42 lines
1.1 KiB
Nix
42 lines
1.1 KiB
Nix
#
|
|
# Common networking settings for all machines.
|
|
# Anything system-specific should not be here.
|
|
#
|
|
{
|
|
imports = [
|
|
./programs/tailscale.nix
|
|
];
|
|
|
|
networking = {
|
|
# Enable networkManager
|
|
# TODO: Look into the networkManager options.
|
|
networkmanager.enable = true;
|
|
|
|
# Configures a simple stateful firewall.
|
|
# By default, it doesn't allow any incoming connections.
|
|
firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [
|
|
22 # SSH
|
|
];
|
|
allowedUDPPorts = [];
|
|
};
|
|
};
|
|
|
|
# Add binary caches to avoid having to compile them
|
|
nix.settings = {
|
|
substituters = [
|
|
"https://hyprland.cachix.org"
|
|
"https://cuda-maintainers.cachix.org"
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
|
|
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
};
|
|
|
|
# TODO: look into openssh and tailscale settings.
|
|
services.openssh.enable = true;
|
|
}
|