1 files changed, 42 insertions, 0 deletions

diff --git a/modules/nixos/profiles/headless.nix b/modules/nixos/profiles/headless.nix
new file mode 100644
index 0000000..9faf531
--- /dev/null
+++ b/modules/nixos/profiles/headless.nix
@@ -0,0 +1,42 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib; let
+  cfg = config.nixfiles.modules.profiles.headless;
+in {
+  config = mkIf cfg.enable {
+    nixfiles.modules = {
+      openssh.server.enable = true;
+      endlessh-go.enable = true;
+
+      fail2ban.enable = true;
+
+      node-exporter.enable = true;
+      promtail.enable = true;
+    };
+
+    # Pin version to prevent any surprises.
+    boot.kernelPackages = pkgs.linuxPackages_5_15_hardened;
+
+    nix = {
+      gc = {
+        automatic = true;
+        dates = "weekly";
+        options = "--delete-older-than 30d";
+      };
+
+      optimise = {
+        automatic = true;
+        dates = ["daily"];
+      };
+    };
+
+    services.udisks2.enable = false;
+
+    xdg.sounds.enable = false;
+  };
+}