Browse Source

Enables SNMP agent

main
Dustin Frisch 1 month ago
parent
commit
5e66fbbcf7
No known key found for this signature in database GPG Key ID: B4C3BF012D9B26BE
  1. 39
      system.nix

39
system.nix

@ -52,9 +52,44 @@
settings.PermitRootLogin = "without-password";
};
networking.firewall.allowedTCPPorts = [
22
services.snmpd = {
enable = true;
package = pkgs.net-snmp.overrideAttrs (old: {
patches = old.patches ++ [
(pkgs.fetchpatch {
name = "modern-linux-compat.patch";
url = "https://patch-diff.githubusercontent.com/raw/net-snmp/net-snmp/pull/785.patch";
hash = "sha256-ZSF16RacrHddH50inHdmDYnu+fDS5eZd4PgK62s5C4g=";
})
];
});
configText = ''
rocommunity public 193.174.29.55/32
rocommunity public 127.0.0.1/8
rocommunity6 public ::1/64
com2sec notConfigUser default public
com2sec6 notConfigUser default public
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
access notConfigGroup "" any noauth exact systemview none none
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
dontLogTCPWrappersConnects yes
'';
};
networking.firewall = {
allowedTCPPorts = [
22 # SSH
];
allowedUDPPorts = [
161 # SNMP
];
};
sops.secrets."root/password" = {
sopsFile = ./secrets/root.yaml;

Loading…
Cancel
Save