feat: make some settings better.

modules/servers/general/additional-pkgs.nix

@@ -2,5 +2,7 @@
   environment.systemPackages = with pkgs; [
     aria2
     unzip
+    lm_sensors
+    neovim
   ];
 }

modules/servers/general/default.nix

@@ -7,10 +7,11 @@
     ./podman.nix
     ./additional-pkgs.nix
     ./root.nix
-    ./beszel-agent.nix
     ./optimise-storage.nix
     ./restic.nix
     ./nix-features.nix
     ./shell.nix
+    ./fail2ban.nix
+    ./beszel-agent.nix
   ];
 }

modules/servers/general/openssh.nix

@@ -1,4 +1,8 @@
-{...}: {
+{
+  config,
+  lib,
+  ...
+}: {
   services.openssh = {
     enable = true;
     settings = {
@@ -25,19 +29,4 @@
   users.users.root.openssh.authorizedKeys.keys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJLduAXHWJiglmfRfkBGKffzVWkJP6porxIzw6+Zz3W crony@cronyakatsuki.xyz"
   ];
-
-  services.fail2ban = {
-    enable = true;
-    maxretry = 5;
-    ignoreIP = [
-      "65.21.241.194"
-    ];
-    bantime = "24h"; # Ban IPs for one day on the first ban
-    bantime-increment = {
-      enable = true; # Enable increment of bantime after each violation
-      multipliers = "1 2 4 8 16 32 64";
-      maxtime = "168h"; # Do not ban for more than 1 week
-      overalljails = true; # Calculate the bantime based on all the violations
-    };
-  };
 }

modules/servers/general/user.nix

@@ -3,9 +3,10 @@
   security.sudo.wheelNeedsPassword = false;
 
   users.users.crony = {
-    hashedPasswordFile = "${config.age.secrets.crony-passwd.path}";
+    linger = true;
     isNormalUser = true;
     description = "crony";
+    hashedPasswordFile = "${config.age.secrets.crony-passwd.path}";
     extraGroups = [
       "wheel"
     ];