diff options
| author | Freya Murphy <freya@freyacat.org> | 2025-06-23 22:33:44 -0400 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2025-06-23 22:33:44 -0400 |
| commit | 328c741b1aac74020412e99e0dca7c728dbc92fa (patch) | |
| tree | 461f4ebcd3252d542749a34668defd62de356c73 /programs/ssh/default.nix | |
| parent | removed unused packages (diff) | |
| download | dotfiles-nix-328c741b1aac74020412e99e0dca7c728dbc92fa.tar.gz dotfiles-nix-328c741b1aac74020412e99e0dca7c728dbc92fa.tar.bz2 dotfiles-nix-328c741b1aac74020412e99e0dca7c728dbc92fa.zip | |
refactor
Diffstat (limited to 'programs/ssh/default.nix')
| -rw-r--r-- | programs/ssh/default.nix | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/programs/ssh/default.nix b/programs/ssh/default.nix deleted file mode 100644 index b6ecb1d..0000000 --- a/programs/ssh/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - config, - lib, - ... -}: { - # ssh config - home-manager.users.${config.user} = { - programs.ssh = { - enable = true; - extraConfig = lib.fileContents ./config; - }; - }; - - # sshd - services.openssh = { - enable = true; - ports = [22]; - settings = { - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - UseDns = true; - X11Forwarding = false; - PermitRootLogin = "no"; - }; - }; - - # allow ssh port - networking.firewall.allowedTCPPorts = [22]; - - # ban evil - services.fail2ban = { - enable = true; - ignoreIP = [ - # freyanet - "10.0.0.0/14" - ]; - }; - - # add authorized keys - users.users.${config.user} = { - openssh.authorizedKeys.keyFiles = [ - ../../files/keys/ssh.pub - ]; - }; -} |