From 74c605541486f836d859884d13fcdb016b25e8f7 Mon Sep 17 00:00:00 2001 From: notohh Date: Thu, 1 Feb 2024 16:03:44 -0500 Subject: [PATCH] modules: more fmting --- modules/security.nix | 39 ++++++++++++++++++------------------ modules/system.nix | 2 -- modules/time.nix | 41 ++++++++++++++++++++------------------ modules/virtualisation.nix | 24 ++++++++++++---------- 4 files changed, 55 insertions(+), 51 deletions(-) diff --git a/modules/security.nix b/modules/security.nix index e25dcc9..e6db1da 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -43,30 +43,31 @@ boot.kernelModules = ["tcp_bbr"]; - services.openssh.settings.LogLevel = "VERBOSE"; - security.acme = { acceptTerms = true; defaults.email = "github@notohh.dev"; }; - services.fail2ban = { - enable = true; - bantime = "1h"; - maxretry = 1; - ignoreIP = [ - "192.168.0.0/16" - "172.16.0.0/12" - "10.0.0.0/8" - "5.161.102.107/32" - "100.71.49.65/10" - "100.82.146.40/10" - ]; - jails = { - DEFAULT = { - settings = { - findtime = 100000; - mode = "aggressive"; + services = { + openssh.settings.LogLevel = "VERBOSE"; + fail2ban = { + enable = true; + bantime = "1h"; + maxretry = 1; + ignoreIP = [ + "192.168.0.0/16" + "172.16.0.0/12" + "10.0.0.0/8" + "5.161.102.107/32" + "100.71.49.65/10" + "100.82.146.40/10" + ]; + jails = { + DEFAULT = { + settings = { + findtime = 100000; + mode = "aggressive"; + }; }; }; }; diff --git a/modules/system.nix b/modules/system.nix index 9f26752..6e12027 100644 --- a/modules/system.nix +++ b/modules/system.nix @@ -13,8 +13,6 @@ tailscale.enable = true; }; - time.timeZone = "America/New_York"; - i18n = { defaultLocale = "en_US.UTF-8"; extraLocaleSettings = { diff --git a/modules/time.nix b/modules/time.nix index 234ccf9..b5538d9 100644 --- a/modules/time.nix +++ b/modules/time.nix @@ -1,23 +1,26 @@ _: { - services.chrony = { - enable = true; - servers = [ - # 0.us.pool.ntp.org - "134.215.114.62" - "192.189.65.187" - "96.245.170.99" - "192.92.6.30" - ]; - }; + time.timeZone = "America/New_York"; - services.timesyncd = { - enable = true; - servers = [ - # 0.us.pool.ntp.org - "134.215.114.62" - "192.189.65.187" - "96.245.170.99" - "192.92.6.30" - ]; + services = { + chrony = { + enable = true; + servers = [ + # 0.us.pool.ntp.org + "134.215.114.62" + "192.189.65.187" + "96.245.170.99" + "192.92.6.30" + ]; + }; + timesyncd = { + enable = true; + servers = [ + # 0.us.pool.ntp.org + "134.215.114.62" + "192.189.65.187" + "96.245.170.99" + "192.92.6.30" + ]; + }; }; } diff --git a/modules/virtualisation.nix b/modules/virtualisation.nix index b326b11..845edc8 100644 --- a/modules/virtualisation.nix +++ b/modules/virtualisation.nix @@ -1,17 +1,19 @@ _: { - virtualisation.oci-containers.backend = "docker"; - virtualisation.docker = { - enable = true; - enableOnBoot = true; - autoPrune = { + virtualisation = { + oci-containers.backend = "docker"; + docker = { enable = true; - dates = "weekly"; - flags = [ - "--all" + enableOnBoot = true; + autoPrune = { + enable = true; + dates = "weekly"; + flags = [ + "--all" + ]; + }; + listenOptions = [ + "/run/docker.sock" ]; }; - listenOptions = [ - "/run/docker.sock" - ]; }; }