From dc7dc9e7853ac2cbfc58cd65a0f1d40e08637b3d Mon Sep 17 00:00:00 2001
From: schererleander <leander@schererleander.de>
Date: Tue, 3 Feb 2026 19:13:48 +0100
Subject: refactor(module): remove old module options

---
 hosts/lilith/configuration.nix             |  3 +++
 hosts/sachiel/configuration.nix            | 12 ++++--------
 modules/nixos/server/nextcloud/default.nix |  4 ++--
 modules/nixos/server/openssh/default.nix   | 15 +++++++--------
 4 files changed, 16 insertions(+), 18 deletions(-)

diff --git a/hosts/lilith/configuration.nix b/hosts/lilith/configuration.nix
index e631b51..a878584 100644
--- a/hosts/lilith/configuration.nix
+++ b/hosts/lilith/configuration.nix
@@ -45,6 +45,9 @@ in
     ];
     casks = [
       "mullvad-vpn"
+      "nextcloud"
+      "iterm2"
+      "rectangle"
     ];
     onActivation.cleanup = "zap";
     onActivation.autoUpdate = true;
diff --git a/hosts/sachiel/configuration.nix b/hosts/sachiel/configuration.nix
index e36e91a..9a81a45 100644
--- a/hosts/sachiel/configuration.nix
+++ b/hosts/sachiel/configuration.nix
@@ -1,4 +1,5 @@
 {
+  inputs,
   pkgs,
   host,
   ...
@@ -10,6 +11,7 @@ in
 {
   imports = [
     ./hardware-configuration.nix
+    (import ../../modules/secrets/default.nix)
   ];
 
   boot.tmp.cleanOnBoot = true;
@@ -67,15 +69,9 @@ in
   };
 
   nx.server = {
-    openssh = {
-      enable = true;
-      allowedUsers = [ username ];
-    };
+    openssh.enable = true;
     nginx.enable = true;
-    nextcloud = {
-      enable = true;
-      user = username;
-    };
+    nextcloud.enable = true;
     site.enable = true;
   };
 
diff --git a/modules/nixos/server/nextcloud/default.nix b/modules/nixos/server/nextcloud/default.nix
index db665cf..11d5ea9 100644
--- a/modules/nixos/server/nextcloud/default.nix
+++ b/modules/nixos/server/nextcloud/default.nix
@@ -5,7 +5,7 @@
   ...
 }:
 let
-  inherit (lib) mkEnableOption mkIf;
+  inherit (lib) mkEnableOption mkIf mkDefault;
   cfg = config.nx.server.nextcloud;
 in
 {
@@ -113,7 +113,7 @@ in
 
     services.fail2ban = {
       enable = true;
-      bantime = "86400";
+       bantime = lib.mkDefault "1h";
       jails = {
         nextcloud = {
           enabled = true;
diff --git a/modules/nixos/server/openssh/default.nix b/modules/nixos/server/openssh/default.nix
index a56460d..ac23d28 100644
--- a/modules/nixos/server/openssh/default.nix
+++ b/modules/nixos/server/openssh/default.nix
@@ -5,7 +5,7 @@
 }:
 
 let
-  inherit (lib) mkEnableOption mkIf;
+  inherit (lib) mkEnableOption mkIf mkDefault;
   cfg = config.nx.server.openssh;
 in
 {
@@ -17,18 +17,17 @@ in
     services.openssh = {
       enable = true;
       ports = [ 8693 ];
-      settings = {
-        PasswordAuthentication = false;
-        AllowUsers = [ ];
-        X11Forwarding = false;
-        PermitRootLogin = "yes";
-      };
+       settings = {
+         PasswordAuthentication = false;
+         X11Forwarding = false;
+         PermitRootLogin = "yes";
+       };
     };
     networking.firewall.allowedTCPPorts = [ 8693 ];
 
     services.fail2ban = {
       enable = true;
-      bantime = "1h";
+       bantime = lib.mkDefault "1h";
       jails = {
         sshd = {
           enabled = true;
-- 
cgit v1.3.1