31 lines
629 B
Nix
31 lines
629 B
Nix
{
|
|
nixos =
|
|
{ lib, config, ... }:
|
|
let
|
|
cfg = config.features.openssh;
|
|
in
|
|
{
|
|
options.features.openssh = {
|
|
enable = lib.mkEnableOption "openssh";
|
|
|
|
port = lib.mkOption {
|
|
type = lib.types.port;
|
|
default = 22;
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ cfg.port ];
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
AllowUsers = null;
|
|
PermitRootLogin = "no";
|
|
StreamLocalBindUnlink = "yes";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|