unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dc1ebb3655978d9e3f3704f88e46411ee3fe7e8d
nixos-blueprint/hosts/dunamis/services.nix
unexplrd ab6611a231 hosts/dunamis/boot.nix: add lanzaboote 
hosts/dunamis/services.nix: disable scx because module.sig_enforce and/or lockdown=confidentiality break it

Signed-off-by: unexplrd <unexplrd@linerds.us>
2025-03-29 14:37:17 +02:00

36 lines
776 B
Nix
Raw Blame History

{
services = {
# hardware.openrgb.enable = true;
flatpak.enable = true;
fstrim.enable = true;
fwupd.enable = true;
openssh.enable = true;
syncthing.openDefaultPorts = true;
dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
server_names = ["mullvad-doh"];
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
};
};
opensnitch = {
enable = false;
settings = {
DefaultAaction = "deny";
Firewall = "iptables";
InterceptUnknown = true;
ProcMonitorMethod = "ebpf";
};
};
scx = {
enable = false;
scheduler = "scx_flash";
};
logind = {
lidSwitch = "ignore";
powerKey = "suspend";
};
};
}
Reference in New Issue View Git Blame Copy Permalink