From a908af9a955e64828f0b4f0c3b1c5770775c9794 Mon Sep 17 00:00:00 2001
From: Linnnus <linnnus@users.noreply.github.com>
Date: Tue, 13 Feb 2024 17:24:57 +0100
Subject: tmp: Move ssh.nix to module

---
 hosts/ahmed/ssh/default.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 hosts/ahmed/ssh/default.nix

(limited to 'hosts/ahmed/ssh')

diff --git a/hosts/ahmed/ssh/default.nix b/hosts/ahmed/ssh/default.nix
new file mode 100644
index 0000000..3c6b7ad
--- /dev/null
+++ b/hosts/ahmed/ssh/default.nix
@@ -0,0 +1,19 @@
+# This file configures openSSH on this host.
+{
+  lib,
+  metadata,
+  ...
+}: {
+  # Who is allowed/expected to connect to this machine?
+  networking.firewall.allowedTCPPorts = [22];
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+
+  users.users = lib.genAttrs ["root" "linus"] (_: {
+    openssh.authorizedKeys.keys = [
+      metadata.hosts.muhammed.sshPubKey
+    ];
+  });
+}
-- 
cgit v1.2.3