Merge branch 'server1' into server1_users

author: sils <sils@sils.li> 2023-01-20 22:34:22 +0100
committer: sils <sils@sils.li> 2023-01-20 22:34:22 +0100
commit: 259e4107ed4e841484a3c818c5367971d29feeb9 (patch)
tree: fc1b91f08f214eff15fdbb527c0360e1db7dcfe5
parent: Merge branch 'server1' into server1_users (diff)
parent: Merge pull request 'Remove ssh from the config file and make it's keys persis... (diff)
download: nixos-server-259e4107ed4e841484a3c818c5367971d29feeb9.zip
2 files changed, 20 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix
index 1c06bb2..75701ad 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -8,6 +8,7 @@
 
     ./services/minecraft.nix
     ./services/rust-motd.nix
+    ./services/opensshd.nix
   ];
 
   boot.cleanTmpDir = true;
diff --git a/services/opensshd.nix b/services/opensshd.nix
new file mode 100644
index 0000000..4bd38fd
--- /dev/null
+++ b/services/opensshd.nix
@@ -0,0 +1,19 @@
+{ config, pkg, ... }: {
+  services.openssh = {
+    enable = true;
+    passwordAuthentication = false;
+    extraConfig = ''
+      PrintMotd yes
+    ''; # this could be done with pam
+    hostKeys = [{
+      comment = "key comment";
+      path = "/srv/sshd/ssh_host_ed25519_key";
+      rounds = 1000;
+      type = "ed25519";
+    }];
+  };
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG63gxw8JePmrC8Fni0pLV4TnPBhCPmSV9FYEdva+6s7 sils"
+  ];
+}
author	sils <sils@sils.li>	2023-01-20 22:34:22 +0100
committer	sils <sils@sils.li>	2023-01-20 22:34:22 +0100
commit	259e4107ed4e841484a3c818c5367971d29feeb9 (patch)
tree	fc1b91f08f214eff15fdbb527c0360e1db7dcfe5
parent	Merge branch 'server1' into server1_users (diff)
parent	Merge pull request 'Remove ssh from the config file and make it's keys persis... (diff)
download	nixos-server-259e4107ed4e841484a3c818c5367971d29feeb9.zip