diff options
Diffstat (limited to 'modules/services')
| -rw-r--r-- | modules/services/ssh/default.nix | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/modules/services/ssh/default.nix b/modules/services/ssh/default.nix index dd25795..6f2def1 100644 --- a/modules/services/ssh/default.nix +++ b/modules/services/ssh/default.nix @@ -1,15 +1,23 @@ -{ lib, ... }: +{ + config, + lib, + ... +}: let - ports = [ 2222 ]; + sshPort = 2222; + wheelUsers = + with config.users; + with builtins; + filter (u: elem "wheel" users.${u}.extraGroups) (attrNames users); in { services.openssh = { enable = lib.mkDefault true; - ports = ports; openFirewall = true; startWhenNeeded = true; + ports = [ sshPort ]; settings = { - AllowUsers = [ "tdback" ]; + AllowUsers = wheelUsers; PermitRootLogin = "no"; PasswordAuthentication = lib.mkDefault false; }; |