1 files changed, 11 insertions, 2 deletions

diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 741955eee..a9ba1eadd 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -14,7 +14,7 @@ with config.krebs.lib;
       stockholm = "/home/tv/stockholm";
       nixpkgs = {
         url = https://github.com/NixOS/nixpkgs;
-        rev = "87fe38fd0e19ca83fc3ea338f8e0e7b12971d204";
+        rev = "8bf31d7d27cae435d7c1e9e0ccb0a320b424066f";
       };
     } // optionalAttrs config.krebs.build.host.secure {
       secrets-master = "/home/tv/secrets/master";
@@ -25,6 +25,7 @@ with config.krebs.lib;
 
   imports = [
     <secrets>
+    ./audit.nix
     ./backup.nix
     ./nginx
     ./vim.nix
@@ -152,6 +153,7 @@ with config.krebs.lib;
       services.cron.enable = false;
       services.nscd.enable = false;
       services.ntp.enable = false;
+      services.timesyncd.enable = true;
     }
 
     {
@@ -168,13 +170,20 @@ with config.krebs.lib;
     }
 
     {
+      services.journald.extraConfig = ''
+        SystemMaxUse=1G
+        RuntimeMaxUse=128M
+      '';
+    }
+
+    {
       services.openssh = {
         enable = true;
         hostKeys = [
           { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
         ];
       };
-      tv.iptables.input-internet-accept-new-tcp = singleton "ssh";
+      tv.iptables.input-internet-accept-tcp = singleton "ssh";
     }
 
     {