nixos-configuration/modules/server/default.nix

{
  config,
  pkgs,
  lib,
  ...
}: let
  cfg = config.my.server;
in {
  imports = [
    ../_common
  ];

  options.my.server = {
    enable = lib.mkEnableOption "server role";
  };

  config = lib.mkIf cfg.enable {
    services = {
      # Enable the OpenSSH daemon.
      openssh = {
        enable = true;
        settings = {
          # PermitRootLogin = "no"; # this is managed through authorized keys
          PasswordAuthentication = false;
          KbdInteractiveAuthentication = false;
        };
      };
    };

    programs = {
      git.enable = true;
      zsh.enable = true;
    };

    networking.firewall = {
      enable = true;
      allowedTCPPortRanges = [
        {
          # ssh
          from = 22;
          to = 22;
        }
      ];
    };

    environment = {
      systemPackages = with pkgs; [
        ncdu
      ];
    };
  };
}
prepare configuration for server use 2023-09-10 14:12:01 +02:00			`{`
			`config,`
			`pkgs,`
			`lib,`
			`...`
			`}: let`
			`cfg = config.my.server;`
			`in {`
move out common stuff again 2023-09-11 19:21:31 +02:00			`imports = [`
			`../_common`
			`];`
prepare configuration for server use 2023-09-10 14:12:01 +02:00
			`options.my.server = {`
			`enable = lib.mkEnableOption "server role";`
			`};`

			`config = lib.mkIf cfg.enable {`
			`services = {`
split server desktop, move stuff 2023-09-11 19:16:26 +02:00			`# Enable the OpenSSH daemon.`
fix ssh 2023-09-11 19:17:32 +02:00			`openssh = {`
split server desktop, move stuff 2023-09-11 19:16:26 +02:00			`enable = true;`
			`settings = {`
			`# PermitRootLogin = "no"; # this is managed through authorized keys`
			`PasswordAuthentication = false;`
			`KbdInteractiveAuthentication = false;`
			`};`
			`};`
prepare configuration for server use 2023-09-10 14:12:01 +02:00			`};`

			`programs = {`
split server desktop, move stuff 2023-09-11 19:16:26 +02:00			`git.enable = true;`
			`zsh.enable = true;`
prepare configuration for server use 2023-09-10 14:12:01 +02:00			`};`

			`networking.firewall = {`
split server desktop, move stuff 2023-09-11 19:16:26 +02:00			`enable = true;`
prepare configuration for server use 2023-09-10 14:12:01 +02:00			`allowedTCPPortRanges = [`
			`{`
			`# ssh`
			`from = 22;`
			`to = 22;`
			`}`
			`];`
			`};`
split server desktop, move stuff 2023-09-11 19:16:26 +02:00
			`environment = {`
			`systemPackages = with pkgs; [`
			`ncdu`
			`];`
			`};`
prepare configuration for server use 2023-09-10 14:12:01 +02:00			`};`
			`}`