SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 17:31:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move web-service-modules into a separate directory

Browse source
This commit is contained in:
SebastianStork 2025-10-11 15:36:21 +02:00
parent 52c510d612
commit b2680db359
18 changed files with 0 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

31
modules/system/webServices/forgejo/ssh.nix Normal file
View file

@ -0,0 +1,31 @@
{ config, lib, ... }:
let
cfg = config.custom.services.forgejo.ssh;
in
{
options.custom.services.forgejo.ssh = {
enable = lib.mkEnableOption "";
port = lib.mkOption {
type = lib.types.port;
default = 22;
};
};
config = lib.mkIf cfg.enable {
meta.ports.tcp.list = [ cfg.port ];
services.forgejo.settings.server.SSH_PORT = cfg.port;
services.openssh = {
enable = true;
ports = lib.mkForce [ cfg.port ];
authorizedKeysFiles = lib.mkForce [ "${config.services.forgejo.stateDir}/.ssh/authorized_keys" ];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
AllowUsers = [ config.services.forgejo.user ];
};
};
};
}