hosts/blackberry/nix-ssh.nix

   1 {
   2   pkgs,
   3   lib,
   4   config,
   5   ...
   6 }:
   7 {
   8   nix = {
   9     settings.allowed-users = [ config.users.users."nix-ssh".name ];
  10     sshServe = {
  11       enable = true;
  12       keys = map lib.readFile [
  13         ../../users/julm/ssh/losurdo.pub
  14         ../../users/sevy/ssh/patate.pub
  15         ../../users/julm/ssh/pumpkin.pub
  16         ../../users/julm/ssh/oignon.pub
  17       ];
  18     };
  19   };
  20   networking.nftables.ruleset = ''
  21     table inet filter {
  22       chain input-lan {
  23         tcp dport 22 counter accept comment "SSH"
  24       }
  25     }
  26   '';
  27 }