diff options
| author | Christian Krinitsin <code@krinitsin.xyz> | 2025-02-26 13:01:03 +0100 |
|---|---|---|
| committer | Christian Krinitsin <code@krinitsin.xyz> | 2025-02-26 13:01:03 +0100 |
| commit | b34aaf1162115147b202a9f1cfda208a189d5bb6 (patch) | |
| tree | 8989939780ae9e86096f6b96ac0f0a71fb41954d | |
| parent | dc0eb0ec4674ee97a7bbf0070ce841afbf47b994 (diff) | |
| download | nosix-b34aaf1162115147b202a9f1cfda208a189d5bb6.tar.gz nosix-b34aaf1162115147b202a9f1cfda208a189d5bb6.zip | |
refactor configuration
| -rw-r--r-- | modules/ssh.nix | 10 | ||||
| -rw-r--r-- | modules/user.nix | 11 |
2 files changed, 21 insertions, 0 deletions
diff --git a/modules/ssh.nix b/modules/ssh.nix new file mode 100644 index 0000000..44580d7 --- /dev/null +++ b/modules/ssh.nix @@ -0,0 +1,10 @@ +{ config, libs, pkgs, ... }: +{ + + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; + }; + networking.firewall.allowedTCPPorts = [ 22 ]; + +} diff --git a/modules/user.nix b/modules/user.nix new file mode 100644 index 0000000..39db362 --- /dev/null +++ b/modules/user.nix @@ -0,0 +1,11 @@ +{ config, libs, pkgs, ... }: +{ + + users.users.admin = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZxiAIsF13XqqxG0QzGFhT3iLDMsu2snb0wJOPUUq8e chris@deskpin" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwlqdl/70dJ1ABKwLEdLB6/RDpfE4RVaB+xL3YJ1v3+ chris@kingpin" ]; + }; + security.sudo.wheelNeedsPassword = false; + +} |