convoluted solution looking for a problem

unified modules structure
2023-09-24 10:15:53 +02:00 · 2023-09-24 10:15:53 +02:00 · 1b7989336e
commit 1b7989336e
parent bf3946e06f
14 changed files with 61 additions and 44 deletions
--- a/modules/server.nix
+++ b/modules/server.nix
@ -0,0 +1,49 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.my.server;
+in {
+  options.my.server = {
+    enable = lib.mkEnableOption "server role";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services = {
+      # Enable the OpenSSH daemon.
+      openssh = {
+        enable = true;
+        settings = {
+          # PermitRootLogin = "no"; # this is managed through authorized keys
+          PasswordAuthentication = false;
+          KbdInteractiveAuthentication = false;
+        };
+      };
+    };
+
+    programs = {
+      git.enable = true;
+      zsh.enable = true;
+    };
+
+    networking.firewall = {
+      enable = true;
+      allowedTCPPortRanges = [
+        {
+          # ssh
+          from = 22;
+          to = 22;
+        }
+      ];
+    };
+
+    environment = {
+      systemPackages = with pkgs; [
+        ncdu
+        htop
+      ];
+    };
+  };
+}