punkfairie/marleyos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: ssh

Browse source
This commit is contained in:
punkfairie 2025-05-28 18:35:36 -07:00
parent 16f2e7fd18
commit 80db008bb7
Signed by: punkfairie
GPG key ID: B3C5488E9A1A7CA6
11 changed files with 51 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
modules/base/default.nix
View file

@ -6,6 +6,7 @@
./stylix ./stylix
./programs ./programs
./services
./profiles.nix ./profiles.nix
./home.nix ./home.nix

4
modules/base/profiles.nix
View file

@ -20,6 +20,10 @@ in {
nix-output-monitor = enabled; nix-output-monitor = enabled;
ripgrep = enabled; ripgrep = enabled;
}; };
services = {
openssh = enabled; # required for agenix
};
} }
# #
# #

5
modules/base/services/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
imports = [
./openssh.nix
];
}

19
modules/base/services/openssh.nix Normal file
View file

@ -0,0 +1,19 @@
{
lib,
config,
...
}: let
cfg = config.marleyos.services.openssh;
in {
options.marleyos.services.openssh.enable = lib.mkEnableOption "openssh";
config = lib.mkIf cfg.enable {
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
};
};
};
}

5
modules/darwin/services/default.nix Normal file
View file

@ -0,0 +1,5 @@
{
imports = [
./openssh.nix
];
}

13
modules/darwin/services/openssh.nix Normal file
View file

@ -0,0 +1,13 @@
{
lib,
config,
...
}: let
cfg = config.marleyos.services.openssh;
in {
config = lib.mkIf cfg.enable {
services.openssh.extraConfig = ''
PermitRootLogin prohibit-password
'';
};
}

1
modules/home/profiles.nix
View file

@ -28,6 +28,7 @@ in {
man = enabled; man = enabled;
nh = enabled; nh = enabled;
ripgrep = enabled; ripgrep = enabled;
ssh = enabled;
}; };
} }
# #

1
modules/home/programs/default.nix
View file

@ -25,6 +25,7 @@
./neovim.nix ./neovim.nix
./nh.nix ./nh.nix
./ripgrep.nix ./ripgrep.nix
./ssh.nix
./waybar.nix ./waybar.nix
# TODO: uncomment when swaylock is figured out # TODO: uncomment when swaylock is figured out

0
snowflake/modules/home/programs/cli/ssh/default.nix → modules/home/programs/ssh.nix
View file

2
modules/nixos/profiles.nix
View file

@ -12,13 +12,11 @@ in {
# Universal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Universal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{ {
programs = { programs = {
fish = enabled;
nh = enabled; nh = enabled;
}; };
services = { services = {
docker = enabled; docker = enabled;
openssh = enabled; # needed for agenix
}; };
} }
# #

10
modules/nixos/services/openssh.nix
View file

@ -5,15 +5,9 @@
}: let }: let
cfg = config.marleyos.services.openssh; cfg = config.marleyos.services.openssh;
in { in {
options.marleyos.services.openssh.enable = lib.mkEnableOption "openssh";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services.openssh = { services.openssh.settings = {
enable = true; PermitRootLogin = "prohibit-password";
settings = {
PermitRootLogin = "prohibit-password";
};
}; };
}; };
} }