diff --git a/configuration.nix b/configuration.nix index f550b91..954c6d6 100644 --- a/configuration.nix +++ b/configuration.nix @@ -2,7 +2,6 @@ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ./modules/custom - ./modules/uptimed.nix ]; boot = { diff --git a/modules/uptimed.nix b/modules/uptimed.nix deleted file mode 100644 index 6f71fbb..0000000 --- a/modules/uptimed.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ pkgs, ... }: { - services.uptimed.enable = true; - environment.etc."uptimed.conf".text = '' - # Uptimed configuration file. - - # Interval to write the logfile with in seconds. - UPDATE_INTERVAL=60 - - # Maximum number of entries in logfile. Set to 0 for unlimited. - LOG_MAXIMUM_ENTRIES=50 - - # Minimum uptime that must be reached for it to be considered a record. - LOG_MINIMUM_UPTIME=1h - - # Minimum uptime before sending out e-mail. - MAIL_MINIMUM_UPTIME=1d - - # Minimum position before sending out e-mail. - MAIL_MINIMUM_POSITION=10 - - # Email address to mail milestones/records to. - # Assumes sendmail compatible MTA installed as /usr/lib/sendmail. - # You can enable this below or with the -e option on the commandline. - EMAIL=root@localhost - - # Send email? (0 = no way, 1 = yes please!, 2 = only for milestones, - # 3 = only for records) - SEND_EMAIL=0 - - # We need a sendmail compatible mailer, though. - SENDMAIL=${pkgs.msmtp}/bin/msmtp -t - - # Where to note our PID - PIDFILE=/var/run/uptimed - - # Milestones are configurable now. - # Syntax is pretty easy: MILESTONE=time:description - # Default time is in seconds, but it can be postfixed with "d", "w" or "y" - # for days/weeks/years. - # Keep in mind that the description needs to fit in the window. - MILESTONE=5d:five days - MILESTONE=10d:ten days - MILESTONE=25d:twenty-five days - MILESTONE=50d:fifty days - MILESTONE=10w:ten weeks - MILESTONE=75d:seventy-five days - MILESTONE=100d:hundred days - MILESTONE=150d:hundred and fifty days - MILESTONE=25w:twenty-five weeks - MILESTONE=200d:two hundred days - MILESTONE=250d:250 days - MILESTONE=300d:three hundred days - MILESTONE=50w:fifty weeks - MILESTONE=1y:one year - MILESTONE=400d:four hundred days - MILESTONE=500d:five hundred days - MILESTONE=100w:hundred weeks - MILESTONE=750d:750 days - MILESTONE=1000d:thousand days - ''; -} diff --git a/nftables.conf b/nftables.conf deleted file mode 100644 index 10d456f..0000000 --- a/nftables.conf +++ /dev/null @@ -1,28 +0,0 @@ -table inet nixos-fw { - chain rpfilter { - type filter hook prerouting priority mangle + 10; policy drop; - meta nfproto ipv4 udp sport . udp dport { 68 . 67, 67 . 68 } accept comment "DHCPv4 client/server" - fib saddr . mark . iif oif exists accept - } - - chain input { - type filter hook input priority filter; policy drop; - iifname "lo" accept comment "trusted interfaces" - ct state vmap { invalid : drop, established : accept, related : accept, new : jump input-allow, untracked : jump input-allow } - tcp flags syn / fin,syn,rst,ack log prefix "refused connection: " level info - } - - chain input-allow { - tcp dport 22 accept - tcp dport 5432 accept comment "PostgreSQL server" - tcp dport 6443 accept comment "k3s" - icmp type echo-request accept comment "allow ping" - icmpv6 type != { nd-redirect, 139 } accept comment "Accept all ICMPv6 messages except redirects and node information queries (type 139). See RFC 4890, section 4.4." - ip6 daddr fe80::/64 udp dport 546 accept comment "DHCPv6 client" - } - - chain forward-allow { - type filter hook forward priority filter; policy drop; - ip daddr 192.168.30.0/24 accept - } -}