refactor: compose hosts and home-manager features explicitly

2026-04-21 16:04:06 +02:00
parent 8c254f2eb1
commit a73cefb9df
28 changed files with 322 additions and 303 deletions
@@ -1,6 +1,6 @@
 { ... }:
 {
-  flake.modules.nixos."ssh-agent-auth" = {
+  flake.modules.nixos.ssh-agent-auth = {
    security.pam = {
      sshAgentAuth.enable = true;
      services.sudo.sshAgentAuth = true;
@@ -12,18 +12,15 @@
      config,
      ...
    }:
-    let
-      isServer = config.meta.host.kind == "server";
-      hostUserNames = builtins.attrNames config.meta.host.users;
-    in
    {
+      services.openssh.openFirewall = true;
+
      services.openssh = {
        enable = true;
-        openFirewall = isServer;
        settings = {
          PermitRootLogin = "no";
          PasswordAuthentication = false;
-          AllowUsers = hostUserNames;
+          AllowUsers = builtins.attrNames config.meta.host.users;
        };
      };
    };