james/nil
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Split out ssh configuration

Browse Source
This commit is contained in:
James Patrick 2022-08-13 23:10:13 -04:00
parent f4dfcb7358
commit 7d86731622
2 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/system/ssh.nix Normal file
View File

@ -0,0 +1,28 @@
{ config, lib, pkgs, ... }:
#with lib.my;
with lib;
let
this = config.my.system.ssh;
publicKey = pkgs.fetchurl {
url = "https://github.com/jamesepatrick.keys";
sha256 = "sha256-alm6KRFca4VjzTyVEg+j1s0uKaSfvV76o3sgYNAisSA=";
};
in {
options.my = {
system.ssh.enable = mkOption {
default = true;
type = with types; bool;
};
};
config = mkIf this.enable {
# Openssh settings for security
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
users.users.james.openssh.authorizedKeys.keyFiles = [ publicKey ];
};
}

11
profiles/minimal.nix
View File

@ -1,10 +1,6 @@
{ inputs, config, pkgs, ... }: { inputs, config, pkgs, ... }:
let let
publicKey = pkgs.fetchurl {
url = "https://github.com/jamesepatrick.keys";
sha256 = "sha256-alm6KRFca4VjzTyVEg+j1s0uKaSfvV76o3sgYNAisSA=";
};
in { in {
imports = [ imports = [
@ -45,7 +41,6 @@ in {
extraGroups = [ "wheel" "systemd-journal" ]; extraGroups = [ "wheel" "systemd-journal" ];
initialPassword = "nixos"; initialPassword = "nixos";
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ publicKey ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
}; };
@ -70,10 +65,4 @@ in {
enableSSHSupport = true; enableSSHSupport = true;
}; };
# Openssh settings for security
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
} }