diff options
| author | aristote <quentin.aristote@irif.fr> | 2024-03-27 19:27:15 +0100 |
|---|---|---|
| committer | aristote <quentin.aristote@irif.fr> | 2024-03-27 19:30:55 +0100 |
| commit | 205a0e825de6456a0d14cee6bc1978aae30f9d9e (patch) | |
| tree | 36f59aa39d1b54a1b340ed1eb045086980fec54f /modules/nixos/personal/networking.nix | |
| parent | 2139072efb4c4d0c6e4458b536ee2a7702336ab4 (diff) | |
nixos: networking: add personal db of wifi networks
Diffstat (limited to 'modules/nixos/personal/networking.nix')
| -rw-r--r-- | modules/nixos/personal/networking.nix | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/modules/nixos/personal/networking.nix b/modules/nixos/personal/networking.nix deleted file mode 100644 index 2385abd..0000000 --- a/modules/nixos/personal/networking.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, options, ... }: - -let - cfg = config.personal.networking; - mkFirewallEnableOption = name: - lib.mkOption { - type = lib.types.bool; - default = false; - description = "Whether to open ports for ${name}."; - }; -in { - options.personal.networking = { - enable = lib.mkEnableOption "networking"; - bluetooth.enable = lib.mkEnableOption "bluetooth"; - networkmanager.enable = lib.mkEnableOption "NetworkManager"; - ssh.enable = lib.mkEnableOption "SSH server"; - firewall = { - syncthing = mkFirewallEnableOption "Syncthing"; - kdeconnect = mkFirewallEnableOption "KDE Connect"; - http = mkFirewallEnableOption "HTTP and HTTPS (incoming)"; - }; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = - lib.optional cfg.networkmanager.enable pkgs.networkmanager; - networking = { - networkmanager = lib.mkIf cfg.networkmanager.enable { - enable = true; - unmanaged = [ "interface-name:ve-*" ]; - }; - firewall = { - enable = true; - allowedTCPPorts = lib.optional cfg.firewall.syncthing 22000 - ++ lib.optionals cfg.firewall.http [ 80 443 ]; - allowedUDPPorts = lib.optionals cfg.firewall.syncthing [ 22000 21027 ]; - allowedTCPPortRanges = lib.optional cfg.firewall.kdeconnect { - from = 1714; - to = 1764; - }; - allowedUDPPortRanges = lib.optional cfg.firewall.kdeconnect { - from = 1714; - to = 1764; - }; - }; - }; - services = lib.mkIf cfg.ssh.enable { - openssh = { - enable = true; - extraConfig = '' - AcceptEnv PS1 - ''; - } // (if options.services.openssh ? settings then { - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - } else { - permitRootLogin = "no"; - passwordAuthentication = false; - }); - fail2ban.enable = true; - }; - hardware.bluetooth.enable = cfg.bluetooth.enable; - }; -} |