more stuff

2024-01-06 14:42:34 -07:00 · 2024-01-06 14:42:34 -07:00 · 254f2db23d
parent 6a3d080566
commit 254f2db23d
1 changed files with 12 additions and 4 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -242,6 +242,9 @@
      acl_policy_path = pkgs.writeText "acl_policy.hujson" ''
        {
          "groups": {
+            "group:servers": [
+              "samsehu",
+            ],
            "group:admin": [
              "geemili",
              "desttinghim",
@ -257,9 +260,9 @@
          "ssh": [
            {
              "action": "accept",
-              "src": ["autogroup:member"],
-              "dst": ["autogroup:self"],
-              "users": ["autogroup:nonroot"],
+              "src": ["group:admin"],
+              "dst": ["group:servers"],
+              "users": ["group:admin", "geemili", "desttinghim"],
            },
          ],
        }
@ -308,7 +311,12 @@
  ];

  # Use systemd-resolved and set networkmanager to allow mdns
-  services.resolved.enable = true;
+  services.resolved = {
+    enable = true;
+    extraConfig = ''
+      DNSStubListener=false
+    '';
+  };
  networking.networkmanager.connectionConfig."connection.mdns" = 2; # 2 == yes

  # Copy the NixOS configuration file and link it from the resulting system