Merge
This commit is contained in:
parent
db74308187
commit
451e6cd89a
4 changed files with 17 additions and 10 deletions
|
@ -72,6 +72,6 @@ if has_command rtx
|
|||
rtx activate fish | source
|
||||
end
|
||||
|
||||
for dir in $HOME/.cargo/bin
|
||||
for dir in ~/.cargo/bin ~/.nimble/bin
|
||||
fish_add_path $dir
|
||||
end
|
||||
|
|
|
@ -31,7 +31,7 @@ in
|
|||
pkgs.nixpkgs-fmt
|
||||
|
||||
# TODO: os-specific scripts? macOS versus Linux (arch or nixos? do I need to distinguish at that point?)
|
||||
(pkgs.buildEnv { name = "my-scripts"; paths = [ ../scripts ]; })
|
||||
(pkgs.buildEnv { name = "my-scripts-common"; paths = [ ../scripts/common ]; })
|
||||
];
|
||||
|
||||
file = {
|
||||
|
@ -588,6 +588,3 @@ in
|
|||
# maybe we can share somehow so things for nix-y systems and non-nix-y systems alike
|
||||
# am I going to _have_ non-nix systems anymore?
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1,11 +1,12 @@
|
|||
{ config, lib, inputs, system, ... }:
|
||||
let
|
||||
{ config, lib, inputs, system, ... }:
|
||||
let
|
||||
overlay = final: prev: {
|
||||
helix = prev.helix // inputs.helix.packages.${system}.helix;
|
||||
rtx = prev.rtx // inputs.rtx.packages.${system}.rtx;
|
||||
};
|
||||
pkgs = inputs.nixpkgs.legacyPackages.${system}.extend overlay;
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.journald.extraConfig = "SystemMaxUse=1G";
|
||||
|
||||
environment = {
|
||||
|
@ -97,7 +98,7 @@ in {
|
|||
};
|
||||
|
||||
# tailscale handles this I think
|
||||
openFirewall = lib.mkDefault false;
|
||||
openFirewall = lib.mkDefault true;
|
||||
|
||||
# listenAddresses = [
|
||||
# { addr = "0.0.0.0"; port = 22; }
|
||||
|
@ -144,7 +145,7 @@ in {
|
|||
firewall = {
|
||||
enable = lib.mkDefault true;
|
||||
allowPing = lib.mkDefault true;
|
||||
allowedTCPPorts = lib.mkDefault [ ];
|
||||
allowedTCPPorts = lib.mkDefault [ 22 ];
|
||||
allowedUDPPorts = lib.mkDefault [ ];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -28,6 +28,15 @@
|
|||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
services.printing.enable = true; # I own a printer in the year of our Lord 2023
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [ 22 ];
|
||||
allowedUDPPorts = [ ];
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue