mirror of
https://github.com/SebastianStork/nixos-config.git
synced 2026-01-22 00:21:34 +01:00
17 lines
527 B
Nix
17 lines
527 B
Nix
{ config, lib, ... }:
|
|
{
|
|
options.custom.services.forgejo.ssh.enable = lib.mkEnableOption "";
|
|
|
|
config = lib.mkIf config.custom.services.forgejo.ssh.enable {
|
|
services.openssh = {
|
|
enable = true;
|
|
authorizedKeysFiles = lib.mkForce [ "${config.services.forgejo.stateDir}/.ssh/authorized_keys" ];
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
PermitRootLogin = "no";
|
|
AllowUsers = [ config.users.users.forgejo.name ];
|
|
};
|
|
};
|
|
};
|
|
}
|