mouse_map left click ungrabbed mouse_handle_click prompt
#mouse_map ctrl+left click ungrabbed mouse_handle_click link
#map ctrl+c copy_to_clipboard
copy_on_select = "yes";
strip_trailing_spaces = "always";
confirm_os_window_close = 0; # 0 disables it; -1 enables it
};
keybindings = {
"super+shift+return" = "new_os_window_with_cwd";
"shift+page_up" = "scroll_page_up";
"shift+page_down" = "scroll_page_down";
"alt+l" = "scroll_line_up";
"alt+a" = "scroll_line_down";
"alt+i" = "scroll_page_up";
"alt+e" = "scroll_page_down";
};
}; };
programs.alacritty = { programs.alacritty = {
@ -166,8 +145,7 @@ in
''; '';
config = { config = {
modifier = "Mod4"; modifier = "Mod4";
#terminal = "alacritty"; terminal = "alacritty";
terminal = "kitty";
focus = { focus = {
followMouse = true; followMouse = true;
}; };
@ -514,8 +492,7 @@ in
extraConfig = { extraConfig = {
modi = "drun,calc,emoji,combi"; modi = "drun,calc,emoji,combi";
show-icons = true; show-icons = true;
#terminal = "alacritty"; terminal = "alacritty";
terminal = "kitty";
}; };
}; };

3
machines/orbi/configuration.nix
View file

@ -41,9 +41,6 @@
components.network.nginx.landingpage.enable = false; components.network.nginx.landingpage.enable = false;
components.network.wifi.enable = false; components.network.wifi.enable = false;
components.network.fail2ban.enable = true; # fixme: not really working at the moment
components.network.sshd.sshguard.enable = false;
components.monitor.enable = true; components.monitor.enable = true;
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];