modules/server/sshd.nix at main · kitten.sh/system

kitten.sh / system

Personal Nix setup

system / modules / server / sshd.nix

at main 706 B view raw

 1{ lib, config, user, helpers, ... }:
 2
 3with lib;
 4let
 5  cfg = config.modules.server;
 6in {
 7  options.modules.server.sshd = {
 8    enable = mkOption {
 9      default = cfg.enable;
10      example = true;
11      description = "Whether to enable SSH server.";
12      type = types.bool;
13    };
14  };
15
16  config = mkIf cfg.sshd.enable {
17    users.users."${user}".openssh.authorizedKeys.keys = [
18      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGgNlwxQFRcZjnOyoNQ9HDkhGrESU8J5fwd0HeF6CiYg"
19    ];
20
21    services.openssh = {
22      enable = true;
23    } // helpers.linuxAttrs {
24      settings.PermitRootLogin = mkDefault "no";
25      openFirewall = mkDefault (!config.modules.router.enable);
26      ports = [ 22 2222 ];
27    };
28  };
29}