unexplrd
1dc168ce63
and adapt various config elements from it Signed-off-by: unexplrd <unexplrd@linerds.us>
42 lines
923 B
Nix
42 lines
923 B
Nix
{lib, ...}: {
|
|
services = {
|
|
# hardware.openrgb.enable = true;
|
|
avahi.enable = true;
|
|
flatpak.enable = true;
|
|
fwupd.enable = true;
|
|
openssh.enable = true;
|
|
speechd.enable = lib.mkForce false;
|
|
syncthing.openDefaultPorts = true;
|
|
userborn.enable = true;
|
|
dnscrypt-proxy2 = {
|
|
enable = true;
|
|
settings = {
|
|
require_dnssec = true;
|
|
server_names = ["mullvad-doh"];
|
|
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
|
|
};
|
|
};
|
|
fstrim = {
|
|
enable = true;
|
|
interval = "daily";
|
|
};
|
|
opensnitch = {
|
|
enable = false;
|
|
settings = {
|
|
DefaultAaction = "deny";
|
|
Firewall = "iptables";
|
|
InterceptUnknown = true;
|
|
ProcMonitorMethod = "ebpf";
|
|
};
|
|
};
|
|
scx = {
|
|
enable = true;
|
|
scheduler = "scx_flash";
|
|
};
|
|
logind = {
|
|
lidSwitch = "ignore";
|
|
powerKey = "suspend";
|
|
};
|
|
};
|
|
}
|