28 lines
559 B
Nix
28 lines
559 B
Nix
{ ... }:
|
|
{
|
|
flake.modules.nixos.openssh =
|
|
{
|
|
config,
|
|
hostType ? "desktop",
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
isServer = hostType == "server";
|
|
hostUserNames = builtins.attrNames (
|
|
lib.filterAttrs (_: user: user.isNormalUser or false) config.users.users
|
|
);
|
|
in
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
openFirewall = isServer;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
AllowUsers = hostUserNames;
|
|
};
|
|
};
|
|
};
|
|
}
|