From b6d6b6f366c3cbf7e7340f08ea8877bf0a8d45e7 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Tue, 2 May 2023 19:30:39 -0700 Subject: profiles: consolidates common networking bits This remove ssh on workstations. I also drop mosh since I don't use it. --- modules/services/default.nix | 3 --- modules/services/fwupd/default.nix | 5 ----- modules/services/ssh-server/default.nix | 17 ----------------- modules/services/tailscale/default.nix | 15 --------------- 4 files changed, 40 deletions(-) delete mode 100644 modules/services/fwupd/default.nix delete mode 100644 modules/services/ssh-server/default.nix delete mode 100644 modules/services/tailscale/default.nix (limited to 'modules') diff --git a/modules/services/default.nix b/modules/services/default.nix index 457d86a..b6b34d5 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -5,16 +5,13 @@ ./avahi ./backup ./cgit - ./fwupd ./gitolite ./monitoring ./navidrome ./nginx ./samba ./sendsms - ./ssh-server ./syncthing - ./tailscale ./transmission ./unifi ]; diff --git a/modules/services/fwupd/default.nix b/modules/services/fwupd/default.nix deleted file mode 100644 index 52dc13e..0000000 --- a/modules/services/fwupd/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ ... }: - -{ - services.fwupd.enable = true; -} diff --git a/modules/services/ssh-server/default.nix b/modules/services/ssh-server/default.nix deleted file mode 100644 index ce5d4c8..0000000 --- a/modules/services/ssh-server/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ ... }: { - services.openssh = { - enable = true; - permitRootLogin = "yes"; - passwordAuthentication = false; - }; - - programs.mosh.enable = true; - - networking.firewall.allowedTCPPorts = [ 22 ]; - - # Relevant ports for mosh - networking.firewall.allowedUDPPortRanges = [{ - from = 6000; - to = 6100; - }]; -} diff --git a/modules/services/tailscale/default.nix b/modules/services/tailscale/default.nix deleted file mode 100644 index 14753f4..0000000 --- a/modules/services/tailscale/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, ... }: -let cfg = config.my.services.tailscale; -in -{ - - options.my.services.tailscale = with lib; { - enable = mkEnableOption "tailscale configuration"; - }; - - config = lib.mkIf cfg.enable { - services.tailscale.enable = true; - networking.firewall.trustedInterfaces = [ "tailscale0" ]; - networking.firewall.checkReversePath = "loose"; - }; -} -- cgit 1.4.1