tmp: Move ssh.nix to module

author: Linnnus <[email protected]> 2024-02-13 17:24:57 +0100
committer: Linnnus <[email protected]> 2024-02-13 17:24:57 +0100
commit: a908af9a955e64828f0b4f0c3b1c5770775c9794 (patch)
tree: a67604f9fb38f78e5ff49099d912ff4ed88c2c17 /hosts/ahmed/ssh
parent: d556a3b4638835b407232491959940d92d8468db (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/hosts/ahmed/ssh/default.nix b/hosts/ahmed/ssh/default.nix
new file mode 100644
index 0000000..3c6b7ad
--- /dev/null
+++ b/hosts/ahmed/ssh/default.nix
@@ -0,0 +1,19 @@
+# This file configures openSSH on this host.
+{
+  lib,
+  metadata,
+  ...
+}: {
+  # Who is allowed/expected to connect to this machine?
+  networking.firewall.allowedTCPPorts = [22];
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+
+  users.users = lib.genAttrs ["root" "linus"] (_: {
+    openssh.authorizedKeys.keys = [
+      metadata.hosts.muhammed.sshPubKey
+    ];
+  });
+}
author	Linnnus <[email protected]>	2024-02-13 17:24:57 +0100
committer	Linnnus <[email protected]>	2024-02-13 17:24:57 +0100
commit	a908af9a955e64828f0b4f0c3b1c5770775c9794 (patch)
tree	a67604f9fb38f78e5ff49099d912ff4ed88c2c17 /hosts/ahmed/ssh
parent	d556a3b4638835b407232491959940d92d8468db (diff)