Alice Huston
241c66f5ec
* external SMTP for hydra Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * nix-serve sops Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add binary cache * add hydra jobs * cleanup (#50) * finish up cleanup branch merge * switched back to nixpkgs-fmt * add nixpkgs-fmt to hydrajobs.build --------- Signed-off-by: ahuston-0 <aliceghuston@gmail.com> Co-authored-by: Dennis Wuitz <dennish@wuitz.de> Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>
28 lines
662 B
Nix
28 lines
662 B
Nix
# BIASED
|
|
{ config, lib, ... }: {
|
|
config = {
|
|
services = {
|
|
|
|
openssh = lib.mkIf config.services.gitea.enable {
|
|
extraConfig = ''
|
|
Match User gitea
|
|
PermitTTY no
|
|
X11Forwarding no
|
|
'';
|
|
};
|
|
|
|
gitea.settings."ssh.minimum_key_sizes" = lib.mkIf config.services.gitea.enable {
|
|
ECDSA = -1;
|
|
RSA = 4095;
|
|
};
|
|
|
|
endlessh-go = lib.mkIf (!builtins.elem 22 config.services.openssh.ports) {
|
|
enable = true;
|
|
port = 22;
|
|
};
|
|
};
|
|
|
|
networking.firewall = lib.mkIf config.services.openssh.enable { allowedTCPPorts = config.services.openssh.ports ++ [ 22 ]; };
|
|
};
|
|
}
|