os/modules/core/services.nix

{
  config,
  pkgs,
  lib,
  ...
}: {
  # For rage encryption, all hosts need a ssh key pair
  services.openssh = {
    enable = true;
    # If you don't want the host to have SSH actually opened up to the net,
    # set `services.openssh.openFirewall` to false in your config.
    openFirewall = lib.mkDefault true;
    passwordAuthentication = lib.mkDefault false;
  };

  # Service that makes Out of Memory Killer more effective
  services.earlyoom.enable = true;
}
feature/restructure-core-profile (#109) Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de> Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/109 Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org> Reviewed-by: teutat3s <teutates@mailbox.org> 2022-08-13 20:35:43 +00:00			`{`
Run treefmt command 2022-11-20 22:28:23 +00:00			`config,`
			`pkgs,`
			`lib,`
			`...`
			`}: {`
feature/restructure-core-profile (#109) Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de> Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/109 Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org> Reviewed-by: teutat3s <teutates@mailbox.org> 2022-08-13 20:35:43 +00:00			`# For rage encryption, all hosts need a ssh key pair`
			`services.openssh = {`
			`enable = true;`
Open up SSH by default 2022-10-03 02:55:14 +00:00			`# If you don't want the host to have SSH actually opened up to the net,`
			# set `services.openssh.openFirewall` to false in your config.
			`openFirewall = lib.mkDefault true;`
define settings as defaults 2022-12-26 14:08:02 +00:00			`passwordAuthentication = lib.mkDefault false;`
feature/restructure-core-profile (#109) Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de> Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/109 Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org> Reviewed-by: teutat3s <teutates@mailbox.org> 2022-08-13 20:35:43 +00:00			`};`

			`# Service that makes Out of Memory Killer more effective`
			`services.earlyoom.enable = true;`
			`}`