21 lines
371 B
Nix
21 lines
371 B
Nix
{ config, ... }:
|
|
let
|
|
sshPort = config.hostSpec.networking.ports.tcp.ssh;
|
|
in
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ sshPort ];
|
|
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
KbdInteractiveAuthentication = false;
|
|
PasswordAuthentication = false;
|
|
};
|
|
|
|
openFirewall = true;
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ sshPort ];
|
|
}
|