From f5ee7edf7d3d88b4f93d5f0e330e260f1d232c31 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Mon, 23 Oct 2023 22:08:00 +0200 Subject: add openssh access --- nixos/common.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/nixos/common.nix b/nixos/common.nix index 6868efa..7154465 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -59,8 +59,13 @@ in }; services.resolved.enable = false; + networking.extraHosts = '' + 201:8c16:538b:891c:96cb:c8f6:40dd:125d lindy + ''; + # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ + 2022 # openssh 22000 # syncthing ]; networking.firewall.allowedUDPPorts = [ @@ -118,6 +123,20 @@ in "dialout" "kvm" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9" + ]; + }; + + # -------------------- yea openssh --------------------- + + services.openssh = { + enable = true; + ports = [ 2022 ]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; }; # -------------------- packages --------------------- -- cgit v1.2.3