main
 1topArgs: {
 2  flake.modules.nixos.core = {config, ...}: {
 3    services.openssh = let
 4      currentHostMeta = topArgs.config.flake.meta.host.hosts.${config.networking.hostName};
 5    in {
 6      enable = currentHostMeta.deploy; # Enable ssh server only for deployable hosts
 7      ports = currentHostMeta.sshPorts;
 8      settings = {
 9        PermitRootLogin = "prohibit-password";
10        PasswordAuthentication = false;
11      };
12      openFirewall = true;
13      hostKeys = [
14        {
15          path = "/etc/ssh/ssh_host_ed25519_key";
16          type = "ed25519";
17        }
18      ];
19    };
20
21    environment.enableAllTerminfo = true;
22  };
23}