26 lines
377 B
Nix
26 lines
377 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./common.nix
|
|
];
|
|
|
|
documentation.enable = false;
|
|
|
|
security = {
|
|
acme.acceptTerms = true;
|
|
auditd.enable = true;
|
|
audit = {
|
|
enable = true;
|
|
rules = [
|
|
"-a exit,always -F arch=b64 -S execve"
|
|
];
|
|
};
|
|
};
|
|
|
|
modules.networking.tailscale = {
|
|
enable = true;
|
|
restrictSSH = false;
|
|
};
|
|
}
|