main
1topArgs: {
2 flake.modules.nixos.core = {config, ...}: {
3 services.openssh = let
4 currentHostMeta = topArgs.config.flake.meta.host.hosts.${config.networking.hostName};
5 in {
6 enable = currentHostMeta.deploy; # Enable ssh server only for deployable hosts
7 ports = currentHostMeta.sshPorts;
8 settings = {
9 PermitRootLogin = "prohibit-password";
10 PasswordAuthentication = false;
11 };
12 openFirewall = true;
13 hostKeys = [
14 {
15 path = "/etc/ssh/ssh_host_ed25519_key";
16 type = "ed25519";
17 }
18 ];
19 };
20
21 environment.enableAllTerminfo = true;
22 };
23}