Alice Huston
1a8a2fa394
* change formatter to nixfmt-rfc-style Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * Add rfc-style fmt'ing Signed-off-by: ahuston-0 <aliceghuston@gmail.com> --------- Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
30 lines
671 B
Nix
30 lines
671 B
Nix
# BIASED
|
|
{ config, lib, ... }:
|
|
{
|
|
config = {
|
|
services = {
|
|
openssh = lib.mkIf config.services.gitea.enable {
|
|
extraConfig = ''
|
|
Match User gitea
|
|
PermitTTY no
|
|
X11Forwarding no
|
|
'';
|
|
};
|
|
|
|
gitea.settings."ssh.minimum_key_sizes" = lib.mkIf config.services.gitea.enable {
|
|
ECDSA = -1;
|
|
RSA = 4095;
|
|
};
|
|
|
|
endlessh-go = lib.mkIf (!builtins.elem 22 config.services.openssh.ports) {
|
|
enable = true;
|
|
port = 22;
|
|
};
|
|
};
|
|
|
|
networking.firewall = lib.mkIf config.services.openssh.enable {
|
|
allowedTCPPorts = config.services.openssh.ports ++ [ 22 ];
|
|
};
|
|
};
|
|
}
|