31 lines
642 B
Nix
31 lines
642 B
Nix
{ config, pkgs, lib, ... }:
|
||
|
||
{
|
||
# Basic sane defaults
|
||
time.timeZone = "Europe/Stockholm";
|
||
|
||
# SSH access (you’ll tweak users later)
|
||
services.openssh.enable = true;
|
||
services.openssh.settings = {
|
||
PasswordAuthentication = false;
|
||
KbdInteractiveAuthentication = false;
|
||
PermitRootLogin = "no";
|
||
};
|
||
|
||
# Helpful tools on the server
|
||
environment.systemPackages = with pkgs; [
|
||
git
|
||
curl
|
||
jq
|
||
vim
|
||
];
|
||
|
||
# Firewall on by default
|
||
networking.firewall.enable = true;
|
||
|
||
# Nix settings (good defaults)
|
||
nix.settings = {
|
||
experimental-features = [ "nix-command" "flakes" ];
|
||
auto-optimise-store = true;
|
||
};
|
||
}
|