1 { pkgs, lib, config, machines, ... }:
3 inherit (config.security) gnupg;
4 inherit (config.users) users;
7 systemd.services.ssh-mermet-reverse = {
8 after = [ "network-online.target" ];
9 wantedBy = [ "multi-user.target" ];
12 ExecStart = ''${pkgs.openssh}/bin/ssh -v -g -N -T \
13 -o ServerAliveInterval=10 \
14 -o ExitOnForwardFailure=yes \
15 -R *:10022:localhost:22 \
16 ${machines.mermet.extraArgs.ipv4}
22 boot.initrd.network.ssh = {
25 authorizedKeys = users.root.openssh.authorizedKeys.keys;
26 hostKeys = [ "/root/initrd/ssh.key" ];
28 services.upnpc.redirections = [
29 { port = 22; externalPort = 10022; protocol = "TCP"; } # SSH
30 { port = 2222; protocol = "TCP"; } # SSH (boot)
31 { port = 60000; protocol = "UDP"; } # Mosh
32 { port = 60001; protocol = "UDP"; } # Mosh
33 { port = 60002; protocol = "UDP"; } # Mosh