old
 1{
 2  lib,
 3  config,
 4  ...
 5}: let
 6  hostName = config.modules.currentHost;
 7in {
 8  # Or disable the firewall altogether.
 9  networking.firewall.enable = lib.mkDefault false;
10  # Enable the OpenSSH daemon.
11  services.openssh = {
12    enable = true;
13    ports = config.modules.my-hosts.${hostName}.sshPorts;
14    settings = {
15      # root user is used for remote deployment.
16      PermitRootLogin = "prohibit-password";
17      PasswordAuthentication = false; # disable password login
18    };
19    openFirewall = true;
20    hostKeys = [
21      {
22        path = "/etc/ssh/ssh_host_ed25519_key";
23        type = "ed25519";
24      }
25    ];
26  };
27
28  # Add terminfo database of all known terminals to the system profile.
29  # https://github.com/NixOS/nixpkgs/blob/nixos-25.05/nixos/modules/config/terminfo.nix
30  environment.enableAllTerminfo = true;
31}