From 8699da4a8550d5de9deb96dc7a33112f7cf978f1 Mon Sep 17 00:00:00 2001
From: Lgmrszd <lgmrszd@disroot.org>
Date: Sun, 12 May 2024 03:27:02 +0300
Subject: [PATCH] vps1: add second ssh listen port for forgejo

---
 hosts/vps1/configuration.nix | 6 +++++-
 hosts/vps1/services/git.nix  | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/hosts/vps1/configuration.nix b/hosts/vps1/configuration.nix
index 342effd..89d49e0 100644
--- a/hosts/vps1/configuration.nix
+++ b/hosts/vps1/configuration.nix
@@ -32,9 +32,13 @@ in
   networking.firewall.allowedTCPPorts = [ 80 443 ];
   services.openssh = {
     enable = true;
-    ports = [ 37163 ];
+    ports = [ 37163 22631 ];
     settings.PermitRootLogin = "no";
     settings.PasswordAuthentication = false;
+    extraConfig = ''
+    Match LocalPort 22631
+      AllowUsers forgejo
+    '';
   };
 
   networking.nat.enable = true;
diff --git a/hosts/vps1/services/git.nix b/hosts/vps1/services/git.nix
index dd4af54..a85c1b1 100644
--- a/hosts/vps1/services/git.nix
+++ b/hosts/vps1/services/git.nix
@@ -39,6 +39,7 @@ in
         ROOT_URL = "https://${srv.DOMAIN}/"; 
         HTTP_ADDR = "127.0.0.1";
         HTTP_PORT = 3001;
+        SSH_PORT = 22631;
       };
       DEFAULT = {
         APP_NAME = "Lgmrszd's git";