diff --git a/hosts/mikan/config.nix b/hosts/mikan/config.nix index 1e7311a..bdf97c4 100644 --- a/hosts/mikan/config.nix +++ b/hosts/mikan/config.nix @@ -2,13 +2,14 @@ services.openssh = { enable = true; ports = [2291]; - extraConfig = "AuthorizedKeysFile %h/.local/ssh/authorized_keys"; + authorizedKeysFiles = ["%h/.local/ssh/authorized_keys"]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; }; }; networking.firewall.allowedTCPPorts = [2291 80 443]; + services.fail2ban.enable = true; services.qemuGuest.enable = true; services.forgejo = { enable = true; @@ -89,4 +90,5 @@ }; }; users.users.nginx.extraGroups = ["acme"]; + services.tailscale.enable = true; } diff --git a/system/configuration.nix b/system/configuration.nix index 30cf9d7..ed9260f 100644 --- a/system/configuration.nix +++ b/system/configuration.nix @@ -9,6 +9,7 @@ experimental-features = ["nix-command" "flakes"]; use-xdg-base-directories = true; }; + nix.channel.enable = false; environment.pathsToLink = ["/libexec"]; environment.localBinInPath = true; diff --git a/user/config/bash/custom b/user/config/bash/custom index bb30329..630dcbb 100644 --- a/user/config/bash/custom +++ b/user/config/bash/custom @@ -34,6 +34,7 @@ _exists zoxide && eval "$(zoxide init bash)" # use starship prompt, unless in linux terminal if [[ "$TERM" != "linux" ]]; then + [[ -v SSH_CONNECTION ]] && _set_title_suffix="@$(hostname)" # suppress setting title for the commands run by nix-shell initalization [[ -v IN_NIX_SHELL ]] && _suppress_title=1 function _set_win_title { @@ -48,7 +49,7 @@ if [[ "$TERM" != "linux" ]]; then if declare -F _bashrc_main > /dev/null; then return elif [[ "$@" != @("starship_precmd"|""|"__fzf_history__"|"fzf-file-widget"|"history -a"|"__zoxide_hook") ]]; then - printf "\e]0;%s | %s | %s\a" "$(dirs +0)" "$@" "$(date +"%H:%M:%S")" + printf "\e]0;%s | %s | %s\a" "$(dirs +0)$_set_title_suffix" "$@" "$(date +"%H:%M:%S")" fi } # set window title after running command