Joey Hafner
bbe52da9bb
- Flake to build personal systems moved to `dotfiles/` - Flake to build silver-flame cluster moved to `homelab/local-hosts/silver-flame - Delete undercooked "digitalocean" and "iso" image builds
25 lines
451 B
Nix
25 lines
451 B
Nix
{ ... }: {
|
|
|
|
# Enable passwordless sudo
|
|
security.sudo = {
|
|
enable = true;
|
|
extraRules = [{
|
|
commands = [
|
|
{
|
|
command = "ALL";
|
|
options = [ "NOPASSWD" ];
|
|
}
|
|
];
|
|
groups = [ "wheel" ];
|
|
}];
|
|
};
|
|
|
|
# Enable SSH server with exclusively key-based auth
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PasswordAuthentication = false;
|
|
settings.KbdInteractiveAuthentication = false;
|
|
};
|
|
}
|
|
|