28 lines
523 B
Nix
28 lines
523 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [8123];
|
|
settings = {
|
|
PermitRootLogin = "prohibit-password";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
users.users.root.openssh.authorizedKeys.keyFiles = [
|
|
../../.secrets/id_ed25519.pub
|
|
];
|
|
|
|
users.users.admin = {
|
|
isNormalUser = true;
|
|
extraGroups = ["wheel" "docker"];
|
|
openssh.authorizedKeys.keyFiles = [
|
|
../../.secrets/id_ed25519.pub
|
|
];
|
|
};
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
}
|