tulg/nixdots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hosts/modularization

Browse source
This commit is contained in:
tulg 2026-01-10 19:31:22 +03:00
parent 71e22f65bb
commit 5e4b53d885
16 changed files with 260 additions and 352 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/nixos/networking/bluetooth.nix Normal file
View file

@ -0,0 +1,24 @@
{
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
# Shows battery charge of connected devices on supported
# Bluetooth adapters. Defaults to 'false'.
Experimental = true;
# When enabled other devices can connect faster to us, however
# the tradeoff is increased power consumption. Defaults to
# 'false'.
FastConnectable = true;
};
Policy = {
# Enable all controllers when they are found. This includes
# adapters present on start as well as adapters that are plugged
# in later on. Defaults to 'true'.
AutoEnable = true;
};
};
};
services.blueman.enable = true;
}

13
modules/nixos/networking/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
inputs,
...
}: {
imports = [
./bluetooth.nix
./ssh.nix
./zapret.nix
];
}

15
modules/nixos/networking/ssh.nix Normal file
View file

@ -0,0 +1,15 @@
{
users.users."root".openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file
];
users.users."tulg".openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file
];
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = true;
PermitRootLogin = "yes";
};
};
}

51
modules/nixos/networking/zapret.nix Normal file
View file

@ -0,0 +1,51 @@
{
services.dnscrypt-proxy = {
enable = true;
settings = {
listen_addresses = [
"127.0.0.1:53"
"[::1]:53"
];
ignore_system_dns = true;
bootstrap_resolvers = [
"9.9.9.9:53"
"149.112.112.112:53"
"1.1.1.1:53"
];
fallback_resolvers = [
"9.9.9.9:53"
"1.1.1.1:53"
];
};
};
systemd.services.zapret = {
after = ["network-online.target"];
wants = ["network-online.target"];
};
services.zapret = {
enable = true;
params = [
"--dpi-desync=fake"
"--dpi-desync-ttl=8"
];
};
networking = {
networkmanager = {
enable = true;
dns = "none";
};
nameservers = [
"127.0.0.1"
"::1"
];
};
}