]> Git — Sourcephile - sourcephile-nix.git/blob - machines/losurdo/security.nix
tor: update upstream PR
[sourcephile-nix.git] / machines / losurdo / security.nix
1 { inputs, pkgs, lib, config, machineName, ... }:
2 {
3 environment.memoryAllocator.provider = "libc";
4 services.openssh.extraConfig = ''
5 # This is for removing remote gpg-agent's socket
6 StreamLocalBindUnlink yes
7 '';
8 /*
9 installer.ssh-nixos = {
10 PATH = [pkgs.gnupg pkgs.openssh];
11 sshFlags = [
12 #"-R" "/var/lib/gnupg/S.gpg-agent.extra:/run/user/1000/gnupg/d.w1sj57hx3zfcwadyxpr6wko9/S.gpg-agent.extra"
13 #"-o" "StreamLocalBindUnlink=yes"
14 ];
15 };
16 security.wrappers = lib.mkForce {
17 ping.source = pkgs.inetutils + "/bin/ping";
18 ping.capabilities = "cap_net_raw+p";
19 };
20 */
21 }