mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git
synced 2024-11-22 03:41:26 +00:00
Add more SSH settings
This commit is contained in:
parent
05627a1dc9
commit
7193030b37
10
README.md
10
README.md
|
@ -45,9 +45,13 @@ Example JSON config:
|
||||||
},
|
},
|
||||||
"timezone": "Europe/Moscow",
|
"timezone": "Europe/Moscow",
|
||||||
"resticPassword": "PASS",
|
"resticPassword": "PASS",
|
||||||
"rootSshKeys": [
|
"ssh": {
|
||||||
"ssh-ed25519 KEY user@host"
|
"enable": true,
|
||||||
],
|
"rootSshKeys": [
|
||||||
|
"ssh-ed25519 KEY user@host"
|
||||||
|
],
|
||||||
|
"passwordAuthentication": true
|
||||||
|
},
|
||||||
"username": "owner",
|
"username": "owner",
|
||||||
"users": [
|
"users": [
|
||||||
{
|
{
|
||||||
|
|
|
@ -37,10 +37,10 @@
|
||||||
};
|
};
|
||||||
time.timeZone = config.services.userdata.timezone;
|
time.timeZone = config.services.userdata.timezone;
|
||||||
i18n.defaultLocale = "en_GB.UTF-8";
|
i18n.defaultLocale = "en_GB.UTF-8";
|
||||||
users.users.root.openssh.authorizedKeys.keys = config.services.userdata.rootSshKeys;
|
users.users.root.openssh.authorizedKeys.keys = config.services.userdata.ssh.rootKeys;
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = config.services.userdata.ssh.enable;
|
||||||
passwordAuthentication = true;
|
passwordAuthentication = config.services.userdata.ssh.passwordAuthentication;
|
||||||
permitRootLogin = "yes";
|
permitRootLogin = "yes";
|
||||||
openFirewall = false;
|
openFirewall = false;
|
||||||
};
|
};
|
||||||
|
|
|
@ -103,10 +103,21 @@
|
||||||
"resticPassword": {
|
"resticPassword": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
"rootSshKeys": {
|
"ssh": {
|
||||||
"type": "array",
|
"type": "object",
|
||||||
"items": {
|
"properties": {
|
||||||
"type": "string"
|
"enable": {
|
||||||
|
"type": "boolean"
|
||||||
|
},
|
||||||
|
"rootKeys": {
|
||||||
|
"type": "array",
|
||||||
|
"items": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"passwordAuthentication": {
|
||||||
|
"type": "boolean"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"users": {
|
"users": {
|
||||||
|
|
|
@ -117,11 +117,24 @@ in
|
||||||
'';
|
'';
|
||||||
type = types.nullOr types.string;
|
type = types.nullOr types.string;
|
||||||
};
|
};
|
||||||
rootSshKeys = mkOption {
|
ssh = {
|
||||||
description = ''
|
enable = mkOption {
|
||||||
|
default = true;
|
||||||
|
type = types.nullOr types.bool;
|
||||||
|
};
|
||||||
|
rootKeys = mkOption {
|
||||||
|
description = ''
|
||||||
Root SSH Keys
|
Root SSH Keys
|
||||||
'';
|
'';
|
||||||
type = types.nullOr (types.listOf types.string);
|
type = types.nullOr (types.listOf types.string);
|
||||||
|
};
|
||||||
|
passwordAuthentication = mkOption {
|
||||||
|
description = ''
|
||||||
|
Password authentication for SSH
|
||||||
|
'';
|
||||||
|
default = true;
|
||||||
|
type = types.nullOr types.bool;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
timezone = mkOption {
|
timezone = mkOption {
|
||||||
description = ''
|
description = ''
|
||||||
|
|
Loading…
Reference in a new issue