32 lines
551 B
Nix
32 lines
551 B
Nix
{ machines, ...}:
|
|
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
};
|
|
listenAddresses = [
|
|
{
|
|
addr = "192.168.1.201";
|
|
port = 2222;
|
|
}
|
|
{
|
|
addr = "10.100.0.2";
|
|
port = 2222;
|
|
}
|
|
];
|
|
};
|
|
|
|
networking.firewall.interfaces.eno1 = {
|
|
allowedTCPPorts = [ 2222 ];
|
|
};
|
|
|
|
users.users.usr.openssh.authorizedKeys.keys = [
|
|
machines.copernicus.pubkey
|
|
machines.aristotle.pubkey
|
|
machines.phone.pubkey
|
|
];
|
|
}
|