Richie/dotfiles
1
0
Fork 0
mirror of https://github.com/RichieCahill/dotfiles.git synced 2026-04-17 21:18:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

clean up

Browse Source
This commit is contained in:
Richie Cahill
2024-09-08 15:44:34 -04:00
parent 0ae86f780c
commit ceaaa5dc2d
2 changed files with 181 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
.vscode/settings.json vendored
View File

@@ -1,50 +1,171 @@
{ {
"cSpell.words": [ "cSpell.words": [
"aboutwelcome",
"ahci",
"alsa", "alsa",
"asrouter",
"auditd",
"autofetch",
"autopull",
"azuretools",
"bantime", "bantime",
"bitwarden",
"breakpad",
"btop", "btop",
"cachix", "cachix",
"captivedetect",
"cgroupdriver", "cgroupdriver",
"charliermarsh",
"codezombiech",
"compactmode",
"Compat", "Compat",
"contentblocking",
"cookiebanners",
"crlite",
"darkreader",
"datareporting",
"davidanson",
"dconf",
"dearrow",
"debugpy",
"dialout", "dialout",
"diffie",
"direnv",
"dmask",
"dotfiles", "dotfiles",
"drawio",
"eamodio",
"endlessh",
"errorlens",
"esbenp",
"extest", "extest",
"fastforwardteam",
"FASTFOX",
"fileroller",
"findbar",
"fmask",
"formfill",
"foxundermoon",
"FULLSCREEN",
"fxaccounts",
"gamemode", "gamemode",
"gamescope", "gamescope",
"ghdeploy",
"globalprivacycontrol",
"gparted",
"healthreport",
"Heatsink",
"hediet",
"hexeditor",
"hicolor",
"hmac",
"HPKP",
"htmlaboutaddons",
"hwloc", "hwloc",
"iperf", "iperf",
"jnoortheen",
"jsbc",
"libglvnd", "libglvnd",
"libmysqlclient", "libmysqlclient",
"libsodium", "libsodium",
"libssh", "libssh",
"libvirtd", "libvirtd",
"luks",
"lynis", "lynis",
"mangohud", "mangohud",
"markdownlint",
"maxretry", "maxretry",
"maxtime", "maxtime",
"mechatroner",
"mediainfo",
"modesetting",
"mousewheel",
"mtxr",
"ncdu", "ncdu",
"nemo",
"neofetch", "neofetch",
"networkmanager", "networkmanager",
"newtabpage",
"nixos", "nixos",
"nixpkgs", "nixpkgs",
"nmap", "nmap",
"nonsponsored",
"nvme",
"OCSP",
"oderwat",
"optimise",
"optoutstudies",
"overalljails", "overalljails",
"overscroll",
"pbmode",
"pciutils", "pciutils",
"pdfjs",
"peerconnection",
"PESKYFOX",
"pipewire", "pipewire",
"pkgs", "pkgs",
"plugdev", "plugdev",
"privatebrowsing",
"proxychains",
"prusa",
"pulseaudio", "pulseaudio",
"punycode",
"pylance",
"quicksuggest",
"readahead",
"Redistributable",
"referer",
"REFERERS",
"Rhosts",
"ripgrep", "ripgrep",
"rtkit", "rtkit",
"rycee", "rycee",
"safebrowsing",
"schemeless",
"scrollback",
"SECUREFOX",
"sessionstore",
"shellcheck",
"signon",
"Signons",
"skia",
"smartmontools", "smartmontools",
"SMOOTHFOX",
"socialtracking",
"sponsorblock",
"sqltools",
"stdenv", "stdenv",
"subresource",
"substituters", "substituters",
"supermaven",
"tabmanager",
"tamasfe",
"tiktok",
"timonwong",
"topsites",
"topstories",
"twimg",
"uaccess", "uaccess",
"ublock",
"uitour",
"unsubmitted",
"urlbar",
"urlclassifier",
"usbhid",
"usbutils", "usbutils",
"usernamehw",
"userprefs",
"vfat",
"virt",
"virtualisation", "virtualisation",
"vpnpromourl",
"webchannel",
"WEBRTC",
"wireshark", "wireshark",
"xhci",
"yzhang",
"zerotier", "zerotier",
"zerotierone",
"zoxide", "zoxide",
"zstd" "zstd"
] ]

120
systems/common/global/ssh.nix
View File

@@ -1,66 +1,66 @@
{ lib, ... }: { lib, ... }:
{ {
services.openssh = {
enable = lib.mkDefault true;
extraConfig = "StreamLocalBindUnlink yes";
hostKeys = [
{
bits = 4096;
path = "/etc/ssh/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/etc/ssh/ssh_host_ecdsa_key";
type = "ecdsa";
}
];
settings = {
AllowAgentForwarding = "no";
AllowTcpForwarding = lib.mkDefault "yes";
ChallengeResponseAuthentication = "no";
ClientAliveCountMax = lib.mkDefault 2;
Compression = "NO";
IgnoreRhosts = "yes";
LogLevel = lib.mkDefault "VERBOSE";
MaxAuthTries = 3;
MaxSessions = lib.mkDefault 2;
PasswordAuthentication = false;
PermitEmptyPasswords = "no";
PermitRootLogin = lib.mkForce "no";
TcpKeepAlive = "no";
X11Forwarding = lib.mkDefault false;
KexAlgorithms = [
"curve25519-sha256@libssh.org"
"diffie-hellman-group-exchange-sha256"
];
Ciphers = [
"chacha20-poly1305@openssh.com"
"aes256-gcm@openssh.com"
"aes128-gcm@openssh.com"
"aes256-ctr"
"aes192-ctr"
"aes128-ctr"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
};
};
services = { services = {
openssh = {
enable = lib.mkDefault true;
extraConfig = "StreamLocalBindUnlink yes";
hostKeys = [
{
bits = 4096;
path = "/etc/ssh/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/etc/ssh/ssh_host_ecdsa_key";
type = "ecdsa";
}
];
settings = {
AllowAgentForwarding = "no";
AllowTcpForwarding = lib.mkDefault "yes";
ChallengeResponseAuthentication = "no";
ClientAliveCountMax = lib.mkDefault 2;
Compression = "NO";
IgnoreRhosts = "yes";
LogLevel = lib.mkDefault "VERBOSE";
MaxAuthTries = 3;
MaxSessions = lib.mkDefault 2;
PasswordAuthentication = false;
PermitEmptyPasswords = "no";
PermitRootLogin = lib.mkForce "no";
TcpKeepAlive = "no";
X11Forwarding = lib.mkDefault false;
KexAlgorithms = [
"curve25519-sha256@libssh.org"
"diffie-hellman-group-exchange-sha256"
];
Ciphers = [
"chacha20-poly1305@openssh.com"
"aes256-gcm@openssh.com"
"aes128-gcm@openssh.com"
"aes256-ctr"
"aes192-ctr"
"aes128-ctr"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
};
};
endlessh-go = { endlessh-go = {
enable = lib.mkDefault true; enable = lib.mkDefault true;
port = 22; port = 22;