{ config, lib, pkgs, ... }: let cfg = config.vhack.rust-motd; # List all users that can login pred = n: v: ( false # <- just here for neat formatting || v.initialHashedPassword != null || v.initialPassword != null || v.hashedPassword != null || v.hashedPasswordFile != null || v.password != null || v.passwordFile != null || v.openssh.authorizedKeys.keys != [] || v.openssh.authorizedKeys.keyFiles != [] ); userList = builtins.mapAttrs (n: v: 2) (lib.filterAttrs pred config.users.users); bannerFile = pkgs.runCommandNoCCLocal "banner-file" { nativeBuildInputs = [pkgs.figlet]; } '' echo "${config.system.name}" | figlet -f slant > "$out" ''; in { options.vhack.rust-motd = { enable = lib.mkEnableOption "rust-motd"; }; config = lib.mkIf cfg.enable { systemd.services.rust-motd = { path = with pkgs; [ bash fail2ban # Needed for rust-motd fail2ban integration ]; }; programs.rust-motd = { enable = true; enableMotdInSSHD = true; refreshInterval = "*:0/5"; # 0/5 means: hour 0 AND all hour wich match (0 + 5 * x) (is the same as: 0, 5, 10, 15, 20) # An example is here: https://raw.githubusercontent.com/rust-motd/rust-motd/refs/heads/main/example_config.toml settings = { global = { progress_full_character = "="; progress_empty_character = "-"; progress_prefix = "["; progress_suffix = "]"; time_format = "%Y-%m-%d %H:%M:%S"; }; banner = { color = "red"; # Avoid some runtime dependencies. command = "cat ${bannerFile}"; }; uptime = { prefix = "Uptime:"; }; filesystems = { root = "/"; persistent = "/srv"; store = "/nix"; boot = "/boot"; }; memory = { swap_pos = "beside"; # or "below" or "none" }; fail2_ban = { jails = ["sshd"]; #, "anotherjail"] }; last_login = userList; last_run = {}; }; }; }; }