-
!important flatten nixosSystem definitions
- instead of
import ./systems/stuff {}donixosSystem = {...; imports = [./systems/stuff]}
- instead of
-
migrate firewall to nftables
- setup ipsets and block known abusers
-
setup autoUpgrade
-
migrate ~/.yubico/authorized_yubikeys to HM config (via pam.yubico.authorizedYubiKeys.ids)
-
[-] fcitx5
- enable and configure basic fcitx5 stuff
- migrate rime config to HM
-
arrpc
-
one of
- setup port knocking/fwknop
- shield sshd behind fwknop
- wireguard
- setup port knocking/fwknop
- migrate to a configuration where erase your darlings is possible
- setup patchouli
- setup vaultwarden