2025-03-12 HEAD master

1 files changed, 47 insertions, 0 deletions

diff --git a/modules/profiles/headless/default.nix b/modules/profiles/headless/default.nix
new file mode 100644
index 0000000..42c041b
--- /dev/null
+++ b/modules/profiles/headless/default.nix
@@ -0,0 +1,47 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+let
+  cfg = config.nixfiles.modules.profiles.headless;
+in
+{
+  imports = lib.modulesIn ./. |> lib.attrValues;
+
+  options.nixfiles.modules.profiles.headless.enable = lib.mkEnableOption "headless profile" // {
+    default = this.isHeadless;
+  };
+
+  config = lib.mkIf cfg.enable {
+    nixfiles.modules = {
+      endlessh-go.enable = true;
+      fail2ban.enable = true;
+      openssh.server.enable = true;
+    };
+
+    hm.home.file = {
+      ".hushlogin".text = "";
+      ".bash_history".source = config.hm.lib.file.mkOutOfStoreSymlink "/dev/null";
+    };
+
+    boot.kernelPackages = pkgs.linuxPackages_hardened;
+
+    nix = {
+      gc = {
+        automatic = true;
+        dates = "weekly";
+        options = "--delete-older-than 30d";
+      };
+
+      optimise = {
+        automatic = true;
+        dates = [ "daily" ];
+      };
+    };
+
+    services.udisks2.enable = false;
+  };
+}