change deploy-rs to nixinate, change user to use passwordFile, add password age secret, remove NetworkManager-wait-online.service

author: tzlil <tzlils@protonmail.com> 2023-01-21 17:34:49 +0200
committer: tzlil <tzlils@protonmail.com> 2023-01-21 17:34:49 +0200
commit: d9317de584c66b068a336889aa9adc3ac3837e5e (patch)
tree: f9418f271c8e9bdc2cc6075de471bc4b7049f965 /profiles/ssh.nix
parent: 5aa3d1eb375f7d67b717f0306752bd974fce1fbc (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/profiles/ssh.nix b/profiles/ssh.nix
index e0a623a..4c12cc7 100644
--- a/profiles/ssh.nix
+++ b/profiles/ssh.nix
@@ -5,10 +5,7 @@
     services.openssh = {
       enable = true;
       openFirewall = false;
-      passwordAuthentication = false;
-      kbdInteractiveAuthentication = false;
       allowSFTP = false;
-      permitRootLogin = "no";
       startWhenNeeded = true;
       extraConfig = ''
         AllowTcpForwarding yes
@@ -20,6 +17,11 @@
 
         AllowUsers tzlil
       '';
+      settings = {
+        permitRootLogin = "no";
+        passwordAuthentication = false;
+        kbdInteractiveAuthentication = false;
+      };
     };
     environment.persistence."/nix/persist" = {
       hideMounts = true;
author	tzlil <tzlils@protonmail.com>	2023-01-21 17:34:49 +0200
committer	tzlil <tzlils@protonmail.com>	2023-01-21 17:34:49 +0200
commit	d9317de584c66b068a336889aa9adc3ac3837e5e (patch)
tree	f9418f271c8e9bdc2cc6075de471bc4b7049f965 /profiles/ssh.nix
parent	5aa3d1eb375f7d67b717f0306752bd974fce1fbc (diff)