| Commit message (Collapse) | Author |
|---|
|
All users are in the wheel group, thus direct login as root is no longer
needed.
|
|
|
|
This is inherently unsafe because it requires an unencrypted handshake.
Considering that all protocols also work directly with TLS i.e., the
encrypted variant, disabling this shouldn't be a drawback.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This provides an html file located at /srv/www/vhack.eu/index.html over
https.
|
|
|
|
We used the domain name instead of the host name, which obviously
doesn't work for multiple host. In addition to that I changed some
directory to make importing easier and enabled the "nix-command" and
"flakes" experimental options, to make the `nix flake check` command
usable.
Refs: #15
|
|
Nix flakes make a lot of things very easy.
|
|
Someone put a string, where a list of strings belonged. I took the
freedom to change that.
|
|
We run a headless server, so some things, like emergency boot mode, don't really make sense. This
import disables these.
|
|
|
|
|
|
Saving hashed passwords should be relatively safe, as long as the hashing
algorithm isn't flawed. Considering, that we use yescrypt with higher
than average parameters ('jFT' instead of 'j9T'), we should be safe for
now.
|
|
|
|
This reverts commit 5a137ce8b8f4b1dcfee03d001938c0fa25df842f.
|
|
resolve conflicts with target branch
|
|
The passwords will be stored in a specific password file, which because it
isn't part of this repository is secure.
Refs: #9
|
|
The names of the settings in the GitHub repository are outdated, this
commit changes the setting name to the real ones.
|
|
I changed the valid ssh-host-keys from both rsa and ed25519 to
only ed25519 and moved them to `/srv/ssh` to make them persistent.
In addition to that, I also increased the rounds for the ed25519 key to
1000.
This fixes the ssh-host-key issue introduced by pull request #5.
Fixes: #5
|
|
This module generates a TOML config from a nix set.
|
|
|
|
I'm not sure if this is really helpful
|
