mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-26 18:16:13 +01:00
34 lines
681 B
Nix
34 lines
681 B
Nix
# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
|
|
#
|
|
# SPDX-License-Identifier: LGPL-3.0-or-later
|
|
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.magic_rb.vpsRemoteAccess;
|
|
in {
|
|
options.magic_rb = {
|
|
vpsRemoteAccess = {
|
|
enable = mkEnableOption "Enable VPS remote access module.";
|
|
trustedWheel = mkEnableOption "Add the wheel group to Nix trusted-users.";
|
|
};
|
|
};
|
|
|
|
config =
|
|
mkIf cfg.enable
|
|
{
|
|
nix.settings.trusted-users =
|
|
mkIf cfg.trustedWheel
|
|
["@wheel"];
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
passwordAuthentication = false;
|
|
permitRootLogin = "no";
|
|
};
|
|
};
|
|
}
|