1 { inputs, pkgs, lib, config, hostName, ... }:
3 inherit (config.users) users;
10 nixpkgs.config.allowUnfree = true; # for hplip
11 nix.settings.trusted-users = [
19 openssh.authorizedKeys.keys =
20 users."julm".openssh.authorizedKeys.keys;
24 openssh.authorizedKeys.keys = [
28 openssh.authorizedKeys.keys = [
29 (lib.readFile ../../users/sevy/ssh/patate.pub)
30 (lib.readFile ../../users/julm/ssh/carotte.pub)
55 networking.nftables.ruleset = ''
57 chain output-net-julm {
58 tcp dport {smtp, submissions} counter accept comment "SMTP"
59 tcp dport nicname counter accept comment "Whois"
60 tcp dport imaps counter accept comment "IMAPS"
61 tcp dport ircs-u counter accept comment "IRCS"
62 tcp dport 2222 counter accept comment "SSH(boot)"
63 tcp dport xmpp-client counter accept comment "XMPP"
64 tcp dport hkp counter accept comment "HKP"
65 tcp dport {9009,9010,9011,9012,9013} counter accept comment "croc"
66 udp dport 33434-33523 counter accept comment "traceroute"
67 udp dport 60000-61000 counter accept comment "Mosh"
70 skuid ${users.julm.name} jump output-net-julm