28 lines
596 B
Nix
28 lines
596 B
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}: {
|
|
config = lib.mkMerge [
|
|
{
|
|
services = {
|
|
openssh = {
|
|
enable = true;
|
|
ports = [22];
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
UseDns = true;
|
|
X11Forwarding = false;
|
|
};
|
|
};
|
|
};
|
|
}
|
|
(lib.mkIf config.host.impermanence.enable {
|
|
environment.persistence."/persist/system/root" = {
|
|
files = lib.lists.flatten (
|
|
builtins.map (hostKey: [hostKey.path "${hostKey.path}.pub"]) config.services.openssh.hostKeys
|
|
);
|
|
};
|
|
})
|
|
];
|
|
}
|