some security updates

This commit is contained in:
Glen Goodwin 2023-09-21 13:50:00 -04:00
parent cd74c7b0d4
commit 1722c0cf66
9 changed files with 144 additions and 11 deletions

View file

@ -5,9 +5,13 @@
[ (import ./hardware-configuration.nix) ] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix
(import ../../modules/desktop/virtualisation/default.nix) ++
(import ../../modules/hardware/default.nix) ++
# (import ./auditd.nix) ++
[ (import ./sysctl.nix) ] ++
[ (import ./kernel.nix) ] ++
[ (import ./auditd.nix) ] ++
[ (import ./openssh.nix) ] ++
[ (import ../../modules/desktop/hyprland/default.nix) ]; # Window Manager
hardware.sane = {
# Used for scanning with Xsane
enable = true;
@ -34,6 +38,8 @@
tailscale.enable = true;
};
networking.firewall.trustedInterfaces = [ "tailscale0" ];
#temporary bluetooth fix
systemd.tmpfiles.rules = [
"d /var/lib/bluetooth 700 root root - -"