porthos: services: extract ssh-server

This commit is contained in:
Bruno BELANYI 2021-02-07 10:39:13 +00:00
parent 3b148ad684
commit 21747212dd
3 changed files with 26 additions and 7 deletions

View file

@ -35,6 +35,8 @@ in
rss-bridge.enable = true; rss-bridge.enable = true;
# Usenet client # Usenet client
sabnzbd.enable = true; sabnzbd.enable = true;
# Because I stilll need to play sysadmin
ssh-server.enable = true;
# Torrent client and webui # Torrent client and webui
transmission = { transmission = {
enable = true; enable = true;
@ -47,11 +49,4 @@ in
enable = true; enable = true;
enableSSHSupport = true; enableSSHSupport = true;
}; };
programs.mosh.enable = true; # Opens the relevant UDP ports.
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.openssh.permitRootLogin = "no";
services.openssh.passwordAuthentication = false;
} }

View file

@ -14,6 +14,7 @@
./quassel.nix ./quassel.nix
./rss-bridge.nix ./rss-bridge.nix
./sabnzbd.nix ./sabnzbd.nix
./ssh-server.nix
./transmission.nix ./transmission.nix
]; ];
} }

23
services/ssh-server.nix Normal file
View file

@ -0,0 +1,23 @@
# An SSH server, using 'mosh'
{ config, lib, ... }:
let
cfg = config.my.services.ssh-server;
in
{
options.my.services.ssh-server = {
enable = lib.mkEnableOption "SSH Server using 'mosh'";
};
config = lib.mkIf cfg.enable {
services.openssh = {
# Enable the OpenSSH daemon.
enable = true;
# Be more secure
permitRootLogin = "no";
passwordAuthentication = false;
};
# Opens the relevant UDP ports.
programs.mosh.enable = true;
};
}