nixosModules/ssh-server.nix at silly-iso · bwc9876.dev/nixos-config

bwc9876.dev / nixos-config

fork atom

Flake for my NixOS devices

fork atom

nixos-config / nixosModules / ssh-server.nix

at silly-iso 33 lines 852 B view raw

wrap content

Spoonbaker ssh-server: allow root login, clean up 3mo ago

30e7f9b3

 1{...}: {
 2  lib,
 3  config,
 4  ...
 5}: {
 6  options.cow.ssh-server.enable = lib.mkEnableOption "OpenSSH daemon for accepting connections + customizations. Uses port 8069";
 7
 8  config = lib.mkIf config.cow.ssh-server.enable {
 9    # For nicer term rendering
10    environment.enableAllTerminfo = true;
11
12    services.openssh = {
13      enable = true;
14      openFirewall = true;
15      banner = ''
16        -=≡ ${lib.toUpper config.networking.hostName} ≡=-
17
18      '';
19      listenAddresses = [
20        {
21          addr = "0.0.0.0";
22        }
23      ];
24      # TODO: Maybe just use 22 like a normal person
25      ports = [8069];
26      settings.PasswordAuthentication = false;
27      settings.UseDns = false;
28      # settings.LogLevel = "DEBUG1";
29      settings.PermitRootLogin = "prohibit-password";
30      settings.KbdInteractiveAuthentication = false;
31    };
32  };
33}