nix-config/nixos/_mixins/services/openssh.nix
Greg Burd 86706b1fc7 wimpy-ified
inspired by wimpysworld nix-config
2023-09-25 14:05:07 -04:00

22 lines
451 B
Nix

{ lib, ... }: {
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = lib.mkDefault "no";
};
};
sshguard = {
enable = true;
whitelist = [
"192.168.2.0/24"
"192.168.192.0/24"
"62.31.16.154"
"80.209.186.67"
];
};
};
programs.ssh.startAgent = true;
networking.firewall.allowedTCPPorts = [ 22 ];
}