Richie/dotfiles
1
0
Fork 0
mirror of https://github.com/RichieCahill/dotfiles.git synced 2026-04-17 04:58:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

clean up

Browse Source
This commit is contained in:
Richie Cahill
2024-09-08 15:44:34 -04:00
parent 0ae86f780c
commit ceaaa5dc2d
2 changed files with 181 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
.vscode/settings.json vendored
View File

@@ -1,50 +1,171 @@
{
"cSpell.words": [
"aboutwelcome",
"ahci",
"alsa",
"asrouter",
"auditd",
"autofetch",
"autopull",
"azuretools",
"bantime",
"bitwarden",
"breakpad",
"btop",
"cachix",
"captivedetect",
"cgroupdriver",
"charliermarsh",
"codezombiech",
"compactmode",
"Compat",
"contentblocking",
"cookiebanners",
"crlite",
"darkreader",
"datareporting",
"davidanson",
"dconf",
"dearrow",
"debugpy",
"dialout",
"diffie",
"direnv",
"dmask",
"dotfiles",
"drawio",
"eamodio",
"endlessh",
"errorlens",
"esbenp",
"extest",
"fastforwardteam",
"FASTFOX",
"fileroller",
"findbar",
"fmask",
"formfill",
"foxundermoon",
"FULLSCREEN",
"fxaccounts",
"gamemode",
"gamescope",
"ghdeploy",
"globalprivacycontrol",
"gparted",
"healthreport",
"Heatsink",
"hediet",
"hexeditor",
"hicolor",
"hmac",
"HPKP",
"htmlaboutaddons",
"hwloc",
"iperf",
"jnoortheen",
"jsbc",
"libglvnd",
"libmysqlclient",
"libsodium",
"libssh",
"libvirtd",
"luks",
"lynis",
"mangohud",
"markdownlint",
"maxretry",
"maxtime",
"mechatroner",
"mediainfo",
"modesetting",
"mousewheel",
"mtxr",
"ncdu",
"nemo",
"neofetch",
"networkmanager",
"newtabpage",
"nixos",
"nixpkgs",
"nmap",
"nonsponsored",
"nvme",
"OCSP",
"oderwat",
"optimise",
"optoutstudies",
"overalljails",
"overscroll",
"pbmode",
"pciutils",
"pdfjs",
"peerconnection",
"PESKYFOX",
"pipewire",
"pkgs",
"plugdev",
"privatebrowsing",
"proxychains",
"prusa",
"pulseaudio",
"punycode",
"pylance",
"quicksuggest",
"readahead",
"Redistributable",
"referer",
"REFERERS",
"Rhosts",
"ripgrep",
"rtkit",
"rycee",
"safebrowsing",
"schemeless",
"scrollback",
"SECUREFOX",
"sessionstore",
"shellcheck",
"signon",
"Signons",
"skia",
"smartmontools",
"SMOOTHFOX",
"socialtracking",
"sponsorblock",
"sqltools",
"stdenv",
"subresource",
"substituters",
"supermaven",
"tabmanager",
"tamasfe",
"tiktok",
"timonwong",
"topsites",
"topstories",
"twimg",
"uaccess",
"ublock",
"uitour",
"unsubmitted",
"urlbar",
"urlclassifier",
"usbhid",
"usbutils",
"usernamehw",
"userprefs",
"vfat",
"virt",
"virtualisation",
"vpnpromourl",
"webchannel",
"WEBRTC",
"wireshark",
"xhci",
"yzhang",
"zerotier",
"zerotierone",
"zoxide",
"zstd"
]

120
systems/common/global/ssh.nix
View File

@@ -1,66 +1,66 @@
{ lib, ... }:
{
services.openssh = {
enable = lib.mkDefault true;
extraConfig = "StreamLocalBindUnlink yes";
hostKeys = [
{
bits = 4096;
path = "/etc/ssh/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/etc/ssh/ssh_host_ecdsa_key";
type = "ecdsa";
}
];
settings = {
AllowAgentForwarding = "no";
AllowTcpForwarding = lib.mkDefault "yes";
ChallengeResponseAuthentication = "no";
ClientAliveCountMax = lib.mkDefault 2;
Compression = "NO";
IgnoreRhosts = "yes";
LogLevel = lib.mkDefault "VERBOSE";
MaxAuthTries = 3;
MaxSessions = lib.mkDefault 2;
PasswordAuthentication = false;
PermitEmptyPasswords = "no";
PermitRootLogin = lib.mkForce "no";
TcpKeepAlive = "no";
X11Forwarding = lib.mkDefault false;
KexAlgorithms = [
"curve25519-sha256@libssh.org"
"diffie-hellman-group-exchange-sha256"
];
Ciphers = [
"chacha20-poly1305@openssh.com"
"aes256-gcm@openssh.com"
"aes128-gcm@openssh.com"
"aes256-ctr"
"aes192-ctr"
"aes128-ctr"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
};
};
services = {
openssh = {
enable = lib.mkDefault true;
extraConfig = "StreamLocalBindUnlink yes";
hostKeys = [
{
bits = 4096;
path = "/etc/ssh/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/etc/ssh/ssh_host_ecdsa_key";
type = "ecdsa";
}
];
settings = {
AllowAgentForwarding = "no";
AllowTcpForwarding = lib.mkDefault "yes";
ChallengeResponseAuthentication = "no";
ClientAliveCountMax = lib.mkDefault 2;
Compression = "NO";
IgnoreRhosts = "yes";
LogLevel = lib.mkDefault "VERBOSE";
MaxAuthTries = 3;
MaxSessions = lib.mkDefault 2;
PasswordAuthentication = false;
PermitEmptyPasswords = "no";
PermitRootLogin = lib.mkForce "no";
TcpKeepAlive = "no";
X11Forwarding = lib.mkDefault false;
KexAlgorithms = [
"curve25519-sha256@libssh.org"
"diffie-hellman-group-exchange-sha256"
];
Ciphers = [
"chacha20-poly1305@openssh.com"
"aes256-gcm@openssh.com"
"aes128-gcm@openssh.com"
"aes256-ctr"
"aes192-ctr"
"aes128-ctr"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
};
};
endlessh-go = {
enable = lib.mkDefault true;
port = 22;