mirror of
https://git.lgmrszd.xyz/Lgmrszd/nix-cfg.git
synced 2024-12-24 00:48:06 +01:00
28 lines
819 B
Nix
28 lines
819 B
Nix
|
{ pkgs, config, data, ... }:
|
||
|
let
|
||
|
gitSSHPort = data.services.git.sshPort;
|
||
|
in
|
||
|
{
|
||
|
services.openssh = {
|
||
|
enable = true;
|
||
|
ports = [ (if data ? sshPort then data.sshPort else 37163) gitSSHPort ];
|
||
|
settings.PermitRootLogin = "no";
|
||
|
settings.PasswordAuthentication = false;
|
||
|
extraConfig = ''
|
||
|
Match LocalPort ${toString gitSSHPort}
|
||
|
AllowUsers forgejo
|
||
|
'';
|
||
|
};
|
||
|
programs.ssh.startAgent = true;
|
||
|
|
||
|
services.endlessh-go = {
|
||
|
enable = true;
|
||
|
openFirewall = true;
|
||
|
port = 22;
|
||
|
};
|
||
|
|
||
|
users.users.lgm.openssh.authorizedKeys.keys = [
|
||
|
''sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHFPA2RhqZIVCLwYuEUDQyOnJ4g1R6IfQyhGqZ2Cvvu+AAAABHNzaDo= lgm@lgm-nixos''
|
||
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUawqrjSPXTwQ4ZY2rw9o+XgmK7TbH0QEIXQPh8gT0J lgm@lgm-nixos''
|
||
|
];
|
||
|
}
|