Flamingo/NixOSConfiguration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

moved ssh into its own file

Browse Source
This commit is contained in:
Frederik Jacobsen 2025-02-12 20:02:50 +01:00
parent 7ec081dba0
commit b7f641a476
2 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
configuration.nix
View File

@ -8,6 +8,7 @@
imports =
[ # Include the results of the hardware scan.
/etc/nixos/hardware-configuration.nix
./ssh-configuration.nix
];
# Bootloader.
@ -83,23 +84,6 @@
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
AllowUsers = null; # Allows all users by default. Can be [ "user1" "user2" ]
UseDns = true;
X11Forwarding = false;
PermitRootLogin = "prohibit-password"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
};
};
users.users."frederik".openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDESaa260m4XAX6OJWkaH/MHVAy2eD8BO3QH740wn2CLQXuvAvZjpAVEZbfizPoHXZrEqEKPIALoOXNzUNm1H07+fh7PEOqGGS0x9b/8o1+MuiWYJQ4HlBfgWO80lI0WO40s1qEjminKgfQB8BmfwzrMq16ChCd0Pyt8O0a04K7ItZQBGHocgbEyKTyABUM+2Brz6zo9WJjkmQWbrUAjaCBaqLIJQgiT3GbdU4MPmIRyIDXQuiO0epbF2vyowqDGHar8C1pSSgyRCjnCl8VhCdRY+NjE5+s1WhQ0VFpp4jiUHDTfbIJx+ejXdAGHhEaxZOKqkkQWoEe/DJGTjOKkExkpwphdTMO5Ar/Gi6SQpeCuKQmjCzaVvcHPQRdnCA7txllF96fUPrKMeYI1ImT9npc2BlSZjjUprDGjAS0E5KRPOE2nJLCcRKwrShnCnN54jPW4L5xBPrWJkGkaD2Ks1LhD0RmX3Js5ytF3LLBq52Z/w2LvBEM8tGXglL21vpgyiVXcTKOe7Ywhp2XQ4O5Hukj0edKJLfU/0X4N6iSM8Ho8tnQtRB7oaw7pu1Rpoz63j1dU5knp9GYqCs37bAFBVkLymVn6NJi7NHTWY5IMXmxnov4JaoGQuYrV3Cpgiif7fTU9AlC0yxnJa5tHwJ5UEx4ltcEsIVnl678PLQtAWWmnQ== frederik1904@gmail.com" # content of authorized_keys file
];
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];

16
ssh-configuration.nix Normal file
View File

@ -0,0 +1,16 @@
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
AllowUsers = null; # Allows all users by default. Can be [ "user1" "user2" ]
UseDns = true;
X11Forwarding = false;
PermitRootLogin = "prohibit-password"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
};
};
users.users."frederik".openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDESaa260m4XAX6OJWkaH/MHVAy2eD8BO3QH740wn2CLQXuvAvZjpAVEZbfizPoHXZrEqEKPIALoOXNzUNm1H07+fh7PEOqGGS0x9b/8o1+MuiWYJQ4HlBfgWO80lI0WO40s1qEjminKgfQB8BmfwzrMq16ChCd0Pyt8O0a04K7ItZQBGHocgbEyKTyABUM+2Brz6zo9WJjkmQWbrUAjaCBaqLIJQgiT3GbdU4MPmIRyIDXQuiO0epbF2vyowqDGHar8C1pSSgyRCjnCl8VhCdRY+NjE5+s1WhQ0VFpp4jiUHDTfbIJx+ejXdAGHhEaxZOKqkkQWoEe/DJGTjOKkExkpwphdTMO5Ar/Gi6SQpeCuKQmjCzaVvcHPQRdnCA7txllF96fUPrKMeYI1ImT9npc2BlSZjjUprDGjAS0E5KRPOE2nJLCcRKwrShnCnN54jPW4L5xBPrWJkGkaD2Ks1LhD0RmX3Js5ytF3LLBq52Z/w2LvBEM8tGXglL21vpgyiVXcTKOe7Ywhp2XQ4O5Hukj0edKJLfU/0X4N6iSM8Ho8tnQtRB7oaw7pu1Rpoz63j1dU5knp9GYqCs37bAFBVkLymVn6NJi7NHTWY5IMXmxnov4JaoGQuYrV3Cpgiif7fTU9AlC0yxnJa5tHwJ5UEx4ltcEsIVnl678PLQtAWWmnQ== frederik1904@gmail.com" # content of authorized_keys file
];