From 4967e846a857524415a0cec4c97c966049393715 Mon Sep 17 00:00:00 2001 From: Alexander Heldt Date: Sat, 20 Jul 2024 20:12:23 +0200 Subject: [PATCH] tadpole: Add `ssh` module --- hosts/tadpole/configuration.nix | 4 +-- hosts/tadpole/modules/default.nix | 4 ++- hosts/tadpole/modules/ssh/default.nix | 37 +++++++++++++++++++++++++++ 3 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 hosts/tadpole/modules/ssh/default.nix diff --git a/hosts/tadpole/configuration.nix b/hosts/tadpole/configuration.nix index a368058..e83c2e1 100644 --- a/hosts/tadpole/configuration.nix +++ b/hosts/tadpole/configuration.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { imports = @@ -33,8 +33,6 @@ vim ]; - services.openssh.enable = true; - config-manager = { flakePath = "/home/alex/config"; }; diff --git a/hosts/tadpole/modules/default.nix b/hosts/tadpole/modules/default.nix index c3a3753..56689cc 100644 --- a/hosts/tadpole/modules/default.nix +++ b/hosts/tadpole/modules/default.nix @@ -7,6 +7,8 @@ in imports = lib.mapAttrsToList toModulePath (filterDirs (builtins.readDir ./.)); config = { - mod = {}; + mod = { + ssh.enable = true; + }; }; } diff --git a/hosts/tadpole/modules/ssh/default.nix b/hosts/tadpole/modules/ssh/default.nix new file mode 100644 index 0000000..33b2881 --- /dev/null +++ b/hosts/tadpole/modules/ssh/default.nix @@ -0,0 +1,37 @@ +{ lib, config, ... }: +let + enabled = config.mod.ssh.enable; +in +{ + options = { + mod.ssh = { + enable = lib.mkEnableOption "enable ssh module"; + }; + }; + + config = lib.mkIf enabled { + home-manager.users.alex = { + programs.ssh = { + enable = true; + }; + }; + + services = { + openssh = { + enable = true; + ports = [ 1122 ]; + + hostKeys = [{ + path = "/etc/ssh/tadpole"; + type = "ed25519"; + }]; + }; + }; + + networking = { + firewall = { + allowedTCPPorts = [ 1122 ]; + }; + }; + }; +}