fix groups/default.nix should be groups/all/default.nix

2026-02-12 14:21:45 +10:00 · 2026-02-12 14:21:45 +10:00 · 27bc2ec0af
commit 27bc2ec0af
parent 9757cd823d
7 changed files with 111 additions and 94 deletions
--- a/groups/server/default.nix
+++ b/groups/server/default.nix
@ -1,19 +1,8 @@
 {lib, ...}: {
-  networking = {
-    networkmanager.enable = true;
-
-    # Use CloudFlare's WARP+ 1.1.1.1 DNS service
-    nameservers = [
-      "1.1.1.1"
-      "1.0.0.1"
+  networking.firewall = {
+    allowedTCPPorts = [
+      22
    ];
-
-    firewall = {
-      enable = lib.mkDefault true;
-      allowedTCPPorts = [
-        22
-      ];
-    };
  };

  security = {
@ -29,7 +18,7 @@
    };
    # allow SSH keys for passwordless auth
    pam = {
-      enableSSHAgentAuth = true;
+      sshAgentAuth.enable = true;
      services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module
    };
  };
@ -41,7 +30,7 @@
      settings = {
        PasswordAuthentication = false;
        PermitRootLogin = "no";
-        # AllowUsers = ["cry"]; # DO NOT ALLOW ALL
+        AllowUsers = ["cry"]; # DO NOT ALLOW ALL
        UseDns = true;
        X11Forwarding = false;
      };