From 547390cf43b638f30a462cf3d4bfb694bfa23370 Mon Sep 17 00:00:00 2001
From: Minijackson <minijackson@riseup.net>
Date: Fri, 28 May 2021 19:44:54 +0200
Subject: audit: init

---
 flake.nix                   | 3 +++
 usecases/server/audit.nix   | 9 +++++++++
 usecases/server/default.nix | 1 +
 3 files changed, 13 insertions(+)
 create mode 100644 usecases/server/audit.nix

diff --git a/flake.nix b/flake.nix
index 6abace9..2ec22de 100644
--- a/flake.nix
+++ b/flake.nix
@@ -65,12 +65,15 @@
 
       usecases.desktop = {
         default = (import ./usecases/desktop/default.nix inputs);
+
         development = (import ./usecases/desktop/development.nix inputs);
         networkManager = (import ./usecases/desktop/networking/network-manager.nix inputs);
       };
 
       usecases.server = {
         default = (import ./usecases/server/default.nix inputs);
+
+        audit = (import ./usecases/server/audit.nix inputs);
         fail2ban = (import ./usecases/server/fail2ban.nix inputs);
         monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs);
         smartd = (import ./usecases/server/smartd.nix inputs);
diff --git a/usecases/server/audit.nix b/usecases/server/audit.nix
new file mode 100644
index 0000000..c59bfba
--- /dev/null
+++ b/usecases/server/audit.nix
@@ -0,0 +1,9 @@
+inputs:
+
+{ pkgs, ... }:
+
+{
+  security.audit.enable = true;
+
+  environment.systemPackages = with pkgs; [ lynis ];
+}
diff --git a/usecases/server/default.nix b/usecases/server/default.nix
index f32728a..79a7263 100644
--- a/usecases/server/default.nix
+++ b/usecases/server/default.nix
@@ -6,6 +6,7 @@ inputs:
 
 {
   imports = [
+    (import ./audit.nix inputs)
     (import ./fail2ban.nix inputs)
     (import ./monitoring-target.nix inputs)
   ];
-- 
cgit v1.2.3