rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

networking updates

Browse source
This commit is contained in:
Rouven Seifert 2023-12-12 17:44:28 +01:00
parent 9f6221d8b1
commit cf9dedf17a
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
4 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hosts/falkenstein/modules/fail2ban/default.nix
View file

@ -2,6 +2,10 @@
{ {
services.fail2ban = { services.fail2ban = {
enable = true; enable = true;
ignoreIP = [
"141.30.0.0/16"
"141.76.0.0/16"
];
bantime = "10m"; bantime = "10m";
bantime-increment = { bantime-increment = {
enable = true; enable = true;

5
hosts/falkenstein/modules/networks/default.nix
View file

@ -17,6 +17,11 @@
domain = "rfive.de"; domain = "rfive.de";
useNetworkd = true; useNetworkd = true;
enableIPv6 = true; enableIPv6 = true;
firewall = {
extraInputRules = ''
ip saddr 192.168.0.0/16 tcp dport 19531 accept comment "Allow journald gateway access from local networks"
'';
};
}; };
services.resolved = { services.resolved = {
dnssec = "true"; dnssec = "true";

5
hosts/nuc/modules/networks/default.nix
View file

@ -6,6 +6,11 @@
useNetworkd = true; useNetworkd = true;
enableIPv6 = true; enableIPv6 = true;
nftables.enable = true; nftables.enable = true;
firewall = {
extraInputRules = ''
ip saddr 192.168.0.0/16 tcp dport 19531 accept comment "Allow journald gateway access from local networks"
'';
};
}; };
services.lldpd.enable = true; services.lldpd.enable = true;
services.resolved = { services.resolved = {

1
shared/default.nix
View file

@ -6,6 +6,7 @@
./gpg.nix ./gpg.nix
./vim.nix ./vim.nix
./nix.nix ./nix.nix
./systemd.nix
./tmux.nix ./tmux.nix
./yazi.nix ./yazi.nix
./zsh.nix ./zsh.nix