kalipso/infrastructure
1
1
Fork 1
Code Issues 43 Pull Requests 3 Actions Projects 2 Releases Wiki Activity

[lucia] reenable root ssh

Browse Source
This commit is contained in:
kalipso
2023-12-05 18:37:15 +01:00
parent d887cdbf03
commit 358eb29fc4
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
machines/configuration.nix
View File

@@ -58,6 +58,7 @@ in
specialArgs.inputs = inputs; specialArgs.inputs = inputs;
modules = defaultModules ++ [ modules = defaultModules ++ [
./lucia/configuration.nix ./lucia/configuration.nix
./lucia/hardware_configuration.nix
]; ];
}; };

8
machines/lucia/configuration.nix
View File

@@ -3,14 +3,18 @@
{ {
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware_configuration.nix
../modules/sshd.nix
../modules/malobeo_user.nix ../modules/malobeo_user.nix
]; ];
sops.defaultSopsFile = ./secrets.yaml; sops.defaultSopsFile = ./secrets.yaml;
sops.secrets.njala_api_key = {}; sops.secrets.njala_api_key = {};
services.openssh.enable = true;
services.openssh.ports = [ 22 ];
services.openssh.passwordAuthentication = false;
services.openssh.settings.PermitRootLogin = "prohibit-password";
users.users.root.openssh.authorizedKeys.keys = import ../ssh_keys.nix;
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default) # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false; boot.loader.grub.enable = false;
boot.loader.raspberryPi.enable = false; boot.loader.raspberryPi.enable = false;